GDPR compliance planning including lawful bases, data subject rights, DPIA, and implementation patterns
Provides GDPR compliance guidance for systems processing EU personal data. Use when planning consent flows, implementing data subject rights (access/erasure/portability), conducting DPIAs, or defining lawful bases and retention policies.
/plugin marketplace add melodic-software/claude-code-plugins/plugin install compliance-planning@melodic-softwareThis skill is limited to using the following tools:
Comprehensive guidance for General Data Protection Regulation compliance before development begins.
| Principle | Description | Implementation Focus |
|---|---|---|
| Lawfulness, Fairness, Transparency | Valid legal basis, fair processing, clear privacy notices | Consent flows, privacy policies |
| Purpose Limitation | Collect for specified, explicit purposes | Purpose tracking, use restriction |
| Data Minimization | Adequate, relevant, limited to purpose | Field-level justification |
| Accuracy | Keep data accurate and up to date | Update mechanisms, verification |
| Storage Limitation | Keep only as long as necessary | Retention policies, auto-deletion |
| Integrity and Confidentiality | Appropriate security measures | Encryption, access control |
| Accountability | Demonstrate compliance | Audit logs, documentation |
1. Consent - Freely given, specific, informed, unambiguous
2. Contract - Necessary for contract performance
3. Legal Obligation - Required by law
4. Vital Interests - Protect someone's life
5. Public Task - Official authority/public interest
6. Legitimate Interest - Balanced against data subject rights
Legitimate Interest Assessment (LIA):
| Right | Description | Response Time | Implementation |
|---|---|---|---|
| Access | Copy of personal data | 1 month | Export endpoint |
| Rectification | Correct inaccurate data | 1 month | Update endpoint |
| Erasure ("Right to be Forgotten") | Delete personal data | 1 month | Deletion pipeline |
| Restrict Processing | Limit use of data | 1 month | Processing flags |
| Data Portability | Machine-readable export | 1 month | JSON/CSV export |
| Object | Stop processing | Without undue delay | Opt-out mechanism |
| Automated Decision-Making | Human review of decisions | Varies | Review queue |
// Data Subject Request Handling
public interface IDataSubjectRequestHandler
{
Task<DataExport> HandleAccessRequest(Guid subjectId, CancellationToken ct);
Task HandleErasureRequest(Guid subjectId, ErasureScope scope, CancellationToken ct);
Task<PortableData> HandlePortabilityRequest(Guid subjectId, string format, CancellationToken ct);
}
public class DataSubjectRequestService : IDataSubjectRequestHandler
{
private readonly IPersonalDataLocator _dataLocator;
private readonly IAuditLogger _auditLogger;
private readonly TimeProvider _timeProvider;
public async Task<DataExport> HandleAccessRequest(Guid subjectId, CancellationToken ct)
{
await _auditLogger.LogRequestReceived(subjectId, "Access", _timeProvider.GetUtcNow());
var locations = await _dataLocator.LocateAllPersonalData(subjectId, ct);
var export = new DataExport
{
SubjectId = subjectId,
GeneratedAt = _timeProvider.GetUtcNow(),
Categories = new List<DataCategory>()
};
foreach (var location in locations)
{
var data = await location.ExtractData(ct);
export.Categories.Add(new DataCategory
{
Name = location.CategoryName,
Purpose = location.ProcessingPurpose,
LawfulBasis = location.LawfulBasis,
RetentionPeriod = location.RetentionPolicy,
Data = data
});
}
await _auditLogger.LogRequestCompleted(subjectId, "Access", _timeProvider.GetUtcNow());
return export;
}
public async Task HandleErasureRequest(Guid subjectId, ErasureScope scope, CancellationToken ct)
{
// Check for legal holds or retention requirements
var blocks = await CheckErasureBlocks(subjectId, ct);
if (blocks.Any())
{
throw new ErasureBlockedException(blocks);
}
var locations = await _dataLocator.LocateAllPersonalData(subjectId, ct);
foreach (var location in locations)
{
if (scope.IncludesCategory(location.CategoryName))
{
// Soft delete with scheduled hard delete
await location.MarkForDeletion(_timeProvider.GetUtcNow().AddDays(30), ct);
}
}
await _auditLogger.LogErasureInitiated(subjectId, scope, _timeProvider.GetUtcNow());
}
}
// Consent tracking with granular purposes
public class ConsentRecord
{
public Guid SubjectId { get; init; }
public string Purpose { get; init; } = string.Empty;
public bool IsGranted { get; init; }
public DateTimeOffset Timestamp { get; init; }
public string ConsentMechanism { get; init; } = string.Empty; // e.g., "WebForm", "API"
public string ConsentVersion { get; init; } = string.Empty; // Version of consent text
public string? WithdrawalTimestamp { get; set; }
}
public interface IConsentManager
{
Task RecordConsent(ConsentRecord consent, CancellationToken ct);
Task WithdrawConsent(Guid subjectId, string purpose, CancellationToken ct);
Task<bool> HasValidConsent(Guid subjectId, string purpose, CancellationToken ct);
Task<IReadOnlyList<ConsentRecord>> GetConsentHistory(Guid subjectId, CancellationToken ct);
}
public class GdprConsentManager : IConsentManager
{
private readonly IConsentRepository _repository;
private readonly IEventPublisher _events;
public async Task<bool> HasValidConsent(Guid subjectId, string purpose, CancellationToken ct)
{
var latest = await _repository.GetLatestConsent(subjectId, purpose, ct);
if (latest is null)
return false;
if (latest.WithdrawalTimestamp is not null)
return false;
// Check if consent version is still current
var currentVersion = await _repository.GetCurrentConsentVersion(purpose, ct);
if (latest.ConsentVersion != currentVersion)
{
// Consent was given under old terms - needs re-consent
return false;
}
return latest.IsGranted;
}
}
DPIA is mandatory when processing is likely to result in high risk:
## 1. Description of Processing
- Nature: What will you do with the data?
