Data export: GDPR and user-facing CSV/JSON of stream and payout history

[greatest0fallt1me]

Asynchronous data export of stream history and settlement records

    ## Description

    Provide a **self-serve** **export** of a user’s **stream** and **payout** history for

compliance and user trust. Large exports are async (job + email or download
link) and redacted to least privilege.

    ## Requirements and context

    - **Async** job for large data; `GET /exports/:id` for status; signed URL to S3 or equivalent.

• PII policy in export: fields listed; right to be forgotten respected.

• Tests: happy path, empty history, >10k rows pagination in generation.

• Audit when export is requested and downloaded.

• Link in privacy policy; retention of export file short-lived.

    ## Suggested execution
  
    1. `git checkout -b feature/gdpr-stream-export`
  

2. Implement job + storage with lifecycle rule (delete after 7 days, example).

3. PR with sample (synthetic) CSV header line.

4. Security review: signed URL TTL, no directory traversal, authZ on all ids.

5. Timeframe: 96h to MVP; iterate on columns in follow-up.

    ## Test and commit
   

• Run the full test suite; add or update tests until the agreed coverage bar is met.
• Cover edge cases listed in this issue; document any intentional exclusions with brief rationale in the PR.
• Include relevant test output (e.g. test runner summary) or a link to a passing CI run in the pull request.
• Add security notes for auth, keys, PII, chain settlement, or money movement (assumptions verified, out-of-scope items).

Example commit message

feat(privacy): async GDPR-oriented export of stream and payout history

Guidelines

• Target: at least 95% coverage on new or meaningfully changed code (per the repo’s standard tooling).
• Documentation: update contributor-facing or API documentation where a reviewer would be blocked without it.
• Timeframe: 96 hours to ready-for-review (surface blockers early).