Gdpr Data Handling

The gdpr-data-handling skill enables AI agents to process, store, and transmit personal data in strict compliance with the General Data Protection Regulation (GDPR). It provides mechanisms for anonymization, consent management, and audit logging to ensure legal adherence during data operations.

When to use it

• Processing user profiles or health records where privacy laws mandate strict protection.
• Implementing automated consent retrieval and withdrawal workflows for marketing campaigns.
• Generating compliance reports required for regulatory audits regarding data access.
• Sanitizing datasets before exporting them to third-party analytics tools.

Key capabilities

• Automated data anonymization and pseudonymization techniques.
• Consent management interfaces for user opt-in/opt-out tracking.
• Detailed audit logging of all data access and modification events.
• Data subject rights fulfillment (e.g., right to erasure).

Example prompts

• "Analyze this customer database and identify fields containing personally identifiable information (PII) that require GDPR masking."
• "Generate a consent form template compliant with EU regulations for a new mobile app feature."
• "Create an audit log entry documenting the deletion of User ID 12345's data in response to a 'right to be forgotten' request."

Tips & gotchas

Ensure your AI agent has explicit authorization before attempting to access or modify any personal data, as unauthorized processing violates core GDPR principles. This skill is designed for regulatory compliance; it does not replace the need for human legal oversight when handling sensitive cases.