Explore

17

Browse the full catalog of community-built skills, connectors, plugins, and worlds.

data-protection
69
15
Jun 13, 2026
O. Schmidt-Prietz /

Data Processing Agreement Art. 28 GDPR

Review, draft, or redline a Data Processing Agreement (DPA / Auftragsverarbeitungsvertrag / AVV) under Art. 28 GDPR, or prepare a Joint Controller Arrangement under Art. 26 GDPR (basic). Supports bilingual output (DE/EN), both controller- and processor-side perspectives, and two review depths — quick (Art. 28(3)(a)–(h) coverage) and negotiation-grade (clause-by-clause risk scoring).

data-protection
46
16
Jun 9, 2026
O. Schmidt-Prietz /

Transfer Impact Assessment (TIA)

GDPR Transfer Impact Assessment for Chapter V transfers under the EDPB Recommendations 01/2020 six-step methodology, the CNIL TIA Guide (January 2025), and EDPB essential guarantees. Handles transfer qualification, Art. 45 adequacy fast-tracks, Art. 46 full assessments with country profiles for 12 jurisdictions, and balanced Art. 49 derogation analysis. Outputs a Markdown report, a .docx formal TIA, and a JSON delta for RoPA interchange.

data-protection
75
10
Jun 25, 2026
S. Kudalkar /

Indian DPDP Act Consent Notice

Draft or review a DPDPA-compliant consent notice under India's Digital Personal Data Protection Act, 2023 and Digital Personal Data Protection Rules, 2025. Provide basic details about your business and this skill handles the rest - building a notice tailored to your operations, with all required sections, granular consent boxes, and internal notes for your team. If you have an existing notice or privacy policy that needs to comply with DPDPA, this skill revises it too, flagging key gaps and changes made.

data-protection
59
18
May 21, 2026
R. Mastronardi /

LGPD Sentinel

LGPD guidance for processing operations in Brazil. Covers legal bases (Articles 7 and 11), DPIA, incidents (Articles 48-49), data subject rights (Article 18), and international transfers. Triggers: LGPD, DPIA, ANPD, data protection, personal data, consent, data protection officer, Brazil DPO, data incident, legitimate interest.

data-protection
118
10
Jun 25, 2026
P. Desai /

DPDPA & GDPR Compliance Review

Performs structured compliance review, clause redlining, and drafting suggestions for legal documents (privacy policies, data processing agreements, vendor and SaaS contracts) against India's DPDPA 2023 and the EU GDPR. Flags clauses as compliant, at-risk, or non-compliant with reasoning, and proposes ready-to-use model replacement language.

data-protection
182
48
May 5, 2026
H. Salard /

Website GDPR Compliance Audit

GDPR compliance audit of a website by a GDPR practitioner/DPO. Systematic assessment using a 10-section checklist: legal notice, hosting provider, forms, newsletter, privacy policy, cookies, passwords, trackers, processors and transfers outside the EU, and accessibility of data subject rights, plus a 22-item appendix covering Articles 13/14 GDPR. Produces a structured report (Markdown, optional .docx) with an overall compliance level, blocking issues, points requiring attention, priority recommendations, and cited regulatory sources (LCEN, GDPR, ePrivacy, CNIL decisions, EDPB, DPF). Tool-agnostic: automated browsing or fallback copy-paste mode. 7 decision trees for edge cases. The practitioner validates all statuses before the report is sent to the client. Technical analysis only, no legal advice.

data-protection
1304
May 28, 2026
G. Moskalev /

pii-shield

PII Shield is an open-source MCP server for Claude Desktop (Cowork and Code) that anonymizes documents *before* they reach the model and restores real values *after* analysis — entirely on the user's machine. The pipeline is local → API → local. The plugin reads a file on disk, replaces detected entities with placeholders like `<PERSON_1>`, `<ORG_2>`, `<IBAN_1>`, and only the placeholder text crosses the wire. Detection combines GLiNER zero-shot NER with **17 jurisdiction-specific patterns** (UK NIN/NHS/passport, DE Tax ID, FR NIR, IT fiscal code, ES DNI/NIE, CY TIC, EU VAT, plus US SSN/EIN, IBAN, crypto wallet, money, dates). A human-in-the-loop review UI renders inside Claude Desktop for false-positive correction. Ships with a companion skill `pii-contract-analyze` exposing six modes — MEMO, REDLINE, SUMMARY, COMPARISON, BULK (up to 5 files, shared placeholders), and ANONYMIZE-only. **Jurisdictions covered (detection patterns):** EU-wide, UK, Germany, France, Italy, Spain, Cyprus, US. Use PII Shield whenever client documents must be analyzed by an LLM but cannot be transmitted in cleartext: NDA / MSA / DPA review, GDPR risk analysis, due diligence on counterparty contracts, employment document handling, DSAR responses, and partial-analysis handoff between colleagues under privilege.

