返回顶部
p

privacy-gdpr

Deep privacy/GDPR-oriented workflow—lawful basis, data inventory, minimization, DSAR process, DPIA triggers, subprocessors, and breach notification mindset. Use when designing data practices, vendor review, or user rights operations. Not legal advice.

作者: admin | 来源: ClawHub
源自
ClawHub
版本
V 1.0.0
安全检测
已通过
102
下载量
0
收藏
概述
安装方式
版本历史

privacy-gdpr

# Privacy & GDPR (Deep Workflow) This skill supports **structured thinking** about personal data. **Legal and compliance teams** must approve binding interpretations—this is **not** legal advice. ## When to Offer This Workflow **Trigger conditions:** - New collection of PII; analytics or ML on user data - Vendor processing agreements; international transfers - DSAR volume; breach response planning **Initial offer:** Use **six stages**: (1) scope & roles, (2) inventory & purposes, (3) lawful basis & notices, (4) rights & DSAR, (5) security & subprocessors, (6) DPIA & transfers). Confirm jurisdiction (EU/UK vs broader). --- ## Stage 1: Scope & Roles **Goal:** Identify controller vs processor roles and whose data is involved (employees, customers, minors). ### Output Simple RACI for privacy decisions. **Exit condition:** Data subjects and systems in scope are listed. --- ## Stage 2: Inventory & Purposes **Goal:** Record of processing activities (ROPA-style): what data, why, where stored, retention, who accesses. ### Practices - Data minimization: collect and retain only what is needed --- ## Stage 3: Lawful Basis & Notices **Goal:** Map processing to lawful basis (consent, contract, legitimate interests, etc.)—**lawyers validate** per jurisdiction. ### UX - Consent granular and withdrawable where required --- ## Stage 4: Rights & DSAR **Goal:** Operational playbook for access, erasure, portability, restriction—with SLAs and identity verification. ### Practices - Log requests and responses for audit - Plan how erasure interacts with backups and logs --- ## Stage 5: Security & Subprocessors **Goal:** DPAs, SCCs or adequacy for transfers; subprocessor list public where required. ### Security - Encryption, access controls, and logging aligned with risk --- ## Stage 6: DPIA & Transfers **Goal:** Recognize when DPIA is likely required (high-risk processing)—escalate to DPO/legal. ### Transfers - Document mechanisms for non-adequate countries --- ## Final Review Checklist - [ ] Roles (controller/processor) and scope clear - [ ] RoPA or equivalent inventory maintained - [ ] Lawful basis and notices reviewed by legal where needed - [ ] DSAR process with SLAs and verification - [ ] Subprocessors and transfers documented ## Tips for Effective Guidance - Engineering detail (backups, logs) is where GDPR meets reality. - Privacy by design is cheaper than retrofit. - Never invent legal conclusions—flag for professional review. ## Handling Deviations - US-only: still map PII and consider state laws (e.g., CPRA). - B2B vs B2C: different notice and rights patterns.

标签

skill ai

通过对话安装

该技能支持在以下平台通过对话安装:

OpenClaw WorkBuddy QClaw Kimi Claude

方式一:安装 SkillHub 和技能

帮我安装 SkillHub 和 privacy-gdpr-1776028827 技能

方式二:设置 SkillHub 为优先技能安装源

设置 SkillHub 为我的优先技能安装源,然后帮我安装 privacy-gdpr-1776028827 技能

通过命令行安装

skillhub install privacy-gdpr-1776028827

下载 Zip 包

⬇ 下载 privacy-gdpr v1.0.0

文件大小: 2.04 KB | 发布时间: 2026-4-13 11:36

v1.0.0 最新 2026-4-13 11:36
Initial release of the privacy-gdpr skill—comprehensive workflow for privacy and GDPR compliance.

- Provides a six-stage framework: scope & roles, data inventory, lawful basis, user rights/DSAR process, security/subprocessors, and DPIA/transfers.
- Includes checklists, operational playbooks, and best practices for compliance teams.
- Clarifies triggers for use (new PII, vendor review, DSAR, breaches).
- Emphasizes legal validation and escalation points, not a substitute for legal advice.
- Offers tips on practical GDPR implementation and handling deviations by region or business model.

Archiver·手机版·闲社网·闲社论坛·羊毛社区· 多链控股集团有限公司 · 苏ICP备2025199260号-1

Powered by Discuz! X5.0   © 2024-2025 闲社网·线报更新论坛·羊毛分享社区·http://xianshe.com

p2p_official_large
返回顶部