HELP← All articles

Data export + delete

OraTek gives you self-service tools to fulfill GDPR / CCPA right-of-access and right-of-erasure requests on yourself. No emails to support required.

Export your data

1. Settings → Data rights → Download my data.
2. Browser downloads a single JSON file named oratek-export-<date>.json.

What's in the export

If you're an admin, you get the full org: organization, users (without password hashes), teams, divisions, contacts, tasks, candidates, candidate attachments (base64), team messages, team chat groups, audit log (last 5,000 entries), workflow rules. Roughly everything we can attribute to your org.

If you're a rep, you get only what's attributable to you: your user record, contacts you own or created, tasks you own or created, team messages you sent, your audit log entries.

Delete your organization

Admins only. This is a soft-delete with a 30-day undo window.

1. Settings → Data rights → Delete organization.
2. Type DELETE to confirm.
3. Org enters "pending deletion" state. Members can still sign in for the 30-day grace.
4. After 30 days, a worker hard-deletes the org and all cascading data. Backups roll off the standard 7-day retention.

Cancel a pending deletion

Email privacy@oratekdx.com from your admin email before the grace expires. We'll reverse it within one business day. (A self-serve "cancel-delete" button is shipping in the next release.)

For employees (right-to-access on themselves only)

Settings → Data rights → Download my data → returns just YOUR attributable records. Reps don't have access to org-wide export.

HIPAA / PHI

OraTek is designed not to handle PHI. If you've entered protected health information into free-text fields (notes, descriptions), contact us immediately at privacy@oratekdx.com and we'll work with you on remediation. For customers planning to handle PHI as part of their use case, contact us to execute a BAA before doing so.