Exporting and importing data
The export feature creates a full organisation JSON snapshot in the background. It is intended for tenant portability, audit review, support investigation, and controlled internal analysis.
Start an export from Organisation Settings, Data. TOW queues a tracked TOW JSON export run, notifies the requesting admin when it completes, and then makes tow-export.json available to download from the Data tab. Organisation export and import require organisation admin access.
Completed export files are temporary. They are stored by TOW for up to 48 hours, then deleted automatically by the migration worker. Start a fresh export if the previous download has expired.
What the export contains
The export includes:
| Dataset | Examples |
|---|---|
| Raw events | Captured inputs, source metadata, timestamps, and content hashes. |
| Docs | Pages, revisions, chunks, references, tags, and metadata. |
| Memory | Memory type, title, body, status, confidence, source references, validity dates, and review flags. |
| Snapshots | Company or project snapshot content, type, status, sources, and validity dates. |
| Tickets | Issue key, type, title, description, status, priority, labels, due dates, assignees, hierarchy, progress, estimates, and source references. |
| Ticket history | Comments, activity, and links. |
| Operating records | Commitments, daily sessions, AI summaries, memory basis, and operating proposals. |
| Decisions and risks | Context, decisions, alternatives, consequences, severity, likelihood, mitigation, and status. |
| Access and configuration | Members, groups, projects, boards, permissions, custom fields, automations, agents, chat assistants, notifications, migrations, and organisation settings. |
| Uploads | File attachment metadata and embedded base64 file contents. |
The export is JSON, not a formatted report. It is best opened in approved analysis tools, secure data stores, or support tooling.
Scope
Exports are tied to the active organisation. They include organisation-owned records and referenced user profiles needed to preserve authorship, membership, comments, activity, and history.
Secrets are redacted. This includes password hashes, verification tokens, invite tokens, webhook tokens, organisation authentication secrets, organisation AI API keys, and migration credentials. Imported authentication and AI-provider configuration is restored in a disabled or non-secret state so it must be reviewed before use.
Exports are not a replacement for infrastructure backup. They do not preserve external search engine state, logs outside the database, or deployment configuration.
Importing
Import a tow-export.json file from Organisation Settings, Data. TOW creates a new organisation immediately and queues a tracked TOW JSON migration run.
During import:
- Every organisation record receives a new ID, so the same export can be imported back into the same instance safely.
- Existing users are matched by email.
- Missing users are created as inactive accounts without passwords.
- The importing admin is made an owner of the new organisation.
- Uploaded files are written as new attachments with new storage keys.
- Public links, invites, webhook tokens, pending emails, pending migrations, queued automations, and queued agent runs are neutralized so imported historical state does not resume unexpectedly.
The export can contain confidential business information, private strategy, customer details, uploaded files, AI-generated summaries, and security-relevant metadata. Store exports only in approved systems and delete temporary copies after use.
Handling guidance
Before exporting:
- Confirm you are in the intended active organisation.
- Confirm your project scope and access are appropriate for the review.
- Use a trusted device.
- Avoid exporting during a screen share unless everyone is authorized to see the data.
After exporting:
- Move the file to an approved secure location.
- Apply your organisation's retention policy.
- Do not send raw exports over unmanaged email or chat.
- Redact sensitive fields before sharing with external support unless a data processing agreement covers the transfer.
Backups and legal holds
Use database and volume backups for disaster recovery. Use JSON export for user-accessible review and investigation.
For legal hold, compliance review, or incident response, coordinate with the server administrator so database records, upload volume contents, logs, and relevant configuration are preserved together.