gdpr-data-processing-addendum

Solid

Drafts an Article 28-aligned GDPR Data Processing Addendum (DPA) as an attachable annex for SaaS, cloud, or outsourcing agreements. Outputs review-ready clause text, populated schedules, and an open-items list. Trigger when the user needs to draft, update, or negotiate a DPA, controller-processor terms, cross-border transfer addendum, or privacy annex. Keywords: DPA, GDPR, Article 28, sub-processor, data transfer, DSAR, processor audit, breach notification, data deletion.

Data & Documents 21 stars 7 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 74/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

Skill Content

# GDPR Data Processing Addendum (DPA) Draft an execution-ready DPA satisfying GDPR Article 28 controller-processor requirements while preserving commercial operability. ## Prerequisites Collect before drafting: 1. **Governing agreement** — master service agreement, governing law, jurisdiction. 2. **Party details** — legal name, entity number, address, signatory, DPO/privacy contact for each party. 3. **Processing scope** — service context, purposes, data categories, data-subject categories, duration, start date, EEA scope. 4. **Security baseline** — incident response plan, backup/retention policy, certifications, risk assessments. 5. **Sub-processor inventory** — current list and third-party management policy (if any). 6. **Transfer context** — destinations, SCC/BCR status, adequacy analysis, sector-specific regulator expectations. 7. **Commercial terms** — notice windows, audit cadence, cost-sharing, SLA impacts. ## Workflow 1. **Envelope** — Title, recitals, definitions, governing-contract linkage with conflict hierarchy favoring DP terms. 2. **Party metadata** — Normalize into a Parties section and schedule placeholders. 3. **Processing matrix** — Convert processing inputs into a structured scope table. 4. **Clause insertion** (in order): 1. Scope / purpose / nature / duration 2. Processor instructions and purpose limitation 3. Confidentiality and security 4. Sub-processor controls 5. Data-subject rights assistance 6. Breach notification and coopera...

Details

Author: CaseMark
Repository: CaseMark/skills
Created: 3 months ago
Last Updated: today
Language: Python
License: Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

Code & Development Featured

draft-nda

Draft a detailed Non-Disclosure Agreement between two parties covering information types, jurisdiction, and clauses needing legal review. Use when creating confidentiality agreements or preparing an NDA for a partnership.

11,619 Updated 5 days ago

phuryn

AI & Automation Solid

cloud-service-agreement

Draft and fill SaaS agreement templates — cloud contract, MSA, order form, software license, pilot agreement, design partner agreement. Includes variants with SLAs and AI terms. Produces signable DOCX from Common Paper standard forms. Use when user says "SaaS agreement," "cloud contract," "MSA," "order form," "software license," "pilot agreement," or "design partner agreement."

34 Updated today

open-agreements

Data & Documents Featured

prd

Generate a Product Requirements Document (PRD) for a new feature. Use when planning a feature, starting a new project, or when asked to create a PRD. Triggers on: create a prd, write prd for, plan this feature, requirements for, spec out.

77 Updated today

jellydn

AI & Automation Solid

doncheli-prd

Generate professional Product Requirement Documents (PRD) from multiple sources — Figma designs, briefs, user research, existing code. Includes risk analysis, RICE prioritization, Gherkin stories and launch plan. Activate when user mentions "PRD", "product requirements", "requirement document", "product spec", "figma to PRD", "generate PRD".

39 Updated 1 months ago

doncheli