GDPR Compliance for Marketing

GDPR and German DSGVO compliance automation. Scans codebases for privacy risks, generates DPIA documentation, tracks data subject rights requests. Use for GDPR compliance assessments, privacy audits, data protection planning, DPIA generation, and data subject rights management.

Navigate privacy regulations (GDPR, CCPA), review DPAs, and handle data subject requests. Use when reviewing data processing agreements, responding to data subject access or deletion requests, assessing cross-border data transfer requirements, or evaluating privacy compliance.

Master skill for legal teams using Claude. Loads the right reference for the user's question (privilege configuration, MCP hardening, verification, long documents, practice-area patterns, skill authoring) and routes to specialized starter skills (NDA triage, version diff, meeting brief, citation verification, status synthesis). Auto-invokes when the user mentions legal work, contracts, redlines, NDAs, privilege, attorney-client, court filings, depositions, regulatory compliance, or asks how to set up Claude for a law firm or in-house legal team.

Invoke when the user needs to set up analytics, define telemetry events, establish KPIs, build dashboards, configure A/B testing, or implement data-driven design capabilities. Triggers on: "analytics", "telemetry", "KPIs", "metrics", "player data", "retention", "DAU", "dashboard", "A/B testing", "funnel analysis". Do NOT invoke for balance tuning (use game-balance-check) or economy design (use game-economy-designer). Part of the AlterLab GameForge collection.

Elite incident response and legal compliance guidance for data breaches under GDPR Articles 33 & 34. Use when: (1) User reports a data breach or security incident, (2) User asks about breach notification obligations or deadlines, (3) User mentions "72 hours", Art. 33, Art. 34, or notification requirements, (4) Discussion involves security incidents affecting personal data, (5) User needs breach risk assessment using ENISA methodology, (6) User mentions "Data Breach" or "Incident" or "Data Leakage" or "Ransomeware" or "Exfiltration", (7) User needs to determine Controller vs Processor obligations, (8) Cross-border breach scenarios requiring Lead SA determination, (9) User needs a mitigation playbook or immediate response recommendations, (10) User needs to generate audit-ready breach documentation (.docx).

GDPR Data Protection Impact Assessment (DPIA) guidance under Article 35 GDPR, EDPB Guidelines WP 248 rev.01, EDPB Opinion 28/2024 (AI), and national SA blacklists/whitelists. Triggers: "DPIA", "DSFA", "Datenschutz-Folgenabschätzung", "impact assessment", "Art. 35", "do I need a DPIA", descriptions of new high-risk processing (profiling, AI, biometrics, large-scale monitoring, special category data), Art. 36 prior consultation questions, national blacklist/whitelist queries.