Search Skills
119 skills found
Vendor Privacy Due Diligence
Pre-contract vendor privacy due diligence per GDPR Article 28(1). Covers risk questionnaires, technical controls assessment, certification review, da…
Vendor Privacy Audit
On-site and remote vendor audit procedures per GDPR Article 28(3)(h). Covers audit planning, evidence collection methodologies, finding classificatio…
vendor-ai-review-anthropics
Review vendor AI terms — agreement, addendum, or ToS AI provisions — against your governance positions; flag training-on-data, liability, model chang…
use-case-triage
Quickly determine whether a processing activity needs a PIA, a mandatory GDPR DPIA, or can proceed — surfaces privacy policy conflicts and routes to …
Implementing Transparent Communication
Implements GDPR Article 12 transparent information and communication requirements, covering concise, intelligible, and plain language obligations, re…
Conducting Transfer Impact Assessment
Guides the post-Schrems II Transfer Impact Assessment process following EDPB Recommendations 01/2020 six-step methodology. Covers destination country…
Terms Recon
Survey existing privacy and legal docs for completeness and GDPR compliance.
Terms of Service Analyzer
Analyze terms of service and privacy policies to identify concerning clauses, hidden permissions, and user rights implications
Implementing Supplementary Measures
Guides implementation of technical, contractual, and organisational supplementary measures for international data transfers per EDPB Recommendations …
Sub-Processor Management
GDPR Article 28(2) sub-processor approval workflow management. Covers prior specific and general authorization mechanisms, change notification proced…
Special Category Data Classification — GDPR Art. 9
Identifies and classifies GDPR Art. 9 special category data including racial origin, political opinions, religious beliefs, trade union membership, g…
Slovak to English GDPR Translation
Translates legal articles from Slovak to English with strict terminology mappings for GDPR terms ('prevádzkovateľ' to 'Controller', 'sprostredkovateľ…
Search Engine Erasure (Right to Be Forgotten)
Implements the right to be forgotten in search engines under GDPR Article 17 and the CJEU Google Spain ruling (C-131/12). Covers delisting request pr…
RoPA Tool Integration
Integrates Records of Processing Activities with privacy management platforms including OneTrust, TrustArc, Collibra, and DataGrail. Covers API-based…
RoPA Maintenance Workflow
Establishes ongoing RoPA maintenance processes including update triggers, change management integration, version control, stakeholder review cycles, …
Processing Right to Rectification
Processes GDPR Article 16 right to rectification requests, covering verification of corrected data accuracy, notification to recipients under Article…
Handling Right to Object to Processing
Handles GDPR Article 21 right to object to processing, including compelling legitimate grounds assessment, ceasing processing obligations, documentat…
Implementing Right to Erasure Workflow
Implements the GDPR Article 17 right to erasure (right to be forgotten) workflow, covering all six grounds for erasure, five exceptions, technical de…
Retention Exception Management
Manages retention exception workflows including request-approval processes, duration limits, periodic review cycles, documentation requirements, and …
Handling Right to Restriction Requests
Handles GDPR Article 18 right to restriction of processing requests, covering the four grounds for restriction (accuracy contest, unlawful processing…
reg-gap-analysis-anthropics
Diff a new or changed regulation against current privacy policy and practice — outputs a gap list and a remediation plan with owners and dates. Use w…
Recovery App Legal Terms
Generate legally-sound terms of service, privacy policies, and medical disclaimers for recovery and wellness applications. Expert in HIPAA, GDPR, CCP…
Pseudonymised vs Anonymised Data Classification
Classifies data as pseudonymised or anonymised using Recital 26 reasonably likely test, Breyer ruling C-582/14, motivated intruder test, and WP29 Opi…
Skill: privacy-policy-reviewer
Review a privacy policy or terms of service against a structured scorecard, combining TOSDR's human-curated ratings with LLM analysis. Use when a use…
