clerk-data-handling
Handle user data, privacy, and GDPR compliance with Clerk. Use when implementing data export, user deletion, or privacy compliance features. Trigger with phrases like "clerk user data", "clerk GDPR", "clerk privacy", "clerk data export", "clerk delete user".
Best use case
clerk-data-handling is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Handle user data, privacy, and GDPR compliance with Clerk. Use when implementing data export, user deletion, or privacy compliance features. Trigger with phrases like "clerk user data", "clerk GDPR", "clerk privacy", "clerk data export", "clerk delete user".
Teams using clerk-data-handling should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/clerk-data-handling/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How clerk-data-handling Compares
| Feature / Agent | clerk-data-handling | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Handle user data, privacy, and GDPR compliance with Clerk. Use when implementing data export, user deletion, or privacy compliance features. Trigger with phrases like "clerk user data", "clerk GDPR", "clerk privacy", "clerk data export", "clerk delete user".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Clerk Data Handling
## Overview
Manage user data, implement privacy features, and ensure GDPR/CCPA compliance using the Clerk Backend API. Covers data export, right to be forgotten, consent management, and audit logging.
## Prerequisites
- Clerk integration working
- Understanding of GDPR/CCPA requirements
- Database with user-related data linked by Clerk user IDs
## Instructions
### Step 1: User Data Export
```typescript
// app/api/privacy/export/route.ts
import { auth, clerkClient } from '@clerk/nextjs/server'
export async function GET() {
const { userId } = await auth()
if (!userId) return Response.json({ error: 'Unauthorized' }, { status: 401 })
const client = await clerkClient()
const clerkUser = await client.users.getUser(userId)
// Gather data from Clerk
const clerkData = {
id: clerkUser.id,
emails: clerkUser.emailAddresses.map((e) => e.emailAddress),
firstName: clerkUser.firstName,
lastName: clerkUser.lastName,
createdAt: clerkUser.createdAt,
lastSignInAt: clerkUser.lastSignInAt,
publicMetadata: clerkUser.publicMetadata,
}
// Gather data from your database
const appData = await db.user.findUnique({
where: { clerkId: userId },
include: { posts: true, comments: true, preferences: true },
})
return Response.json({
exportDate: new Date().toISOString(),
clerkProfile: clerkData,
applicationData: appData,
})
}
```
### Step 2: User Deletion (Right to be Forgotten)
```typescript
// app/api/privacy/delete/route.ts
import { auth, clerkClient } from '@clerk/nextjs/server'
export async function DELETE() {
const { userId } = await auth()
if (!userId) return Response.json({ error: 'Unauthorized' }, { status: 401 })
const deletionLog: { step: string; status: string }[] = []
try {
// 1. Delete application data first
await db.comment.deleteMany({ where: { authorId: userId } })
deletionLog.push({ step: 'comments', status: 'deleted' })
await db.post.deleteMany({ where: { authorId: userId } })
deletionLog.push({ step: 'posts', status: 'deleted' })
await db.user.delete({ where: { clerkId: userId } })
deletionLog.push({ step: 'app_user', status: 'deleted' })
// 2. Delete from Clerk (this ends the session)
const client = await clerkClient()
await client.users.deleteUser(userId)
deletionLog.push({ step: 'clerk_user', status: 'deleted' })
// 3. Log deletion for compliance audit trail
await db.auditLog.create({
data: {
action: 'USER_DELETED',
subjectId: userId,
details: JSON.stringify(deletionLog),
timestamp: new Date(),
},
})
return Response.json({ deleted: true, log: deletionLog })
} catch (error) {
return Response.json({ error: 'Partial deletion', log: deletionLog }, { status: 500 })
}
}
```
### Step 3: Consent Management with Metadata
```typescript
// lib/consent.ts
import { clerkClient } from '@clerk/nextjs/server'
interface ConsentRecord {
marketing: boolean
analytics: boolean
thirdParty: boolean
updatedAt: string
}
export async function updateConsent(userId: string, consent: Partial<ConsentRecord>) {
const client = await clerkClient()
const user = await client.users.getUser(userId)
const existing = (user.publicMetadata.consent as ConsentRecord) || {}
const updated: ConsentRecord = {
...existing,
...consent,
updatedAt: new Date().toISOString(),
}
await client.users.updateUser(userId, {
publicMetadata: { ...user.publicMetadata, consent: updated },
})
return updated
}
export async function getConsent(userId: string): Promise<ConsentRecord | null> {
const client = await clerkClient()
const user = await client.users.getUser(userId)
return (user.publicMetadata.consent as ConsentRecord) || null
}
```
### Step 4: Consent UI Component
```typescript
'use client'
import { useUser } from '@clerk/nextjs'
import { useState } from 'react'
export function ConsentManager() {
const { user } = useUser()
const consent = (user?.publicMetadata as any)?.consent || {}
const [marketing, setMarketing] = useState(consent.marketing ?? false)
const [analytics, setAnalytics] = useState(consent.analytics ?? true)
const saveConsent = async () => {
await fetch('/api/privacy/consent', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ marketing, analytics }),
})
}
return (
<div>
<h3>Privacy Preferences</h3>
<label>
<input type="checkbox" checked={marketing} onChange={(e) => setMarketing(e.target.checked)} />
Marketing communications
</label>
<label>
<input type="checkbox" checked={analytics} onChange={(e) => setAnalytics(e.target.checked)} />
Analytics tracking
</label>
<button onClick={saveConsent}>Save Preferences</button>
</div>
)
}
```
### Step 5: Audit Logging via Webhooks
```typescript
// app/api/webhooks/clerk/route.ts (audit section)
async function logAuditEvent(evt: WebhookEvent) {
const auditEntry = {
