# Privacy & Data Protection > Source: https://legalcode.md/skills/category/privacy | [HTML version](https://legalcode.md/skills/category/privacy) AI skills for GDPR compliance, DPIA generation, data subject rights, and privacy impact assessments across EU and global frameworks. ## Skills - [legalcode-biometric-data-compliance](https://legalcode.md/skills/legalcode-biometric-data-compliance.md) -- Assess biometric data privacy compliance across Illinois BIPA (740 ILCS 14), Texas CUBI (Tex. - [legalcode-board-resolution-drafter](https://legalcode.md/skills/legalcode-board-resolution-drafter.md) -- Drafts board resolutions and unanimous written consents (UWCs) for common corporate actions: officer appointments and removals, equity issuances, stock option and warrant grants (ISO/NSO), equity ince... - [legalcode-breach-affected-party-communication](https://legalcode.md/skills/legalcode-breach-affected-party-communication.md) -- Drafts and reviews the complete suite of breach communications directed at affected individuals and the public following a confirmed personal data breach: individual notification letters with jurisdic... - [legalcode-breach-regulatory-notification-drafter](https://legalcode.md/skills/legalcode-breach-regulatory-notification-drafter.md) -- Draft jurisdiction-specific regulatory notification documents for data protection authorities (DPAs), Attorneys General, and sector regulators following a confirmed data breach. - [legalcode-breach-severity-assessment](https://legalcode.md/skills/legalcode-breach-severity-assessment.md) -- Run multi-jurisdiction personal-data breach severity assessments for legal/privacy and incident-response teams. - [legalcode-canned-responses](https://legalcode.md/skills/legalcode-canned-responses.md) -- Generate, manage, and customize templated responses for routine legal inquiries — data subject requests (DSRs/DSARs), litigation holds, privacy inquiries, vendor questions, NDA requests, legal process... - [legalcode-canned-responses-ccpa](https://legalcode.md/skills/legalcode-canned-responses-ccpa.md) -- Generate, manage, and customize templated responses for routine legal inquiries under California and US federal law — consumer rights requests (CCPA/CPRA), litigation holds, privacy inquiries, vendor... - [legalcode-canned-responses-eu](https://legalcode.md/skills/legalcode-canned-responses-eu.md) -- Generate, manage, and customize templated responses for routine legal inquiries under EU law — data subject requests (DSRs under EU GDPR), litigation holds, privacy inquiries, vendor questions, NDA re... - [legalcode-canned-responses-ew](https://legalcode.md/skills/legalcode-canned-responses-ew.md) -- Generate, manage, and customise templated responses for routine legal inquiries under the laws of England and Wales -- data subject access requests (DSARs) under UK GDPR and DPA 2018, litigation holds... - [legalcode-ch-ndsg-compliance](https://legalcode.md/skills/legalcode-ch-ndsg-compliance.md) -- Switzerland revised Federal Act on Data Protection (nDSG / revDSG / FADP, SR 235.1, in force 1 September 2023) compliance assessment. - [legalcode-consent-mechanism-review](https://legalcode.md/skills/legalcode-consent-mechanism-review.md) -- Reviews consent collection mechanisms for validity under GDPR Article 7, EDPB Guidelines 05/2020 on consent, and EDPB Guidelines 03/2022 on deceptive design patterns. - [legalcode-cookie-compliance-audit](https://legalcode.md/skills/legalcode-cookie-compliance-audit.md) -- Audit cookie and tracking technology implementations for ePrivacy Directive and GDPR compliance. - [legalcode-cross-border-transfer-assessment](https://legalcode.md/skills/legalcode-cross-border-transfer-assessment.md) -- Assess the lawfulness of international personal data transfers under GDPR Chapter V, UK GDPR, and Swiss DPA (nDSG). - [legalcode-data-mapping-workflow](https://legalcode.md/skills/legalcode-data-mapping-workflow.md) -- Conduct end-to-end data mapping exercises to build Records of Processing Activities (RoPA) compliant with GDPR Article 30, CCPA/CPRA, LGPD, PIPEDA, and APPI. - [legalcode-dpa-review-and-negotiation](https://legalcode.md/skills/legalcode-dpa-review-and-negotiation.md) -- Review and negotiate Data Processing Agreements (DPAs) clause-by-clause against GDPR Article 28 mandatory requirements, UK GDPR equivalents, CCPA/CPRA service provider contract provisions, and LGPD op... - [legalcode-dpia-generator](https://legalcode.md/skills/legalcode-dpia-generator.md) -- Build