gdpr-data-handling

Implement GDPR-compliant data handling with consent management, data subject rights, and privacy by design. Use when building systems that process EU personal data, implementing privacy controls, or conducting GDPR compliance reviews.

Install with Tessl CLI

npx tessl i github:wshobson/agents --skill gdpr-data-handling

What are skills?

Review — 82%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Validation — 10 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

100%

18%

Cookie Consent Manager

Consent management system

Criteria

Without context

With context

Consent record fields

70%

100%

Audit log included

30%

100%

Atomic consent+audit update

25%

100%

Policy version stored

100%

Proof fields stored

100%

Event bus emission

75%

100%

Latest consent check

100%

Opt-in checkboxes

100%

Separate per-purpose checkboxes

100%

Necessary processing exempt

100%

Consent history accessible

100%

Without context: $0.5345 · 11m 28s · 11 turns · 89 in / 12,242 out tokens

With context: $0.9315 · 10m 4s · 26 turns · 440 in / 12,595 out tokens

100%

13%

User Data Rights Portal

Data subject rights handling

Criteria

Without context

With context

30-day response deadline

100%

Extension provision

100%

Four request types

100%

Identity verification gate

100%

DPO notification on submission

100%

Access response: retention info

100%

Access response: processing purposes

37%

100%

Access response: third-party recipients

100%

Erasure legal exception check

100%

Erasure exception recording

100%

Portability export as JSON

100%

Portability export metadata

100%

Without context: $0.9676 · 8m 22s · 20 turns · 161 in / 20,474 out tokens

With context: $1.7188 · 12m 43s · 38 turns · 610 in / 24,987 out tokens

96%

29%

Privacy-First Data Architecture for Wellness Platform

Privacy-by-design data model and retention

Criteria

Without context

With context

Separate PII schema

100%

Separate analytics schema

100%

UUID user identifiers

100%

Email hash for lookup

100%

PII encrypted with key reference

22%

100%

Pseudonymized analytics IDs

100%

Generalized device info

83%

100%

Country-level location only

100%

Purpose-based data minimization

100%

IP generalization to country

100%

Correct retention periods

37%

75%

Archive before delete

42%

71%

Anonymize analytics not delete

12%

100%

Retention action logging

100%

Without context: $0.9181 · 11m 11s · 24 turns · 193 in / 17,107 out tokens

With context: $1.0743 · 11m 16s · 29 turns · 934 in / 14,135 out tokens

Evaluated: about 19 hours ago
Agent: Claude Code

Table of Contents

Cookie Consent Manager User Data Rights Portal Privacy-First Data Architecture for Wellness Platform

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.