eventType: evt.type,
userId: 'user_id' in evt.data ? evt.data.user_id : evt.data.id,
timestamp: new Date().toISOString(),
metadata: JSON.stringify(evt.data),
}
await db.auditLog.create({ data: auditEntry })
// Track compliance-relevant events
if (['user.deleted', 'user.updated'].includes(evt.type)) {
console.log(`[COMPLIANCE] ${evt.type} for user ${auditEntry.userId}`)
}
}
```
## Output
- Data export API returning Clerk profile + application data
- User deletion cascade (app data, then Clerk, then audit log)
- Consent management stored in Clerk publicMetadata
- Privacy preferences UI component
- Audit logging for compliance events
## Error Handling
| Scenario | Action |
|----------|--------|
| Partial deletion failure | Log completed steps, retry failed services, alert ops team |
| Export timeout on large data | Queue export job, email user download link when ready |
| Consent sync failure | Retry with exponential backoff, fall back to local storage |
| Clerk API rate limit on bulk delete | Batch deletions with delays between requests |
## Examples
### Bulk User Data Cleanup Script
```typescript
// scripts/cleanup-orphaned-users.ts
import { createClerkClient } from '@clerk/backend'
const clerk = createClerkClient({ secretKey: process.env.CLERK_SECRET_KEY! })
async function cleanupOrphanedDbUsers() {
const dbUsers = await db.user.findMany({ select: { clerkId: true } })
for (const dbUser of dbUsers) {
try {
await clerk.users.getUser(dbUser.clerkId)
} catch (err: any) {
if (err.status === 404) {
console.log(`Orphaned user: ${dbUser.clerkId} — removing from DB`)
await db.user.delete({ where: { clerkId: dbUser.clerkId } })
}
}
}
}
```
## Resources
- [Clerk User API](https://clerk.com/docs/references/backend/user/get-user)
- [Clerk Metadata](https://clerk.com/docs/users/metadata)
- [GDPR Compliance Guide](https://gdpr.eu/checklist/)
## Next Steps
Proceed to `clerk-enterprise-rbac` for enterprise SSO and RBAC.Related Skills
College Football Data (CFB)
Before writing queries, consult `references/api-reference.md` for endpoints, conference IDs, team IDs, and data shapes.
College Basketball Data (CBB)
Before writing queries, consult `references/api-reference.md` for endpoints, conference IDs, team IDs, and data shapes.
validating-database-integrity
Process use when you need to ensure database integrity through comprehensive data validation. This skill validates data types, ranges, formats, referential integrity, and business rules. Trigger with phrases like "validate database data", "implement data validation rules", "enforce data integrity constraints", or "validate data formats".
forecasting-time-series-data
This skill enables Claude to forecast future values based on historical time series data. It analyzes time-dependent data to identify trends, seasonality, and other patterns. Use this skill when the user asks to predict future values of a time series, analyze trends in data over time, or requires insights into time-dependent data. Trigger terms include "forecast," "predict," "time series analysis," "future values," and requests involving temporal data.
generating-test-data
This skill enables Claude to generate realistic test data for software development. It uses the test-data-generator plugin to create users, products, orders, and custom schemas for comprehensive testing. Use this skill when you need to populate databases, simulate user behavior, or create fixtures for automated tests. Trigger phrases include "generate test data", "create fake users", "populate database", "generate product data", "create test orders", or "generate data based on schema". This skill is especially useful for populating testing environments or creating sample data for demonstrations.
test-data-builder
Test Data Builder - Auto-activating skill for Test Automation. Triggers on: test data builder, test data builder Part of the Test Automation skill category.
splitting-datasets
Process split datasets into training, validation, and testing sets for ML model development. Use when requesting "split dataset", "train-test split", or "data partitioning". Trigger with relevant phrases based on skill purpose.
scanning-database-security
Process use when you need to work with security and compliance. This skill provides security scanning and vulnerability detection with comprehensive guidance and automation. Trigger with phrases like "scan for vulnerabilities", "implement security controls", or "audit security".
preprocessing-data-with-automated-pipelines
Process automate data cleaning, transformation, and validation for ML tasks. Use when requesting "preprocess data", "clean data", "ETL pipeline", or "data transformation". Trigger with relevant phrases based on skill purpose.
optimizing-database-connection-pooling
Process use when you need to work with connection management. This skill provides connection pooling and management with comprehensive guidance and automation. Trigger with phrases like "manage connections", "configure pooling", or "optimize connection usage".
modeling-nosql-data
This skill enables Claude to design NoSQL data models. It activates when the user requests assistance with NoSQL database design, including schema creation, data modeling for MongoDB or DynamoDB, or defining document structures. Use this skill when the user mentions "NoSQL data model", "design MongoDB schema", "create DynamoDB table", or similar phrases related to NoSQL database architecture. It assists in understanding NoSQL modeling principles like embedding vs. referencing, access pattern optimization, and sharding key selection.
monitoring-database-transactions
Monitor use when you need to work with monitoring and observability. This skill provides health monitoring and alerting with comprehensive guidance and automation. Trigger with phrases like "monitor system health", "set up alerts", or "track metrics".