and review Data Protection Impact Assessments (DPIAs) for high-risk processing under GDPR/UK GDPR and aligned privacy regimes. - [legalcode-eu-dpia-assessment](https://legalcode.md/skills/legalcode-eu-dpia-assessment.md) -- Perform EU Data Protection Impact Assessments (DPIAs) under GDPR Article 35, EDPB Guidelines WP 248 rev.01, EDPB Opinion 28/2024 (AI/ML systems), EDPB Guidelines 01/2025 (Pseudonymisation), and nation... - [legalcode-eu-gdpr-breach-notification-operations](https://legalcode.md/skills/legalcode-eu-gdpr-breach-notification-operations.md) -- Runs the complete EU GDPR personal data breach response workflow from initial incident triage through post-incident remediation. - [legalcode-eu-privacy-notice-drafter](https://legalcode.md/skills/legalcode-eu-privacy-notice-drafter.md) -- Draft and review GDPR-compliant privacy notices for any EU/EEA audience or jurisdiction. - [legalcode-fr-cnil-privacy-compliance](https://legalcode.md/skills/legalcode-fr-cnil-privacy-compliance.md) -- Assess an organization's privacy compliance against French data protection law: the Loi Informatique et Libertés (LIL, Loi n°78-17 du 6 janvier 1978 modifiée), CNIL regulatory guidance, and GDPR as im... - [legalcode-gdpr-legal-basis-assessment](https://legalcode.md/skills/legalcode-gdpr-legal-basis-assessment.md) -- Systematically assess the appropriate GDPR Article 6 lawful basis for any processing activity — covering consent (Art. - [legalcode-hipaa-compliance-assessment](https://legalcode.md/skills/legalcode-hipaa-compliance-assessment.md) -- HIPAA compliance assessment for covered entities and business associates covering the Security Rule (45 CFR Part 164 Subpart C), Privacy Rule (45 CFR Part 164 Subpart E), and Breach Notification Rule... - [legalcode-jurisdiction-mapper](https://legalcode.md/skills/legalcode-jurisdiction-mapper.md) -- Produces comparative legal matrices across multiple jurisdictions for privacy and data protection, employment law, data localization, consumer protection, contract enforcement, and corporate governanc... - [legalcode-legal-risk-assessment](https://legalcode.md/skills/legalcode-legal-risk-assessment.md) -- Assess legal risk across an organization, transaction, product, or initiative — identify risks by category (regulatory, contractual, litigation, IP, data privacy, employment, corporate governance), sc... - [legalcode-legitimate-interest-assessment](https://legalcode.md/skills/legalcode-legitimate-interest-assessment.md) -- Conduct a three-part Legitimate Interest Assessment (LIA) under GDPR Art. - [legalcode-multi-jurisdiction-privacy-comparison](https://legalcode.md/skills/legalcode-multi-jurisdiction-privacy-comparison.md) -- Perform a side-by-side comparison of global privacy law requirements for specific processing activities or business operations across 12+ international regimes. - [legalcode-privacy-policy-drafter](https://legalcode.md/skills/legalcode-privacy-policy-drafter.md) -- Draft, localize, and QA website/app privacy policies and notice-at-collection content across GDPR/UK GDPR, CCPA/CPRA, LGPD, and expanding state/global privacy regimes. - [legalcode-regulatory-change-tracker](https://legalcode.md/skills/legalcode-regulatory-change-tracker.md) -- Monitor regulatory landscape changes and assess their impact on organizational compliance posture across privacy, employment, financial services, environmental, AI, and sector-specific regulations. - [legalcode-ropa-generator](https://legalcode.md/skills/legalcode-ropa-generator.md) -- Generate Article 30 Records of Processing Activities (RoPA) for controllers and processors under GDPR, UK GDPR, Swiss FADP, and Brazil LGPD. - [legalcode-soc2-readiness-assessment](https://legalcode.md/skills/legalcode-soc2-readiness-assessment.md) -- Assess SOC 2 Type I and Type II readiness across all five AICPA Trust Service Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy). - [legalcode-us-state-privacy-comparison](https://legalcode.md/skills/legalcode-us-state-privacy-comparison.md) -- Compare all enacted US state comprehensive privacy laws to determine applicability, map consumer rights obligations, and produce a compliance gap analysis for multi-state operations. - [legalcode-vendor-privacy-assessment](https://legalcode.md/skills/legalcode-vendor-privacy-assessment.md) -- Conduct comprehensive privacy risk assessments of third-party vendors and service providers. --- *Legalcode -- legalcode.md*