Browse Skills

DPC GDPR Controller Obligations

    DPC GDPR Ireland Compliance
    Get Started with This Skill

    Overview

    Other controller obligations for DPC checklist: processor/supplier agreements (Art. 27–29), DPO (37–39), DPIA (35).

    Getting Started

    Add your source materials to the project workspace, then activate the DPC GDPR Controller Obligations skill. The agent will guide you through the process step by step.

    Example conversation

    You: We need to tighten our processor contracts and document our DPO decision. We also do some profiling—we might need a DPIA process.

    Agent: I’ll work in three parts. (1) Processor agreements: I’ll draft or checklist clauses for subject matter, security, sub-processors, assistance with breaches and DPIAs, data subject rights, and return/deletion (Art. 28–29). (2) DPO: I’ll draft either the rationale for not appointing a DPO or the appointment, reporting lines, and published contact details (Art. 37–39). (3) DPIA: I’ll draft a procedure for when a DPIA is required and what it must contain (Art. 35), and note high-risk triggers. All aligned to the DPC controller-obligations checklist.

    Output excerpt

    Processor agreement checklist (excerpt)

    • Subject matter, duration, nature and purpose of processing; data categories and data subjects.
    • Obligations of controller (instructions, lawfulness).
    • Confidentiality and security (Art. 32); sub-processors (prior authorisation, same obligations).
    • Assistance with data subject rights, DPIAs, breach notification; return or deletion of data.
    • Audits and inspections.

    DPO — We have documented that a DPO is not required (Art. 37): no public authority; no large-scale systematic monitoring; no large-scale special category/criminal data as core activity). [Alternative: DPO appointed: [Name]; reporting to [Board]; contact published at [URL].]

    DPIA — Procedure: trigger when processing is likely high risk (e.g. profiling with significant effects, large-scale special categories). DPIA must describe processing, necessity and proportionality, risks, and mitigation. Review before going live.

    Extension and validation

    This skill does not include custom validation tools. Elaboration is guided by the skill workflow and reference materials. You can add tools in extension.ts later (e.g. to check required sections or checklist coverage) if you want automated validation.

    Ready to let your expertise drive the workflow?

    Stop wrestling with rigid templates and complex tooling. Write your process in markdown, let the agent handle the rest.

    Get Started