From hr-legal-compliance
Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data.
How this skill is triggered — by the user, by Claude, or both
Slash command
/hr-legal-compliance:gdpr-data-handlingThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Practical implementation guide for GDPR-compliant data processing, consent management, and privacy controls.
Practical implementation guide for GDPR-compliant data processing, consent management, and privacy controls.
| Category | Examples | Protection Level |
|---|---|---|
| Basic | Name, email, phone | Standard |
| Sensitive (Art. 9) | Health, religion, ethnicity | Explicit consent |
| Criminal (Art. 10) | Convictions, offenses | Official authority |
| Children's | Under 16 data | Parental consent |
Article 6 - Lawful Bases:
├── Consent: Freely given, specific, informed
├── Contract: Necessary for contract performance
├── Legal Obligation: Required by law
├── Vital Interests: Protecting someone's life
├── Public Interest: Official functions
└── Legitimate Interest: Balanced against rights
Right to Access (Art. 15) ─┐
Right to Rectification (Art. 16) │
Right to Erasure (Art. 17) │ Must respond
Right to Restrict (Art. 18) │ within 1 month
Right to Portability (Art. 20) │
Right to Object (Art. 21) ─┘
Detailed sections (starting with ## Implementation Patterns) live in references/details.md. Read that file when the navigation summary above is insufficient.
npx claudepluginhub wshobson/agents --plugin hr-legal-complianceGuides GDPR-compliant data processing, consent management, data subject requests, and privacy-first architecture design.
Audits code/systems for GDPR violations, drafts privacy policies/DPAs/consent notices, answers questions with article citations, reviews data flows/PII handling.
Assess GDPR compliance for data processing, rights, privacy controls, and incident response obligations.