🧪 Skills

GDPR Compliance Tracker

Assess GDPR compliance readiness and generate gap analysis with remediation guidance. Use when evaluating data privacy compliance, GDPR readiness, EU data pr...

v1.3.0
❤️ 0
⬇️ 29
👁 2
Save📁 Collect
Share

Description

name: gdpr-compliance-tracker description: Assess GDPR compliance readiness and generate gap analysis with remediation guidance. Use when evaluating data privacy compliance, GDPR readiness, EU data protection, privacy impact assessments, data subject rights, consent management, or international data transfer compliance. version: 1.0.0 homepage: https://portal.toolweb.in metadata: openclaw: emoji: "🔐" requires: env: - TOOLWEB_API_KEY bins: - curl primaryEnv: TOOLWEB_API_KEY os: - linux - darwin - win32 category: security

GDPR Compliance Tracker 🔐🇪🇺

Assess your organization's GDPR compliance posture and generate a detailed gap analysis with prioritized remediation steps. Covers all key GDPR requirements including data processing, consent management, data subject rights, breach procedures, international transfers, and DPO requirements.

Built by a CISSP/CISM certified security professional at ToolWeb.in

When to Use

  • User asks about GDPR compliance or readiness
  • User wants a data privacy assessment
  • User mentions EU data protection requirements
  • User asks about consent management or data subject rights
  • User needs to evaluate international data transfer compliance
  • User mentions DPO, DPIA, privacy policy, or breach notification
  • User wants to know if their company is GDPR compliant

Prerequisites

  • TOOLWEB_API_KEY — Get your API key from portal.toolweb.in
  • curl must be available on the system

API Endpoint

POST https://portal.toolweb.in/apis/compliance/gdpr-tracker

Workflow

  1. Gather inputs from the user. All fields are required:

    Company info:

    • company_name — Organization name
    • company_size — "Startup", "Small", "Medium", "Large", "Enterprise"
    • industry — e.g., "Technology", "Healthcare", "Finance", "E-commerce", "Education", "Marketing"
    • eu_presence — Does the org operate in the EU or process EU residents' data? true/false

    Data profile:

    • data_subjects_count — Approximate number of data subjects: "Under 1,000", "1,000-10,000", "10,000-100,000", "100,000-1M", "Over 1M"
    • data_processing_activities — List of activities, e.g., ["Customer data collection", "Email marketing", "Analytics", "Employee records", "Payment processing"]
    • personal_data_types — Types of personal data processed, e.g., ["Names", "Email addresses", "Financial data", "Health data", "Location data", "Biometric data"]
    • data_sources — Where data comes from, e.g., ["Website forms", "Mobile app", "Third-party APIs", "Manual entry", "IoT devices"]

    Data transfers:

    • third_party_processors — Do you share data with third-party processors? true/false
    • international_transfers — Do you transfer data outside the EU? true/false
    • transfer_mechanisms — If international transfers, what mechanisms? e.g., ["Standard Contractual Clauses", "Adequacy Decision", "Binding Corporate Rules", "Consent", "None"]

    Compliance controls (true/false for each):

    • data_retention_policy — Is there a formal data retention policy?
    • privacy_policy_exists — Is there a published privacy policy?
    • consent_management — Is there a consent management system?
    • data_subject_requests — Can you handle DSARs (access, deletion, portability)?
    • breach_procedures — Are there documented breach notification procedures?
    • dpo_appointed — Has a Data Protection Officer been appointed?
    • privacy_impact_assessments — Are DPIAs conducted for high-risk processing?
    • staff_training — Is there regular GDPR training for staff?
    • vendor_agreements — Are there Data Processing Agreements with vendors?

  2. Call the API:

curl -s -X POST "https://portal.toolweb.in/apis/compliance/gdpr-tracker" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $TOOLWEB_API_KEY" \
  -d '{
    "company_name": "<name>",
    "company_size": "<size>",
    "industry": "<industry>",
    "eu_presence": <true/false>,
    "data_subjects_count": "<count_range>",
    "data_processing_activities": ["<activity1>", "<activity2>"],
    "personal_data_types": ["<type1>", "<type2>"],
    "data_sources": ["<source1>", "<source2>"],
    "third_party_processors": <true/false>,
    "international_transfers": <true/false>,
    "transfer_mechanisms": ["<mechanism1>"],
    "data_retention_policy": <true/false>,
    "privacy_policy_exists": <true/false>,
    "consent_management": <true/false>,
    "data_subject_requests": <true/false>,
    "breach_procedures": <true/false>,
    "dpo_appointed": <true/false>,
    "privacy_impact_assessments": <true/false>,
    "staff_training": <true/false>,
    "vendor_agreements": <true/false>
  }'
  1. Parse and present the response with compliance score, gaps, and remediation steps.

