Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From antigravity-awesome-skills
Applies Privacy by Design principles to apps collecting user data, enforcing minimization, consent, encryption, retention limits, and GDPR user rights in databases, APIs, auth flows.
npx claudepluginhub sickn33/antigravity-awesome-skills --plugin antigravity-awesome-skillsHow this skill is triggered — by the user, by Claude, or both
Slash command
/antigravity-awesome-skills:privacy-by-designThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Integrate privacy protections into software architecture from the beginning, not as an afterthought. This skill applies Privacy by Design principles (GDPR Article 25, Cavoukian's framework) when designing databases, APIs, and user flows. Protects real users' data and builds trust.
Implements and audits privacy controls (GDPR, CCPA, LGPD, PIPEDA) in code, data, and infrastructure. Covers data minimization, DSARs, DPIAs, consent management, breach notification timing, and right-to-be-forgotten across backups and caches.
Applies Hoepman's eight privacy design patterns (minimize, hide, separate, abstract, inform, control, enforce, demonstrate) to processing activities with GDPR mappings and implementation examples for privacy-by-design architecture.
Assesses Privacy by Design compliance and GDPR/data protection alignment for features or systems using 7 principles, data inventory, and risk recommendations.
Share bugs, ideas, or general feedback.
Integrate privacy protections into software architecture from the beginning, not as an afterthought. This skill applies Privacy by Design principles (GDPR Article 25, Cavoukian's framework) when designing databases, APIs, and user flows. Protects real users' data and builds trust.
GDPR (EU) — Primary reference. Article 25 mandates "data protection by design and by default." Applies to EU users and often adopted globally.
CCPA (California) — Right to know, delete, opt-out of sale. Similar principles: minimize, disclose, allow control.
LGPD (Brazil) — Aligned with GDPR. Purpose limitation, necessity, transparency. Applies to Brazil users.
Design for the strictest framework you target; it often satisfies others.
Collect only what is strictly necessary. Every field needs a documented justification. Avoid "we might need it later."
Store the purpose of each data point. Do not reuse data for purposes the user did not consent to.
Define retention periods. Implement automated deletion or anonymization when retention expires. Never keep data "forever" by default.
Opt-in for optional collection, not opt-out. Sensitive settings (analytics, marketing) off by default. No pre-checked consent boxes.
Encrypt at rest and in transit. Use RBAC. Log access to sensitive data for audit.
Document what is collected and why. Clear privacy policies. Easy access and deletion for users.
Ensure these are implementable from day one:
| Right | What to build |
|---|---|
| Access | Endpoint or flow to return all user data |
| Rectification | Ability to update/correct data |
| Erasure | Account deletion + data purge (including backups) |
| Portability | Export data in machine-readable format (JSON, CSV) |
Data minimization — Less data = less breach impact, lower storage cost, simpler compliance. Each field is a liability.
Purpose limitation — Reusing data without consent is illegal under GDPR. Document purpose in schema or metadata.
Retention — Indefinite storage increases risk and violates GDPR. Define retention_days per data type; automate cleanup.
Logging — Logs often leak PII. Redact emails, IDs, tokens. Use structured logging with allowlists.
Third parties — Every SDK (analytics, crash reporting, ads) may send data elsewhere. Audit dependencies; require consent before loading.
// BAD: Collecting everything "just in case"
const user = { email, name, phone, address, birthdate, ipAddress, userAgent, ... };
// GOOD: Minimal, documented purpose
const user = {
email, // purpose: authentication
displayName, // purpose: UI display
createdAt, // purpose: account age
};
// BAD: Track first, ask later
analytics.track(userId, event);
// GOOD: Check consent first
if (userConsent.analytics) {
analytics.track(userId, event);
}
# BAD: Logging PII in plain text
logger.info(f"User {user.email} logged in from {request.remote_addr}")
# GOOD: Redact or hash identifiers
logger.info(f"User {hash_user_id(user.id)} logged in")
# Or: logger.info("User login", extra={"user_id_hash": hash_id(user.id)})
-- GOOD: Document purpose and retention in schema
CREATE TABLE users (
id UUID PRIMARY KEY,
email VARCHAR(255) NOT NULL, -- purpose: auth, retention: account lifetime
display_name VARCHAR(100), -- purpose: UI, retention: account lifetime
created_at TIMESTAMPTZ, -- purpose: audit, retention: 7 years
last_login_at TIMESTAMPTZ -- purpose: security, retention: 90 days
);
-- Add retention policy (PostgreSQL example)
-- Schedule job to anonymize/delete last_login_at after 90 days
# BAD: Returning full user object
return jsonify(user) # May include internal fields, hashed passwords
# GOOD: Explicit allowlist
return jsonify({
"id": user.id,
"email": user.email,
"displayName": user.display_name,
})
| Pitfall | Solution |
|---|---|
| Logs contain emails, IPs, tokens | Redact PII; use hashed IDs or structured logs |
| Error messages expose data | Return generic errors to client; log details server-side |
| Third-party SDKs load before consent | Load analytics/ads only after consent; use consent management |
| No deletion flow | Design account deletion + data purge from day one |
| Backups keep data forever | Include backups in retention; encrypt backups |
| Cookies without consent | Use consent banner; respect Do Not Track where applicable |
Before adding a dependency that touches user data:
When building a feature that touches user data:
This skill is applicable when building software that collects, stores, or processes personal data. Apply it proactively during design and implementation.