privacy-compliance

GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.

9 stars

Best use case

privacy-compliance is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.

Teams using privacy-compliance should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/privacy-compliance/SKILL.md --create-dirs "https://raw.githubusercontent.com/jpoutrin/product-forge/main/plugins/security-compliance/skills/privacy-compliance/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/privacy-compliance/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How privacy-compliance Compares

Feature / Agentprivacy-complianceStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Privacy Compliance Skill

This skill provides guidance for GDPR, CCPA, and other privacy regulations.

## Key Regulations

| Regulation | Region | Key Requirements |
|------------|--------|------------------|
| GDPR | EU/EEA | Consent, data rights, breach notification |
| CCPA/CPRA | California | Right to know, delete, opt-out |
| LGPD | Brazil | Similar to GDPR |
| PIPEDA | Canada | Consent, limited collection |

## GDPR Requirements

### Lawful Bases for Processing
1. Consent
2. Contract
3. Legal obligation
4. Vital interests
5. Public task
6. Legitimate interests

### Data Subject Rights
- Right to access
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to object

## Implementation Patterns

### Consent Management
```python
@dataclass
class Consent:
    user_id: str
    purpose: str
    granted_at: datetime
    withdrawn_at: datetime | None
    version: str
```

### Data Minimization
```python
# Only collect what's necessary
class UserRegistration(BaseModel):
    email: str  # Required for account
    name: str   # Required for personalization
    # Don't collect: age, gender, location unless needed
```

### Data Retention
```python
RETENTION_POLICIES = {
    "user_data": timedelta(days=365 * 2),
    "logs": timedelta(days=90),
    "analytics": timedelta(days=365),
}
```

## Privacy Checklist

- [ ] Privacy policy published and accessible
- [ ] Consent obtained before data collection
- [ ] Data subject rights implemented
- [ ] Data minimization practiced
- [ ] Retention policies defined
- [ ] Breach notification process ready
- [ ] DPA (Data Processing Agreement) with vendors

Related Skills

zod

9
from jpoutrin/product-forge

Zod schema validation patterns and type inference. Auto-loads when validating schemas, parsing data, validating forms, checking types at runtime, or using z.object/z.string/z.infer in TypeScript.

typescript-import-style

9
from jpoutrin/product-forge

Merge-friendly import formatting (one-per-line, alphabetical). Auto-loads when writing TypeScript/JavaScript imports to minimize merge conflicts in parallel development. Enforces consistent grouping and sorting.

setup-mcp-auth

9
from jpoutrin/product-forge

Configure authentication for an existing FastMCP server

fastmcp

9
from jpoutrin/product-forge

FastMCP TypeScript framework patterns for MCP servers. Auto-loads when building MCP servers, creating tools/resources/prompts, implementing authentication, configuring transports, or working with FastMCP in TypeScript.

add-mcp-tool

9
from jpoutrin/product-forge

Add a new tool to an existing FastMCP server with guided configuration

add-mcp-resource

9
from jpoutrin/product-forge

Add a new resource or resource template to an existing FastMCP server

plan-with-team

9
from jpoutrin/product-forge

Validate plan file ownership

oauth

9
from jpoutrin/product-forge

OAuth 2.0 and OpenID Connect implementation patterns. Use when implementing authentication, authorization flows, or integrating with OAuth providers like Google, GitHub, or custom identity providers.

mcp-security

9
from jpoutrin/product-forge

Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.

rag-cag-security

9
from jpoutrin/product-forge

Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.

chunking-strategies

9
from jpoutrin/product-forge

Document chunking strategies for RAG systems. Use when implementing document processing pipelines to determine optimal chunking approaches based on document type and retrieval requirements.

review-django-commands

9
from jpoutrin/product-forge

Review Django management commands for proper structure and refactor if needed