data-protection
195
59
May 5, 2026
H. Salard /

Supplier DPA GDPR Analysis

Systematic analysis of a Data Processing Agreement (DPA) in light of Article 28 of the GDPR, EDPB Guidelines 07/2020 and 02/2024, the 2021 Standard Contractual Clauses, and Regulation (EU) 2024/1689. Generates a structured, clause-by-clause report based on 18 criteria (13 mandatory + 5 supplementary) with a 🟢/ 🟡/🔴, a detailed analysis of international transfers (structured table + government access under the Cloud Act/FISA 702), verification of AI system usage, ready-to-insert contractual remedies, and questions to ask the provider. Designed for DPOs and GDPR practitioners who negotiate or audit data processing agreements.

data-protection
494
May 3, 2026
W. Plutat /

EU AI Act

Deterministic legal tools for the EU AI Act. Covers Annex III high-risk system classification, Article 73 compliance deadlines, Article 99 fine calculations, and jurisdictional mapping across the 27 EU member states. 9 tools, public, no auth required.

data-protection
418
34
Apr 30, 2026
M. Smárason /

Icelandic Privacy Review

Use this skill when asked to review data protection or privacy compliance under Icelandic law and GDPR. Triggers on requests involving personal data processing, privacy policies, DPIA assessments, kennitala handling, Persónuvernd filings, or cross-border data transfers from Iceland.

data-protection
413
75
May 4, 2026
O. Schmidt-Prietz /

Legitimate Interest

Conducts a structured Legitimate Interest Assessment (LIA) under Art. 6(1)(f) GDPR using the full EDPB three-step test — interest identification, strict necessity analysis, and the balancing test with mitigation. Built on EDPB Guidelines 1/2024, Opinion 28/2024 (AI models), CNIL guidance (June 2025), ICO/DUA Act 2025, key CJEU judgments, and DPA positions from DE/FR/NL/AT/IT/ES/UK. Includes specialised modules for AI/ML, marketing, fraud prevention, children's data, employee monitoring, ePrivacy overlap, and cross-border, plus a dedicated Right to Object (Art. 21) response mode and structured LIA output. Use this skill whenever the user mentions GDPR Art. 6(1)(f), legitimate interest, the LIA or three-step test, EDPB/DPA guidance, AI training data lawfulness, web scraping legality, direct marketing or fraud prevention legal basis, employee monitoring, the right to object, or asks for a balancing test — even if they don't say "LIA" explicitly.

data-protection
902
561
Apr 30, 2026
O. Schmidt-Prietz /

DPIA Sentinel

GDPR Data Protection Impact Assessment (DPIA) guidance under Article 35 GDPR, EDPB Guidelines WP 248 rev.01, EDPB Opinion 28/2024 (AI), and national SA blacklists/whitelists. Covers threshold assessment, multi-jurisdictional blacklist checks (DE, FR, IE, BE, NL, IT, PL), 5x5 risk scoring, necessity/proportionality analysis, mitigation mapping, Art. 36 prior consultation, AI dual-phase analysis, and audit-ready .docx generation.

data-protection
725
496
Jun 11, 2026
O. Schmidt-Prietz /

GDPR Breach Sentinel

Incident response and legal compliance guidance for data breaches under GDPR Articles 33 & 34. Covers breach risk assessment using ENISA severity methodology, Controller vs Processor obligations, 72-hour notification clock management, EDPB case matching, cross-border Lead SA determination, AI Act Art. 73 intersection, mitigation playbooks, and audit-ready .docx document generation.

data-protection
549
437
Apr 30, 2026
O. Schmidt-Prietz /

Privacy Notice Generator

Draft GDPR-compliant privacy notices as .docx for any EU/EEA jurisdiction and audience. Supports five notice types (Website/App, Applicant, Employee, Business Partner, B2C Customer) across DE, FR, AT, IT, ES, NL, BE, IE, and UK GDPR. Covers Art. 13/14 disclosures, AI Act transparency, cookie policies, multi-language support, DPIA indicators, and post-generation compliance checklists.

data-protection
596
596
Apr 30, 2026
Anthropic /

Privacy Compliance Advisor

Navigate privacy regulations (GDPR, CCPA), review DPAs, and handle data subject requests. Use when reviewing data processing agreements, responding to data subject access or deletion requests, assessing cross-border data transfer requirements, or evaluating privacy compliance.

data-protection
951
513
May 11, 2026
M. Taiar /

Privacy Policy Generator

Guide for drafting privacy policies compliant with GDPR. Includes CNIL 2020 recommendations, a reference template, and best practices. Use when drafting or revising a privacy policy for a website or application.

data-protection
474
180
May 11, 2026
M. Taiar /

Cookie Policy Generator

Guide for drafting cookie policies compliant with GDPR and the ePrivacy Directive. Includes CNIL 2020 recommendations, a reference template, and best practices. Use when drafting or revising a cookie policy for a website or application.