From argos
GDPR/KVKK/CCPA/LGPD operationalization — PII inventory + data flow + consent event + DSR automation (access/erasure/portability) + pseudonymization (KMS pepper) + retention enforcement + DPIA gate + sub-processor DPA + cross-border transfer SCC. Kod seviyesinde mekanizma; compliance theatre değil.
npx claudepluginhub resultakak/argos --plugin argosThis skill uses the workspace's default tool permissions.
`agents/shared/severity-rubric.md` ve `agents/shared/escalation-matrix.md`
Mandates invoking relevant skills via tools before any response in coding sessions. Covers access, priorities, and adaptations for Claude Code, Copilot CLI, Gemini CLI.
Share bugs, ideas, or general feedback.
agents/shared/severity-rubric.md ve agents/shared/escalation-matrix.md
default-load sayılır (agents/coordination.md §11). Bu skill'in çıktısı
Critical / High / Medium / Low + kanıt formatında olmak zorunda — spekülatif
Critical yasak. Sahiplik dışı bulgu ilgili agent'a delege; karar yetkisi eşiği
aşılırsa kullanıcı onayı zorunlu.
# DB schema scan
psql -c "
select table_name, column_name, data_type
from information_schema.columns
where column_name ~* 'email|phone|name|address|birth|ssn|tckn|iban|card|password'
order by table_name, column_name;
"
# Code scan (TypeScript / Python)
rg -i "pii|personaldata|sensitive|gdpr" src/ --type ts
rg -i "email|phone|ssn" --type py src/
# Log audit
kubectl logs -n production deploy/api-svc --tail=10000 | \
jq 'select(.email != null or .phone != null)' | head
data-catalog/<table>.yaml:
table: users
owner: "@auth-team"
classification:
- { column: email, pii_type: direct_identifier, sensitivity: high, retention_days: 1095, pseudonymize: true }
- { column: phone_e164, pii_type: direct_identifier, sensitivity: high, retention_days: 1095 }
- { column: birth_date, pii_type: quasi_identifier, sensitivity: medium, retention_days: 730 }
- { column: password_hash, pii_type: auth_secret, sensitivity: critical, retention_days: -1 }
CI gate: schema migration ↔ data-catalog drift PR red.
DFD'de PII edge işaretle (threat-model skill ile bağlı). Her PII edge bir
asset; sub-processor edge'i SCC kontrolü gerek.
event: consent_granted | consent_withdrawn
properties:
user_id: ...
purpose: marketing | analytics | personalization | functional
legal_basis: consent | contract | legitimate_interest
policy_version: ...
consent_method: explicit_optin | granted_at_signup
timestamp: ...
ip_address: hashed
user_agent_hash: ...
Withdraw ≡ grant tek tık (GDPR Art. 7).
/api/dsr/access + /api/dsr/erasure + /api/dsr/portability:
# erasure worker
def erase_user(user_id: str, idempotency_key: str) -> ErasureReceipt:
with audit_log(user_id, "erasure", idempotency_key):
# 1. Soft delete
db.execute("update users set deleted_at = now() where id = :id", id=user_id)
# 2. PII nullify (cascade)
db.execute("""
update users set
email = null, name = null, phone = null, address = null
where id = :id
""", id=user_id)
db.execute("""
update orders set
shipping_address = null, billing_email = null
where user_id = :id
""", id=user_id)
# 3. Vendor DSR (Stripe, Intercom, Segment, Mailchimp)
for vendor in active_vendors():
vendor.dsr_erasure(user_id)
# 4. Warehouse pseudonym
warehouse.exec("update events_fact set raw_email = null where user_hash = :h",
h=pseudo(user_id))
# 5. Backup purge schedule (30g delay)
schedule_backup_purge(user_id, delay_days=30)
return ErasureReceipt(id=evidence_id, completed_at=now())
SLA tracker:
select id, submitted_at, sla_deadline,
case when sla_deadline < now() and completed_at is null then 'BREACH'
when sla_deadline < now() + interval '5 days' and completed_at is null then 'AT_RISK'
else 'OK' end as status
from dsr_requests
where completed_at is null;
T+25 günde alarm.
defaults:
inactive_user_data: 730_days_then_archive
authentication_logs: 90_days
marketing_events: 365_days
audit_logs: 2555_days
payment_records: 2555_days
overrides:
- { table: users, column: email, retention_days: 1095 }
- { table: orders, retention_days: 2555 }
- { table: clickstream, retention_days: 90 }
Enforcer (nightly K8s CronJob):
apiVersion: batch/v1
kind: CronJob
metadata: { name: retention-enforcer }
spec:
schedule: "0 3 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: enforcer
image: privacy-tools:1.0
command: ["python", "enforce_retention.py"]
envFrom: [{ secretRef: { name: db-credentials } }]
restartPolicy: OnFailure
import hmac, hashlib, os
PEPPER = os.environ["PII_PEPPER"] # KMS-managed; 90g rotate
def pseudo(value: str) -> str:
return hmac.new(PEPPER.encode(), value.lower().strip().encode(), hashlib.sha256).hexdigest()
Pepper rotation: dual-pepper 7g (eski + yeni accept), eski rotate.
Lookup table ayrı pseudo_lookup schema; production app erişmez (DSR
worker erişir, audit log).
PII_FIELDS = {'email', 'phone', 'card_pan', 'password', 'ssn', 'iban',
'tckn', 'address', 'first_name', 'last_name'}
def redact(rec: dict) -> dict:
for k, v in list(rec.items()):
if k.lower() in PII_FIELDS:
rec[k] = '<redacted>'
return rec
logger.add_filter(redact)
CI test (synthetic log replay):
def test_log_no_pii():
log = simulate_request(email="user@example.com")
assert "user@example.com" not in log
assert "<redacted>" in log
templates/privacy/dpia.md doldur; DPO sign-off olmadan ship yok.
Tetik:
# sub-processors.yaml
- name: Stripe
purpose: payment_processing
data_shared: [name, email, card_last4]
region: EU + US
dpa_signed: 2024-03-15
dpa_expiry: 2027-03-15
scc_module: 2021/914_Module_2
Customer-facing render (/privacy/sub-processors sayfası). Expire 60g öncesi
alarm.
EU → US:
privacy_audit table:
7 yıl retention.
data-catalog/*.yaml) tüm tablo# Privacy Engineering Review: <feature | service | quarterly>
## PII Inventory (data-catalog)
| Tablo | Kolon | PII type | Sensitivity | Retention | Pseudonymize |
## Data Flow PII Edges
## Consent
- Event schema
- Withdraw UX
## DSR
- Access / erasure / portability worker
- SLA tracker; current breach + at-risk
## Retention
- Policy YAML
- Enforcer schedule
## Pseudonymization
- Pepper KMS rotation cadence
## DPIA
- Tetik feature listesi
## Sub-processors
- DPA expiry; SCC modüller
## Findings (Critical/High/Medium/Low)
## Action Items
| P | Aksiyon | Sahip | Bitiş | Issue |