Screening DPIA RGPD
Filtre les activités de traitement pour les exigences DPIA de l'article 35 du RGPD, avec cartographie des risques et évaluation de seuil avant nouveaux traitements ou fonctions IA.
Official alternative
Anthropic maintains an official plugin workflow for this task. Use it when you want the full marketplace plugin with MCP connectors.
Plugin Privacy Legal/plugin install privacy-legal@claude-for-legal
Official outputs require attorney review before client reliance.
À propos de ce skill
Filtre les activités de traitement pour les exigences DPIA de l'article 35 du RGPD, avec cartographie des risques et évaluation de seuil avant nouveaux traitements ou fonctions IA.
Skills provide structured workflow guidance for attorney-supervised use. They are not legal advice and require human review before client reliance.
Installation
- Download the ZIP and unzip the skill folder.
- In Claude: Settings → Capabilities → Skills → Upload skill folder.
- In Claude Code or Codex: copy the folder into `.claude/skills/` or `~/.agents/skills/`.
- Invoke the skill by describing a task that matches the skill description.
Skills provide structured workflow guidance for attorney-supervised use. They are not legal advice and require human review before client reliance.
Aperçu du workflow exemple
Use synthetic sample matter data to preview the prompt structure and review checklist before downloading or installing.
Données d’exemple uniquement. N’importez pas de documents client.
Sample analytics feature processing description
[SYNTHETIC SAMPLE — NOT A CLIENT DOCUMENT] Product: Website analytics heatmaps for logged-in users Data: account ID, page URLs, click coordinates, session timestamps Purpose: product improvement and UX optimization Recipients: internal product team and EU hosting provider Retention: 24 months Special categories: none declared Automated decisions: none declared
Copier le prompt exemple
Screen this processing activity for GDPR Article 35 DPIA requirements. Map risk factors, state whether a DPIA is required, and list mitigation steps before launch.
Liste de contrôle attendue
- Confirm lawful basis and necessity for each data element
- Check whether DPIA threshold criteria are met
- Document retention and deletion controls
- Escalate to DPO/privacy counsel before production launch
Aperçu du contenu
# GDPR DPIA Screening Determine whether a DPIA is required and outline the next compliance steps. ## Intake Collect: 1. Processing purpose and legal basis 2. Data categories and data subjects 3. Scale, context, and nature of processing 4. New technologies or profiling/ automated decision-making 5. Cross-border transfers and subprocessors ## Screening steps 1. Check WP248 / EDPB criteria and relevant supervisory authority blacklists 2. Identify high-risk indicators (special categories, vulnerable subjects, systematic monitoring, large-scale processing) 3. Assess necessity and proportionality at a high level 4. Map mitigations already in place 5. Decide: DPIA required / not required / borderline — seek DPO review ## Output format ```markdown ## DPIA screening result ## Processing summary ## Risk indicators checklist ## Mitigations in place ## Recommended next steps (full DPIA / Art. 36 consultation / proceed with controls) ## Open questions for DPO or privacy counsel ``` ## Guardrails - Do not invent supervisory authority guidance; cite official sources when referenced. - Flag AI-related processing for enhanced review per current EDPB guidance trends. - Output is screening support, not a completed DPIA.
Sources et références officielles
Skills provide structured workflow guidance for attorney-supervised use. They are not legal advice and require human review before client reliance.