privacy-compliance
GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.
Best use case
privacy-compliance is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.
Teams using privacy-compliance should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/privacy-compliance/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How privacy-compliance Compares
| Feature / Agent | privacy-compliance | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
GDPR, CCPA, and privacy compliance guidance for data protection. Use when handling personal data, implementing consent management, or ensuring regulatory compliance across jurisdictions.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Privacy Compliance Skill
This skill provides guidance for GDPR, CCPA, and other privacy regulations.
## Key Regulations
| Regulation | Region | Key Requirements |
|------------|--------|------------------|
| GDPR | EU/EEA | Consent, data rights, breach notification |
| CCPA/CPRA | California | Right to know, delete, opt-out |
| LGPD | Brazil | Similar to GDPR |
| PIPEDA | Canada | Consent, limited collection |
## GDPR Requirements
### Lawful Bases for Processing
1. Consent
2. Contract
3. Legal obligation
4. Vital interests
5. Public task
6. Legitimate interests
### Data Subject Rights
- Right to access
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to object
## Implementation Patterns
### Consent Management
```python
@dataclass
class Consent:
user_id: str
purpose: str
granted_at: datetime
withdrawn_at: datetime | None
version: str
```
### Data Minimization
```python
# Only collect what's necessary
class UserRegistration(BaseModel):
email: str # Required for account
name: str # Required for personalization
# Don't collect: age, gender, location unless needed
```
### Data Retention
```python
RETENTION_POLICIES = {
"user_data": timedelta(days=365 * 2),
"logs": timedelta(days=90),
"analytics": timedelta(days=365),
}
```
## Privacy Checklist
- [ ] Privacy policy published and accessible
- [ ] Consent obtained before data collection
- [ ] Data subject rights implemented
- [ ] Data minimization practiced
- [ ] Retention policies defined
- [ ] Breach notification process ready
- [ ] DPA (Data Processing Agreement) with vendorsRelated Skills
zod
Zod schema validation patterns and type inference. Auto-loads when validating schemas, parsing data, validating forms, checking types at runtime, or using z.object/z.string/z.infer in TypeScript.
typescript-import-style
Merge-friendly import formatting (one-per-line, alphabetical). Auto-loads when writing TypeScript/JavaScript imports to minimize merge conflicts in parallel development. Enforces consistent grouping and sorting.
setup-mcp-auth
Configure authentication for an existing FastMCP server
fastmcp
FastMCP TypeScript framework patterns for MCP servers. Auto-loads when building MCP servers, creating tools/resources/prompts, implementing authentication, configuring transports, or working with FastMCP in TypeScript.
add-mcp-tool
Add a new tool to an existing FastMCP server with guided configuration
add-mcp-resource
Add a new resource or resource template to an existing FastMCP server
plan-with-team
Validate plan file ownership
oauth
OAuth 2.0 and OpenID Connect implementation patterns. Use when implementing authentication, authorization flows, or integrating with OAuth providers like Google, GitHub, or custom identity providers.
mcp-security
Use when securing MCP servers, preventing prompt injection, implementing authorization, validating user input, or building secure multi-agent pipelines. Provides 5-layer defense architecture patterns.
rag-cag-security
Security patterns for RAG and CAG systems with multi-tenant isolation. Use when building retrieval-augmented or cache-augmented generation systems that require tenant isolation, access control, and secure data handling.
chunking-strategies
Document chunking strategies for RAG systems. Use when implementing document processing pipelines to determine optimal chunking approaches based on document type and retrieval requirements.
review-django-commands
Review Django management commands for proper structure and refactor if needed