- Scope: How much data, how many subjects, geographic area?
- Context: Internal/external factors affecting expectations?
- Purpose: What are you trying to achieve?
## 2. Necessity and Proportionality
- Lawful basis and justification
- Purpose limitation assessment
- Data minimization measures
- Data quality approach
- Storage limitation policy
## 3. Risk Assessment
### Risks to Individuals
| Risk | Likelihood | Severity | Score | Mitigation |
|------|------------|----------|-------|------------|
| Unauthorized access | Medium | High | 6 | Encryption, MFA |
| Data breach | Low | Critical | 4 | Monitoring, IR plan |
| Inaccurate profiling | Medium | Medium | 4 | Human review |
### Residual Risk
[After mitigations applied]
## 4. Consultation
- DPO advice obtained: [Date]
- Supervisory authority consulted: [If required]
- Data subject views considered: [How]
## 5. Sign-Off
| Role | Name | Approval | Date |
|------|------|----------|------|
| Project Owner | | [ ] | |
| DPO | | [ ] | |
| CISO | | [ ] | |
SEVERITY
Low(1) Medium(2) High(3) Critical(4)
L High(4) 4 8 12 16
I Med(3) 3 6 9 12
K Low(2) 2 4 6 8
E V.Low(1) 1 2 3 4
Thresholds:
Controllers must maintain records of:
Processing Activity: Customer Account Management
Controller: [Organization Name]
DPO Contact: dpo@example.com
Purposes:
- Account authentication
- Order fulfillment
- Customer support
Categories of Data Subjects:
- Customers
- Prospective customers
Categories of Personal Data:
- Name, email, phone
- Address
- Order history
- Payment tokens (not card numbers)
Recipients:
- Payment processor (Stripe)
- Shipping provider (FedEx)
- Customer support platform (Zendesk)
International Transfers:
- Stripe Inc. (US) - SCCs
- None to third countries without safeguards
Retention:
- Active account: Duration of relationship
- Closed account: 7 years (legal requirement)
Security Measures:
- TLS 1.3 in transit
- AES-256 at rest
- Role-based access control
- Regular access reviews
| Mechanism | Use Case | Requirements |
|---|---|---|
| Adequacy Decision | EU-approved countries | None additional |
| Standard Contractual Clauses (SCCs) | Most common | TIA required |
| Binding Corporate Rules | Intra-group transfers | Supervisory approval |
| Derogations (Art. 49) | Occasional transfers | Limited scope |
## Transfer Impact Assessment
### 1. Transfer Details
- Exporter: [EU entity]
- Importer: [Third country entity]
- Countries: [List]
- Data types: [Categories]
- Transfer mechanism: [SCCs/BCRs/etc.]
### 2. Third Country Assessment
- Laws requiring disclosure to authorities
- Surveillance legislation
- Rule of law / judicial independence
- Practical access by authorities
### 3. Supplementary Measures
- Technical: [Encryption, pseudonymization]
- Contractual: [Additional clauses]
- Organizational: [Policies, training]
### 4. Conclusion
- Risk level: [Acceptable/Requires mitigation/Unacceptable]
- Decision: [Proceed/Modify/Suspend]
ai-governance skill for AI-specific requirementssecurity-frameworks for technical controlsdata-classification for sensitivity levelsThis skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.