Skill

compliance-gdpr

Implements GDPR compliance: Subject Access Requests (30-day), right to erasure, consent management, data retention, 72-hour breach notification, PII detection, PostgreSQL RLS isolation. For data subject rights and privacy flows.

PostgreSQL

security

database

npx claudepluginhub rnavarych/alpha-engineer --plugin billy-milligan

Popularity

Parent stars

Parent forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/billy-milligan:compliance-gdpr

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

ReadGrepGlob

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

- Implementing Subject Access Requests (SAR) and right to erasure

Supporting Files

assets/dpia-template.mdreferences/consent-management.mdreferences/data-mapping.mdreferences/dsar-procedures.md

SKILL.md

34 lines · ~430 tokens

Similar Skills

GDPR Compliance Reference

faos-ciso

gdpr-data-handling

37.9k

Guides GDPR-compliant data processing, consent management, privacy controls, and data subject requests for systems handling EU personal data.

1 file

antigravity-awesome-skills

gdpr-compliance

Guides GDPR compliance planning for apps processing EU personal data, covering principles, lawful bases, data subject rights, DPIA, and .NET patterns.

6 tools

compliance-planning

Stats

LanguageShell

Parent stars13

Parent forks1

MaintenanceExcellent

Last CommitMar 5, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

GDPR Compliance Implementation

When to use

Implementing Subject Access Requests (SAR) and right to erasure

Designing consent management systems

Setting up data retention and automatic deletion

Planning 72-hour breach notification workflow

Choosing lawful basis for data processing

Core principles

Privacy by design — build privacy in from the start; retrofitting is 10x harder

Data minimization — collect only what you need for the stated purpose

72 hours for breach notification — to supervisory authority; 30 days for SAR response

Consent must be specific and withdrawable — "I agree to terms" does not cover marketing emails

Document the lawful basis — legitimate interest requires a balancing test; consent is not always the right choice

References available

references/data-mapping.md — retention schedules, lawful basis matrix, data flow mapping, PII inventory

references/consent-management.md — consent record schema, grant/withdraw patterns, audit trail requirements

references/dsar-procedures.md — SAR workflow (30-day), right to erasure with financial compliance exceptions, breach notification steps

Assets available

assets/dpia-template.md — Data Protection Impact Assessment template for high-risk processing

compliance-gdpr

Popularity

Invocation

Tool Access

Context Preview

Supporting Files

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

compliance-gdpr

Popularity

Invocation

Tool Access

Context Preview

Supporting Files

SKILL.md

GDPR Compliance Implementation

When to use

Core principles

References available

Assets available

Similar Skills

Help us improve

GDPR Compliance Implementation

When to use

Core principles

References available

Assets available