Automates GDPR Data Subject Access Request (DSAR) workflows including identity verification, PII discovery across databases and files using regex and NER, data mapping, response templating per Article 15 requirements, deadline tracking, and audit logging. Covers ICO/EDPB guidance compliance, exemption handling, and scalable batch processing. Use when building or auditing DSAR response capabilities under GDPR/UK GDPR.
Works with
AI-first code editor with Composer
Before installing skills in Cursor, ensure your development environment meets these requirements:
node --versionimplementing-gdpr-data-subject-access-requestExecute the skills CLI command in your project's root directory to begin installation:
Fetches implementing-gdpr-data-subject-access-request from mukul975/Anthropic-Cybersecurity-Skills and configures it for Cursor.
The CLI shows a list of agents. Use arrow keys and space to select Cursor:
Confirm successful installation by checking the skill directory location:
Restart Cursor to activate implementing-gdpr-data-subject-access-request. Access via /implementing-gdpr-data-subject-access-request in your agent's command palette.
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.
Submit your Claude Code skill and start earning
Quickly understand datasets, identify patterns, and generate insights
Example
Analyze CSV with 100K rows, identify outliers, visualize correlations, suggest hypotheses
Reduce EDA time from hours to minutes, uncover insights faster
Write scripts to clean messy data, handle missing values, normalize formats
Example
Generate Python/SQL to fix date formats, impute missing values, remove duplicates
Automate 80% of data preprocessing work
Perform hypothesis testing, regression, and statistical modeling
Example
Run A/B test analysis, calculate confidence intervals, interpret p-values
0
total installs
0
this week
8.6K
GitHub stars
0
upvotes
Run in your terminal
0
installs
0
this week
8.6K
stars
| name | implementing-gdpr-data-subject-access-request |
| description | 'Automates GDPR Data Subject Access Request (DSAR) workflows including identity verification, PII discovery across databases and files using regex and NER, data mapping, response templating per Article 15 requirements, deadline tracking, and audit logging. Covers ICO/EDPB guidance compliance, exemption handling, and scalable batch processing. Use when building or auditing DSAR response capabilities under GDPR/UK GDPR. ' |
| domain | cybersecurity |
| subdomain | privacy-compliance |
| tags | - gdpr - dsar - privacy - pii-discovery - data-subject-rights - compliance - article-15 |
| version | '1.0' |
| author | mukul975 |
| license | Apache-2.0 |
| nist_csf | - GV.PO-01 - PR.DS-01 - GV.OC-05 |
Under GDPR Article 15, data subjects have the right to obtain from the controller:
Implement a request intake system that captures the request through any channel, verifies the requester's identity, and starts the compliance clock.
from agent import DSARWorkflowEngine
engine = DSARWorkflowEngine(config_path="dsar_config.json")
# Register a new DSAR
request = engine.register_dsar(
requester_name="Jane Smith",
requester_email="[email protected]",
request_channel="email",
request_text="I would like a copy of all personal data you hold about me.",
identity_docs=["passport_verified"],
)
print(f"DSAR ID: {request['dsar_id']}, Deadline: {request['deadline']}")
Scan databases, files, and logs using regex patterns and NER to find all personal data associated with the data subject.
from agent import PIIDiscoveryEngine
pii_engine = PIIDiscoveryEngine()
# Scan structured data (database)
db_results = pii_engine.scan_database(
connection_string="postgresql://user:pass@localhost/appdb",
search_identifiers={"email": "[email protected]", "name": "Jane Smith"},
)
# Scan unstructured data (files, logs)
file_results = pii_engine.scan_files(
directories=["/var/log/app", "/data/exports", "/data/documents"],
search_identifiers={"email": "[email protected]", "name": "Jane Smith"},
)
# Scan with NER for contextual PII detection
ner_results = pii_engine.scan_with_ner(
text_corpus=file_results["raw_text_matches"],
entity_types=["PERSON", "EMAIL", "PHONE_NUMBER", "LOCATION", "DATE_OF_BIRTH"],
)
all_pii = pii_engine.consolidate_results(db_results, file_results, ner_results)
print(f"Found {all_pii['total_records']} PII records across {all_pii['source_count']} sources")
Map discovered PII to processing purposes, legal bases, and retention periods as required by Article 15.
from agent import DataMapper
mapper = DataMapper(data_inventory_path="data_inventory.json")
# Map PII to Article 15 categories
mapped_data = mapper.map_to_article15(
pii_records=all_pii,
data_subject_id="[email protected]",
)
# Output includes processing purposes, recipients, retention for each data category
for category in mapped_data["categories"]:
print(f"Category: {category['name']}")
print(f" Purpose: {category['processing_purpose']}")
print(f" Legal basis: {category['legal_basis']}")
print(f" Retention: {category['retention_period']}")
print(f" Recipients: {', '.join(category['recipients'])}")
Apply exemptions where lawful (third-party data, legal privilege, trade secrets) before compiling the response.
