Privacy & GDPR (Deep Workflow)
This skill supports structured thinking about personal data. Legal and compliance teams must approve binding interpretations—this is not legal advice.
When to Offer This Workflow
Trigger conditions:
- - New collection of PII; analytics or ML on user data
- Vendor processing agreements; international transfers
- DSAR volume; breach response planning
Initial offer:
Use six stages: (1) scope & roles, (2) inventory & purposes, (3) lawful basis & notices, (4) rights & DSAR, (5) security & subprocessors, (6) DPIA & transfers). Confirm jurisdiction (EU/UK vs broader).
Stage 1: Scope & Roles
Goal: Identify controller vs processor roles and whose data is involved (employees, customers, minors).
Output
Simple RACI for privacy decisions.
Exit condition: Data subjects and systems in scope are listed.
Stage 2: Inventory & Purposes
Goal: Record of processing activities (ROPA-style): what data, why, where stored, retention, who accesses.
Practices
- - Data minimization: collect and retain only what is needed
Stage 3: Lawful Basis & Notices
Goal: Map processing to lawful basis (consent, contract, legitimate interests, etc.)—lawyers validate per jurisdiction.
UX
- - Consent granular and withdrawable where required
Stage 4: Rights & DSAR
Goal: Operational playbook for access, erasure, portability, restriction—with SLAs and identity verification.
Practices
- - Log requests and responses for audit
- Plan how erasure interacts with backups and logs
Stage 5: Security & Subprocessors
Goal: DPAs, SCCs or adequacy for transfers; subprocessor list public where required.
Security
- - Encryption, access controls, and logging aligned with risk
Stage 6: DPIA & Transfers
Goal: Recognize when DPIA is likely required (high-risk processing)—escalate to DPO/legal.
Transfers
- - Document mechanisms for non-adequate countries
Final Review Checklist
- - [ ] Roles (controller/processor) and scope clear
- [ ] RoPA or equivalent inventory maintained
- [ ] Lawful basis and notices reviewed by legal where needed
- [ ] DSAR process with SLAs and verification
- [ ] Subprocessors and transfers documented
Tips for Effective Guidance
- - Engineering detail (backups, logs) is where GDPR meets reality.
- Privacy by design is cheaper than retrofit.
- Never invent legal conclusions—flag for professional review.
Handling Deviations
- - US-only: still map PII and consider state laws (e.g., CPRA).
- B2B vs B2C: different notice and rights patterns.
隐私与GDPR(深度工作流)
该技能支持对个人数据进行结构化思考。法律与合规团队必须批准具有约束力的解释——这不是法律建议。
何时提供此工作流
触发条件:
- - 新收集个人身份信息;对用户数据进行数据分析或机器学习
- 供应商处理协议;国际数据传输
- 数据主体访问请求量;违规响应规划
初始提供:
使用六个阶段:(1) 范围与角色,(2) 清单与目的,(3) 法律依据与通知,(4) 权利与数据主体访问请求,(5) 安全与子处理者,(6) 数据保护影响评估与传输。确认管辖区域(欧盟/英国或更广泛区域)。
阶段1:范围与角色
目标: 确定控制者与处理者角色,以及涉及谁的数据(员工、客户、未成年人)。
输出
用于隐私决策的简单RACI矩阵。
退出条件: 列出范围内的数据主体和系统。
阶段2:清单与目的
目标: 处理活动记录(类似ROPA):什么数据、为什么、存储位置、保留期限、谁可访问。
实践
阶段3:法律依据与通知
目标: 将处理活动映射到法律依据(同意、合同、合法利益等)——律师根据管辖区域验证。
用户体验
阶段4:权利与数据主体访问请求
目标: 针对访问、删除、可携带性、限制的操作手册——包含服务级别协议和身份验证。
实践
- - 记录请求和响应以供审计
- 规划删除如何与备份和日志交互
阶段5:安全与子处理者
目标: 数据传输的数据处理协议、标准合同条款或充分性认定;在需要时公开子处理者列表。
安全
阶段6:数据保护影响评估与传输
目标: 识别何时可能需要数据保护影响评估(高风险处理)——上报给数据保护官/法律团队。
传输
最终审查清单
- - [ ] 角色(控制者/处理者)和范围明确
- [ ] 维护处理活动记录或等效清单
- [ ] 在需要时由法律团队审查法律依据和通知
- [ ] 包含服务级别协议和验证的数据主体访问请求流程
- [ ] 记录子处理者和传输情况
有效指导技巧
- - 工程细节(备份、日志)是GDPR与现实交汇之处。
- 设计隐私比事后补救成本更低。
- 切勿自行得出法律结论——标记以供专业审查。
处理偏差情况
- - 仅限美国:仍需映射个人身份信息并考虑州法律(如CPRA)。
- B2B与B2C:不同的通知和权利模式。
