# Skills tagged "Data Protection" 23 skills with this tag. URL: https://rakenne.app/skill-tags/data-protection/index.md - [CCPA/CPRA Privacy Program — Compliance Documentation Package](https://rakenne.app/skills/ccpa-cpra-privacy-program/index.md) — Draft and validate the core privacy compliance documentation package required under the California Consumer Privacy Act as amended by CPRA. Covers the privacy policy, DSAR procedures, data inventory, … - [Data Privacy — AIPD (CNIL Standard)](https://rakenne.app/skills/cnil-aipd/index.md) — Conduct a Privacy Impact Assessment (AIPD) under the CNIL standard for France (RGPD). Three-step methodology: Context, Principles, Risks. Validates retention periods against CNIL 'droit à l'oubli' … - [Data Processing Agreement (DPA) — SCC & sub-processor sync](https://rakenne.app/skills/dpa-scc/index.md) — Draft the legal annex for DPAs governing controller–processor data transfers under GDPR and CCPA. Inserts the correct Standard Contractual Clauses by data importer country and validates sub-processor … - [DPC Cross-Border Data Processing (Lead SSA)](https://rakenne.app/skills/dpc-lead-ssa-ropa/index.md) — Draft Article 30 Records of Processing Activities for US firms using Ireland as Lead Supervisory Authority. Covers main establishment justification (GDPR Art. 4(16), EDPB criteria) and validation so … - [GDPR Consent Form (Art. 7)](https://rakenne.app/skills/gdpr-consent-form/index.md) — Draft consent forms and consent notices for personal data processing under GDPR Article 7. Covers all conditions for valid consent: freely given, specific, informed, unambiguous. Includes validation … - [GDPR Gap Assessment](https://rakenne.app/skills/gdpr-gap-assessment/index.md) — Perform a structured gap assessment against GDPR (Regulation 2016/679). Mandatory artifact detector scans for missing compliance documents; maturity rater suggests 0-5 maturity per domain across all … - [GDPR Legitimate Interest Assessment (Art. 6(1)(f))](https://rakenne.app/skills/gdpr-legitimate-interest-assessment/index.md) — Conduct a three-part Legitimate Interest Assessment (LIA) under GDPR Art. 6(1)(f): purpose test, necessity test, and balancing test. Validates against EDPB Opinion 08/2024, WP217, and CJEU case law … - [GDPR Privacy by Design & Default (Art. 25)](https://rakenne.app/skills/gdpr-privacy-by-design/index.md) — Assess and document data protection by design and by default measures per GDPR Article 25 and EDPB Guidelines 4/2019. Covers the seven foundational principles, Hoepman's eight design strategies, Art. … - [GDPR ROPA & DPIA Author](https://rakenne.app/skills/gdpr-ropa-dpia-author/index.md) — Guided elaboration of Records of Processing Activities (ROPA) and Data Protection Impact Assessments (DPIA): processing purposes, legal basis, data categories, recipients, retention, safeguards, and … - [GDPR Vendor & Processor Audit (Art. 28)](https://rakenne.app/skills/gdpr-vendor-processor-audit/index.md) — Plan and document processor audits under GDPR Art. 28(3)(h). Covers Art. 28(3)(a-h) contract compliance, sub-processor chain review, international transfer assessment (SCCs, adequacy, BCRs, TIA), Art. … - [India DPDP Act — Data Protection Impact Assessment](https://rakenne.app/skills/in-dpdp-data-protection-assessment/index.md) — Draft and validate a Data Protection Impact Assessment for Significant Data Fiduciaries under India's Digital Personal Data Protection Act 2023. Covers processing inventory, consent framework, data … - [Japan APPI — Privacy Impact Assessment](https://rakenne.app/skills/jp-appi-privacy-impact-assessment/index.md) — Draft and validate a Privacy Impact Assessment for processing under Japan's Act on the Protection of Personal Information (APPI, amended 2022). Covers data categorisation, cross-border transfer … - [King IV and POPIA Narrative](https://rakenne.app/skills/king-iv-popia-narrative/index.md) — Draft the POPIA–King IV governance narrative linking data protection compliance to King IV Principles 12 and 13 for South African organisations. - [Multi-Jurisdiction Data Processing Agreement (GDPR + CCPA + UK)](https://rakenne.app/skills/multi-jurisdiction-dpa/index.md) — Draft an integrated Data Processing Agreement covering EU GDPR Article 28, EU Standard Contractual Clauses (SCCs), UK IDTA or UK Addendum, and US state privacy laws (CCPA/CPRA, CPA, VCDPA). Includes … - [PDPA — Data Protection Management Programme (Singapore)](https://rakenne.app/skills/sg-pdpa-data-protection-programme/index.md) — Draft and validate the Data Protection Management Programme (DPMP) required by Singapore's Personal Data Protection Act 2012. Covers governance, data inventory, DPIA, breach management plan, and DPO … - [PIIA (SA) — Risk Assessment](https://rakenne.app/skills/piia-sa-risk-assessment/index.md) — Draft the risk assessment for a POPIA PIIA: analyse risks to data subjects' rights and freedoms, including harm, discrimination, and financial loss. - [PIIA (SA) — Systematic Description of Processing](https://rakenne.app/skills/piia-sa-systematic-description-of-processing/index.md) — Draft the systematic description of processing for a POPIA PIIA: step-by-step description of how personal information is collected, used, stored, and deleted. - [POPIA Compliance Framework — Manual & PAIA Manual (South Africa)](https://rakenne.app/skills/za-popia-compliance-framework/index.md) — Draft and validate POPIA (Act 4 of 2013) compliance framework documentation and the mandatory PAIA Manual. Covers the eight conditions for lawful processing, PAIA manual, Information Officer … - [Saudi PDPL — Personal Data Protection Assessment](https://rakenne.app/skills/sa-pdpl-data-protection-assessment/index.md) — Draft and validate data protection compliance documentation under Saudi Arabia's Personal Data Protection Law (Royal Decree M/19 of 2021, amended 2023) and its Implementing Regulations. Covers data … - [UAE Federal PDPL — Data Protection Impact Assessment](https://rakenne.app/skills/ae-pdpl-data-protection-assessment/index.md) — Draft and validate a DPIA under UAE Federal Decree-Law No. 45/2021 on the Protection of Personal Data (PDPL) and its Executive Regulations. Covers data inventory, lawful basis, cross-border transfers, … - [UK GDPR & DPIA (Data Protection)](https://rakenne.app/skills/uk-gdpr-dpia/index.md) — Conduct and validate Data Protection Impact Assessments (DPIAs) under the UK GDPR and ICO guidance for high-risk processing. Suggests technical and organisational safeguards aligned with UK Adequacy … - [Whistleblower System Design (HinSchG)](https://rakenne.app/skills/whistleblower-system-design/index.md) — Erstellt Verfahrensordnungen fuer interne Meldestellen gemaess dem Hinweisgeberschutzgesetz (HinSchG). Validiert Pflichtabschnitte, gesetzliche Fristen (7 Tage Eingangsbestaetigung, 3 Monate … - [Works Council Agreements (BetrVG)](https://rakenne.app/skills/betrvg-works-council-agreements/index.md) — Negotiation-based drafting and validation of Betriebsvereinbarungen (Works Agreements) for IT systems under the Betriebsverfassungsgesetz (BetrVG). Ensures Leistungs- und Verhaltenskontrolle … --- Back to [All Tags](https://rakenne.app/skill-tags/) | [Skill Library](https://rakenne.app/skills/)