Skills

17
compliance
26
3
Jul 5, 2026

EU AI Act Transparency Assessor

Assesses which of the Art. 50(1)-(5) transparency obligations of the EU AI Act apply to a given AI system's provider or deployer, grounded in the final Code of Practice on Transparency of AI-Generated Content (June 2026) and the Commission's draft Art. 50 Guidelines. Covers AI-chatbot disclosure, deepfake and synthetic-content marking/watermarking, emotion-recognition and biometric-categorisation notices, the machine-readable marking duty, the obviousness exceptions, and the implementation timeline. Outputs a formal mini-report plus a per-obligation compliance checklist with gap flags. For breadth-first tier triage use the EU AI Act System Classifier; for raw Art. 50 text and Q&A use the EU AI Act Knowledge Base; for the full role x tier matrix use the EU AI Act Obligations Mapper.

technology-law
64
17
Jun 16, 2026

EU Data Act

Practitioner skill for EU Regulation 2023/2854 (Data Act). Covers Chapters II-VII (IoT data access, mandatory B2B sharing, unfair contract terms, public-sector exceptional need, cloud switching, third-country governmental access) and Chapter VIII (interoperability and smart contracts, gate-only). Use when the user asks about Data Act rights or obligations, drafts a Data Act notice or letter, reviews a data-sharing or cloud-switching contract under the Data Act, runs a Data Act gap analysis, or asks how the Data Act interacts with GDPR, the DMA, the Trade Secrets Directive, or sectoral law. Triggers include "Data Act", "Datengesetz", "Regulation (EU) 2023/2854", "Art. 4(1) request", "Art. 5(1) third-party request", "trade-secret handbrake", "cloud switching obligations", "Chapter VI", "Ch V exceptional need", and references to specific Data Act articles or recitals.

data-protection
69
15
Jun 13, 2026

Data Processing Agreement Art. 28 GDPR

Review, draft, or redline a Data Processing Agreement (DPA / Auftragsverarbeitungsvertrag / AVV) under Art. 28 GDPR, or prepare a Joint Controller Arrangement under Art. 26 GDPR (basic). Supports bilingual output (DE/EN), both controller- and processor-side perspectives, and two review depths — quick (Art. 28(3)(a)–(h) coverage) and negotiation-grade (clause-by-clause risk scoring).

data-protection
725
496
Jun 11, 2026

GDPR Breach Sentinel

Incident response and legal compliance guidance for data breaches under GDPR Articles 33 & 34. Covers breach risk assessment using ENISA severity methodology, Controller vs Processor obligations, 72-hour notification clock management, EDPB case matching, cross-border Lead SA determination, AI Act Art. 73 intersection, mitigation playbooks, and audit-ready .docx document generation.

+13 more