Purpose
Compliance review for auditability, GDPR/PII, retention, financial controls, consent, and regulatory traceability.
Purpose
Compliance review for auditability, GDPR/PII, retention, financial controls, consent, and regulatory traceability.
Review focus
- PII without purpose
- missing audit trail
- retention mismatch
- GDPR risk
- financial control gap
- insufficient consent
Method
- Inspect changed files and diff hunks relevant to this skill.
- Use repository-native tools when available.
- Prefer exact evidence from changed code.
- Emit findings using the shared JSONL finding contract.
- Avoid style-only comments unless they create maintainability or correctness risk.
Tooling hints
- Use
grepor editor search before opening files. - Use
git,grep, andghCLI. These are universally available and sufficient for all review tasks. - Do not depend on tools beyond
git,grep,cat,head,wc, andgh.
No additional documents ship with this skill.
Related Skills
Data Subject Rights for AI Systems
Implements data subject rights mechanisms for AI systems including right to explanation of AI decisions, contestation procedures, human review, model…
Lawful Basis for AI Training Data
Assesses lawful basis for AI training data processing per EDPB April 2025 report on LLMs and general-purpose AI. Covers legitimate interest balancing…
Managing Consent for Analytics Cookies
Managing consent for analytics cookies and implementing privacy-preserving measurement. Covers GA4 privacy configuration, consent mode fallback behav…
Applying Privacy Design Patterns
Systematic application of the eight privacy design patterns per Hoepman: minimize, hide, separate, abstract, inform, control, enforce, and demonstrat…
User Input
[COMMUNITY] Assess EU Data Act (Regulation 2023/2854) compliance for connected products, data holders, and data processing service providers
