Loading...
Loading...
Found 12 Skills
Generate a response to a common legal inquiry using configured templates, with built-in escalation checks for situations that shouldn't use a templated reply. Use when responding to data subject requests, litigation hold notices, vendor legal questions, NDA requests from business teams, or subpoenas.
Provides legal guidance for contracts, compliance, intellectual property, data privacy, and regulatory matters. Use when reviewing contracts, ensuring compliance, protecting IP, or navigating technology law. Triggers include "contract review", "terms of service", "GDPR", "privacy policy", "intellectual property", "licensing", "compliance".
Osano integration. Manage data, records, and automate workflows. Use when the user wants to interact with Osano data.
Audits a codebase or business process for regulatory compliance across GDPR, HIPAA, SOC2, CCPA, and PCI-DSS. Scans for PII handling, data retention, encryption, access controls, audit logging, consent management, and data transfer issues. Generates a structured compliance report with findings, gap analysis, remediation steps, and evidence requirements.
Generate Uganda DPPA 2019 compliance annex for software collecting personal data. Use for any Uganda-based SaaS to produce SRS compliance sections and flag DPIA triggers.
Privacy Dynamics integration. Manage data, records, and automate workflows. Use when the user wants to interact with Privacy Dynamics data.
Extract structured PII spans from text using the OpenAI Privacy Filter 1.5B model reversed — returns what, where, and which type instead of masking.
GDPR compliance implementation. Data subject rights (access, deletion, portability), consent management, data processing records, PII handling, and privacy by design patterns. USE WHEN: user mentions "GDPR", "data privacy", "right to be forgotten", "data deletion", "consent management", "PII", "data subject request", "privacy policy", "cookie consent" DO NOT USE FOR: authentication - use auth skills; encryption - use `cryptography`; audit logging - use `audit-logging`
Orienta sobre a Lei Geral de Proteção de Dados (LGPD – Lei 13.709/2018) do Brasil. Use quando o usuário mencionar LGPD, proteção de dados no Brasil, privacidade de dados, bases legais, direitos do titular, ANPD, dados sensíveis, consentimento ou conformidade com a lei brasileira de dados.
Detect and flag personally identifiable information (PII) in text, code, and configurations
Design and operate privacy and data security programs for SEC-registered firms under Reg S-P, Reg S-ID, and SEC cybersecurity expectations. Use when the user asks about privacy notices, the Safeguards Rule, identity theft prevention programs, breach notification obligations, vendor security due diligence, incident response planning, data classification, or state privacy law compliance. Also trigger when users mention 'customer data was exposed', 'do we need to notify clients of a breach', 'cybersecurity exam prep', 'cloud vendor risk assessment', 'encrypting client data', 'BYOD security policy', 'Red Flags Rule', 'NY DFS 500 requirements', or ask how to handle a cybersecurity incident.
Review a Data Processing Agreement against your DPA playbook — auto-detects whether you're processor or controller and applies the right half of the playbook. Use when the user says "review this DPA", "check this data processing addendum", "customer sent their DPA", "is this DPA okay", or attaches a DPA.