Output Format

🔐 GDPR Compliance Assessment
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Organization: [company_name]
Industry: [industry]
EU Presence: [Yes/No]
Data Subjects: [count]

📊 Compliance Score: [XX/100]

✅ Compliant Areas:
[List areas where the org meets GDPR requirements]

🚨 Critical Gaps:
[List non-compliant areas with risk levels]

📋 Priority Actions:
1. [Most urgent remediation step]
2. [Next priority]
3. [Next priority]

📎 Full report powered by ToolWeb.in

Error Handling

  • If TOOLWEB_API_KEY is not set: Tell the user to get an API key from https://portal.toolweb.in (plans start at ₹2,999/month or ~$36/month)
  • If the API returns 401: API key is invalid or expired
  • If the API returns 422: Missing required fields — check all fields are provided
  • If the API returns 429: Rate limit exceeded — wait and retry after 60 seconds
  • If curl is not available: Suggest installing curl

Example Interaction

User: "Check if our e-commerce company is GDPR compliant"

Agent flow:

  1. Ask key questions: "I'll need details about your company. Do you operate in the EU? What personal data do you collect? Do you have a privacy policy and consent management?"
  2. User responds with details
  3. Call API:
curl -s -X POST "https://portal.toolweb.in/apis/compliance/gdpr-tracker" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $TOOLWEB_API_KEY" \
  -d '{
    "company_name": "ShopEU Ltd",
    "company_size": "Medium",
    "industry": "E-commerce",
    "eu_presence": true,
    "data_subjects_count": "100,000-1M",
    "data_processing_activities": ["Customer orders", "Email marketing", "Analytics", "Payment processing"],
    "personal_data_types": ["Names", "Email addresses", "Financial data", "Purchase history", "Location data"],
    "data_sources": ["Website forms", "Mobile app", "Third-party APIs"],
    "third_party_processors": true,
    "international_transfers": true,
    "transfer_mechanisms": ["Standard Contractual Clauses"],
    "data_retention_policy": true,
    "privacy_policy_exists": true,
    "consent_management": true,
    "data_subject_requests": false,
    "breach_procedures": false,
    "dpo_appointed": false,
    "privacy_impact_assessments": false,
    "staff_training": false,
    "vendor_agreements": true
  }'
  1. Present compliance score, compliant areas, gaps, and priority actions

Pricing

  • API access via portal.toolweb.in subscription plans
  • Free trial: 10 API calls/day, 50 API calls/month to test the skill
  • Developer: $39/month — 20 calls/day and 500 calls/month
  • Professional: $99/month — 200 calls/day, 5000 calls/month
  • Enterprise: $299/month — 100K calls/day, 1M calls/month

##About

Created by ToolWeb.in — a security-focused MicroSaaS platform with 200+ security APIs, built by a CISSP & CISM certified professional. Trusted by security teams in USA, UK, and Europe and we have platforms for "Pay-per-run", "API Gateway", "MCP Server", "OpenClaw", "RapidAPI" for execution and YouTube channel for demos.

Related Skills

  • ISO 42001 AIMS Readiness — AI governance compliance
  • OT Security Posture Scorecard — OT/ICS security assessment
  • Threat Assessment & Defense Guide — Threat modeling and defense
  • Data Breach Impact Calculator — Estimate breach costs under GDPR

Tips

  • Companies processing special category data (health, biometric, genetic) face stricter GDPR requirements
  • If you process data of EU residents, GDPR applies even if your company is outside the EU
  • No DPO + high-risk processing = critical compliance gap
  • Re-run assessments after implementing changes to track improvement
  • Use the output for audit preparation and board reporting

Reviews (0)

Sign in to write a review.

No reviews yet. Be the first to review!

Comments (0)

Sign in to join the discussion.

No comments yet. Be the first to share your thoughts!

Compatible Platforms

Links

📂 Source Code

Pricing

Free

Related Configs

🧪 Skill

self-improving-agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

❤️ 2.0k ⬇️ 218k
🧪 Skill

Self Improving Agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. And also 50+ models for image generation, video generation, text-to-speech, spe...

❤️ 2.0k ⬇️ 206k
🧪 Skill

Find Skills

Free

Search, discover, and install skills from the open agent skills ecosystem to extend agent capabilities for specific tasks or domains.

❤️ 814 ⬇️ 199k
🧪 Skill

Summarize

Free

--- name: summarize description: Summarize URLs or files with the summarize CLI (web, PDFs, images, audio, YouTube). homepage: https://summarize.sh metadata: {"clawdbot":{"emoji":"🧾","requires":{"b

❤️ 609 ⬇️ 160k