Advanced
GDPR data processing inventory: systems, data types, legal bases
Creates a GDPR processing inventory and maps data types to purposes, legal bases, and retention. Useful for privacy compliance and audit readiness.
Create a GDPR data processing inventory for {organization_name}.
Inputs:
- Systems/applications list: {systems_list}
- Personal data types collected: {data_types}
- Processing purposes: {purposes}
- Legal bases (if known): {legal_bases}
- Data sharing/third parties: {third_parties}
- Retention policies: {retention_policies}
Output:
1) Inventory table: system, data types, purpose, legal basis, recipients, retention, security controls, owner.
2) Gaps and risks (missing legal basis, retention unclear, third-party contracts).
3) Action plan to remediate.
4) Documentation suggestions (RoPA, DPAs, DPIAs where needed).
This is not legal advice; coordinate with privacy counsel.Related Prompts
Compliance & Regulatory
AdvancedCybersecurity Incident Response Plan (Firm)
A step-by-step guide for what the firm must do if client data is breached.
GPT-4oClaude 3.5 Sonnet
0
0
24
Compliance & Regulatory
AdvancedSEC Comment Letter Response Draft
Drafts a professional response to inquiries from the SECโs Division of Corporation Finance.
Claude 3.5 SonnetGPT-4o
0
0
23
Compliance & Regulatory
AdvancedSOX scoping memo: in-scope locations, systems, and accounts
Drafts a scoping memo for SOX including in-scope entities, systems, accounts, and rationale. Useful for annual SOX planning and auditor alignment.
GPT-5.2 Thinking; GPT-4.1; o3-mini
0
0
18