OpenSkillIndex← back to search
claude-codelegal

Marketplace gdpr-compliance

This skill provides comprehensive guidance for implementing and reviewing GDPR-compliant features in Empathy Ledger.

install
source · Clone the upstream repo
git clone https://github.com/aiskillstore/marketplace
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/aiskillstore/marketplace "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/acurioustractor/gdpr-compliance" ~/.claude/skills/aiskillstore-marketplace-gdpr-compliance && rm -rf "$T"
manifest: skills/acurioustractor/gdpr-compliance/SKILL.md
tags
#gdpr#compliance#data-privacy#api#typescript#security
source content

GDPR Compliance Skill

This skill provides comprehensive guidance for implementing and reviewing GDPR-compliant features in Empathy Ledger.

GDPR Rights Reference

Article 15 - Right of Access

Requirement: Users can request a copy of their personal data

Implementation:

// GET /api/user/export
const data = await gdprService.exportUserData(userId)
// Returns: stories, media, profile, consent records, activity logs

Article 16 - Right to Rectification

Requirement: Users can correct inaccurate personal data

Implementation:

  • Edit profile via profile settings
  • Edit stories via story editor
  • All changes logged in audit trail

Article 17 - Right to Erasure (Right to be Forgotten)

Requirement: Users can request deletion of their data

Implementation:

// POST /api/user/deletion-request
// Initiates 30-day deletion workflow

// POST /api/stories/[id]/anonymize
// Immediate anonymization of specific story

Anonymization Process:

  1. Remove PII from story content
  2. Replace author name with "Anonymous Storyteller"
  3. Disassociate from profile (set storyteller_id = null)
  4. Revoke all active distributions
  5. Anonymize related media
  6. Keep anonymized audit trail

Article 20 - Right to Data Portability

Requirement: Users can export data in machine-readable format

Implementation:

  • JSON export format
  • Includes all user-generated content
  • Downloadable via vault dashboard

Consent Management

Consent Capture

interface ConsentRecord {
  has_consent: boolean           // Initial consent given
  consent_verified: boolean      // Consent verification completed
  consent_method?: string        // 'written' | 'verbal' | 'digital'
  consent_date?: Date
  consent_witness_id?: string    // For verbal consent
}

Consent Withdrawal

// POST /api/stories/[id]/consent/withdraw
// Triggers:
// 1. Set consent_withdrawn_at timestamp
// 2. Revoke all embed tokens
// 3. Mark all distributions as revoked
// 4. Send webhook notifications
// 5. Queue external takedown requests
// 6. Create audit log entries

Data Processing Lawful Bases

For Empathy Ledger, we rely on:

  1. Consent (Article 6(1)(a)) - Primary basis for story sharing
  2. Legitimate Interest (Article 6(1)(f)) - Platform operation, security

Data Minimization

Collect Only What's Needed

  • Essential profile data: name, email, organization
  • Story content: as provided by user
  • Technical data: minimal logging for security

Retention Limits

  • Active data: retained while account active
  • Deleted data: fully removed within 30 days
  • Anonymized data: kept for aggregate statistics only
  • Audit logs: anonymized after account deletion

Implementation Checklist

User Data Export

□ Export includes all user stories
□ Export includes media files
□ Export includes profile data
□ Export includes consent records
□ Export includes activity log
□ Format is JSON (machine-readable)
□ Download is secure (authenticated)

Data Deletion

□ Deletion request creates ticket
□ User receives confirmation email
□ 30-day processing window
□ All stories anonymized or deleted
□ All media files removed
□ Profile data erased
□ Audit trail anonymized
□ Third-party distributions notified

Consent Tracking

□ Consent captured before distribution
□ Consent method recorded
□ Consent can be withdrawn
□ Withdrawal cascades automatically
□ Audit trail for consent changes
□ Re-consent required for new purposes

API Endpoints

Data Rights

  • GET /api/user/export
    - Export all user data
  • POST /api/user/deletion-request
    - Request account deletion
  • GET /api/user/deletion-request
    - Check deletion status

Story-Level GDPR

  • POST /api/stories/[id]/anonymize
    - Anonymize specific story
  • POST /api/stories/[id]/consent/withdraw
    - Withdraw consent

Audit Access

  • GET /api/stories/[id]/audit
    - View story audit trail
  • POST /api/stories/[id]/audit/export
    - Export audit report

Database Schema

deletion_requests

CREATE TABLE deletion_requests (
  id UUID PRIMARY KEY,
  user_id UUID NOT NULL,
  tenant_id UUID NOT NULL,
  request_type TEXT NOT NULL,     -- 'anonymize_story', 'delete_account'
  status TEXT DEFAULT 'pending',  -- 'pending', 'processing', 'completed'
  requested_at TIMESTAMPTZ,
  processed_at TIMESTAMPTZ,
  completed_at TIMESTAMPTZ
);

Story Anonymization Fields

-- On stories table
anonymization_status TEXT,        -- null, 'partial', 'full'
anonymized_fields JSONB,          -- Track what was anonymized
consent_withdrawn_at TIMESTAMPTZ  -- When consent was withdrawn

Services

GDPRService

class GDPRService {
  exportUserData(userId: string): Promise<DataExport>
  anonymizeStory(storyId: string): Promise<AnonymizeResult>
  anonymizeUserData(userId: string): Promise<AnonymizeResult>
  createDeletionRequest(userId: string, type: string): Promise<Request>
  processDeletionRequest(requestId: string): Promise<void>
  scrubPII(content: string): string
}

Code Review for GDPR

When reviewing code, verify:

  1. Data Collection: Is this data necessary?
  2. Consent: Is consent captured before processing?
  3. Access: Can users access their data?
  4. Rectification: Can users correct their data?
  5. Erasure: Can users delete their data?
  6. Portability: Can users export their data?
  7. Audit: Are actions logged?
  8. Security: Is data properly protected?