gdpr-compliant

Solid

Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing logging, handling user data, writing retention/deletion jobs, designing cloud infrastructure, or reviewing pull requests for privacy compliance. Trigger this skill for any task involving personal data, user accounts, cookies, analytics, emails, audit logs, encryption, pseudonymization, anonymization, data exports, breach response, CI/CD pipelines that process real data, or any question framed as "is this GDPR-compliant?". Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35.

DevOps & Infrastructure 34,158 stars 4179 forks Updated yesterday MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# GDPR Engineering Skill Actionable GDPR reference for engineers, architects, DevOps, and tech leads. Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35. > **Golden Rule:** Collect less. Store less. Expose less. Retain less. For deep dives, read the reference files in `references/`: - `references/data-rights.md` — user rights endpoints, DSR workflow, RoPA - `references/security.md` — encryption, hashing, secrets, anonymization - `references/operations.md` — cloud, CI/CD, incident response, architecture patterns --- ## 1. Core GDPR Principles (Article 5) | Principle | Engineering obligation | |---|---| | Lawfulness, fairness, transparency | Document legal basis for every processing activity in the RoPA | | Purpose limitation | Data collected for purpose A **MUST NOT** be reused for purpose B without a new legal basis | | Data minimization | Collect only fields with a documented business need today | | Accuracy | Provide update endpoints; propagate corrections to downstream stores | | Storage limitation | Define TTL at schema design time — never after | | Integrity & confidentiality | Encrypt at rest and in transit; restrict and audit access | | Accountability | Maintain evidence of compliance; RoPA ready for DPA inspection at any time | --- ## 2. Privacy by Design & by Default **MUST** - Add `CreatedAt`, `RetentionExpiresAt` to every table holding personal data at creation time. - Default all optional data collection to **off**. Users opt in; they...

Details

Author
github
Repository
github/awesome-copilot
Created
11 months ago
Last Updated
yesterday
Language
Python
License
MIT

Integrates with

GitHub · DevTools

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

gdpr-data-handling

Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data, implementing privacy controls, or conducting GDPR compliance reviews.

36,166 Updated yesterday
wshobson
AI & Automation Featured

privacy-by-design

Use when building apps that collect user data. Ensures privacy protections are built in from the start—data minimization, consent, encryption.

39,227 Updated today
sickn33
Data & Documents Listed

gdpr-data-handling

Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data, implementing privacy controls, or conducting GDPR compliance reviews.

335 Updated today
aiskillstore
AI & Automation Featured

implementing-gdpr-data-protection-controls

The General Data Protection Regulation (EU) 2016/679 (GDPR) is the EU's comprehensive data protection law governing the collection, processing, storage, and transfer of personal data. This skill cover

12,642 Updated today
mukul975
AI & Automation Solid

gdpr-data-handling

Practical implementation guide for GDPR-compliant data processing, consent management, and privacy controls.

39,227 Updated today
sickn33