from agent import ExemptionReviewer
reviewer = ExemptionReviewer()
# Check for applicable exemptions
review_result = reviewer.review_exemptions(
mapped_data=mapped_data,
exemption_checks=[
"third_party_data",
"legal_professional_privilege",
"trade_secrets",
"crime_prevention",
"management_forecasting",
],
)
# Apply redactions where exemptions apply
redacted_data = reviewer.apply_redactions(mapped_data, review_result["exemptions"])
print(f"Applied {review_result['exemption_count']} exemptions")
Generate a compliant DSAR response package with cover letter, data export, and supplementary information document.
from agent import DSARResponseGenerator
generator = DSARResponseGenerator(template_dir="templates/")
# Generate complete response package
response = generator.generate_response(
dsar_id=request["dsar_id"],
data_subject="Jane Smith",
mapped_data=redacted_data,
format="pdf", # or "json", "csv"
)
# Package includes: cover letter, data export, supplementary info, audit log
for doc in response["documents"]:
print(f"Generated: {doc['filename']} ({doc['type']})")
Maintain complete audit trail of the DSAR lifecycle for accountability.
from agent import DSARAuditLogger
logger = DSARAuditLogger(log_path="dsar_audit_logs/")
# Log complete DSAR lifecycle
logger.log_event(request["dsar_id"], "request_received", {
"channel": "email",
"identity_verified": True,
})
logger.log_event(request["dsar_id"], "pii_discovery_complete", {
"records_found": all_pii["total_records"],
"sources_scanned": all_pii["source_count"],
})
logger.log_event(request["dsar_id"], "response_sent", {
"format": "pdf",
"documents_count": len(response["documents"]),
"exemptions_applied": review_result["exemption_count"],
})
# Generate compliance report
compliance_report = logger.generate_compliance_report(request["dsar_id"])
from agent import DSARWorkflowEngine, PIIDiscoveryEngine, DSARResponseGenerator
# Full automated pipeline
engine = DSARWorkflowEngine(config_path="dsar_config.json")
pii = PIIDiscoveryEngine()
gen = DSARResponseGenerator(template_dir="templates/")
# 1. Intake
req = engine.register_dsar(
requester_name="John Doe",
requester_email="[email protected]",
request_channel="web_form",
request_text="Please provide all my data under GDPR Article 15.",
identity_docs=["email_verified", "account_match"],
)
# 2. Discover
results = pii.full_scan(
search_identifiers={"email": "[email protected]"},
sources=["database", "files", "logs"],
)
# 3. Generate response
response = gen.generate_response(
dsar_id=req["dsar_id"],
data_subject="John Doe",
mapped_data=results,
)
# 4. Track deadline
engine.update_status(req["dsar_id"], "response_sent")
print(f"DSAR {req['dsar_id']} completed, {engine.days_remaining(req['dsar_id'])} days remaining")
from agent import PIIPatternMatcher
matcher = PIIPatternMatcher()
# Test individual patterns
test_text = "Contact [email protected] or call +44 20 7946 0958. SSN: 123-45-6789"
matches = matcher.scan_text(test_text)
for m in matches:
print(f" [{m['type']}] '{m['value']}' (confidence: {m['confidence']})")
Get statistically sound analysis without PhD in statistics
Create charts, dashboards, and visual reports
Example
Generate matplotlib/seaborn code for time series plots, distribution charts, heatmaps
Build presentation-ready visualizations 3x faster
Prerequisites
Time Estimate
20-40 minutes to set up and run first analysis
Steps
Common Pitfalls
✓ Do
✗ Don't
💡 Pro Tips
✓ Use when
Use for exploratory data analysis, data cleaning, statistical testing, visualization prototyping, and learning new analysis techniques. Best for initial exploration and rapid insights.
✗ Avoid when
Avoid for mission-critical financial analysis, medical research requiring regulatory compliance, production ML models, or when deep statistical expertise is required for nuanced interpretation.
mukul975/Anthropic-Cybersecurity-Skills
mukul975/Anthropic-Cybersecurity-Skills
mukul975/Anthropic-Cybersecurity-Skills
mukul975/Anthropic-Cybersecurity-Skills
mukul975/Anthropic-Cybersecurity-Skills
mukul975/Anthropic-Cybersecurity-Skills
implementing-gdpr-data-subject-access-request fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
implementing-gdpr-data-subject-access-request reduced setup friction for our internal harness; good balance of opinion and flexibility.
Registry listing for implementing-gdpr-data-subject-access-request matched our evaluation — installs cleanly and behaves as described in the markdown.
implementing-gdpr-data-subject-access-request has been reliable in day-to-day use. Documentation quality is above average for community skills.
Useful defaults in implementing-gdpr-data-subject-access-request — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
implementing-gdpr-data-subject-access-request is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.
I recommend implementing-gdpr-data-subject-access-request for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
I recommend implementing-gdpr-data-subject-access-request for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
Keeps context tight: implementing-gdpr-data-subject-access-request is the kind of skill you can hand to a new teammate without a long onboarding doc.
Useful defaults in implementing-gdpr-data-subject-access-request — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
showing 1-10 of 42