shield_lock
JinDaGe
Back to skills
extension
Category: Productivity & OfficeNo API key required

privacy-compliance

GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.

personAuthor: jakexiaohubgithub
open_in_newRepositorydownloadDownload package

Privacy Compliance Skill

This skill provides guidance for GDPR, CCPA, and other privacy regulations.

Key Regulations

| Regulation | Region | Key Requirements | |------------|--------|------------------| | GDPR | EU/EEA | Consent, data rights, breach notification | | CCPA/CPRA | California | Right to know, delete, opt-out | | LGPD | Brazil | Similar to GDPR | | PIPEDA | Canada | Consent, limited collection |

GDPR Requirements

Lawful Bases for Processing

  1. Consent
  2. Contract
  3. Legal obligation
  4. Vital interests
  5. Public task
  6. Legitimate interests

Data Subject Rights

  • Right to access
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object

Implementation Patterns

Consent Management

@dataclass
class Consent:
    user_id: str
    purpose: str
    granted_at: datetime
    withdrawn_at: datetime | None
    version: str

Data Minimization

# Only collect what's necessary
class UserRegistration(BaseModel):
    email: str  # Required for account
    name: str   # Required for personalization
    # Don't collect: age, gender, location unless needed

Data Retention

RETENTION_POLICIES = {
    "user_data": timedelta(days=365 * 2),
    "logs": timedelta(days=90),
    "analytics": timedelta(days=365),
}

Privacy Checklist

  • [ ] Privacy policy published and accessible
  • [ ] Consent obtained before data collection
  • [ ] Data subject rights implemented
  • [ ] Data minimization practiced
  • [ ] Retention policies defined
  • [ ] Breach notification process ready
  • [ ] DPA (Data Processing Agreement) with vendors