Your documents stay local
Breach incident details are among the most sensitive information your organisation handles — suspected causes, affected data categories, geographic scope. Don't upload them to a web platform. With Legalcode, your agent runs the triage analysis locally, querying only the notification rules and regulatory thresholds. Your incident facts stay on your device.
- Documents never leave your machine — no uploads to third-party services
- Zero data retention on search content — queries are not logged or stored
- Combine Legalcode with your local files, tools, and workflows in one environment
- Works inside your existing AI agent — Claude Code, ChatGPT, Cursor, or any MCP client
How it works
- 1
Describe the incident to your local agent
Provide the known facts to your AI agent locally: affected data, data subject categories, suspected cause, geographic scope, and time of discovery. Incident details stay on your device — Legalcode is queried only for the applicable notification rules.
- 2
Jurisdictional scope identified
The skill determines which notification regimes apply based on the data subjects' locations, the organisation's establishment, and sector-specific rules (health, financial, telecoms).
- 3
Threshold analysis run per regime
For each applicable regime, the skill applies the notification threshold test — GDPR's 'unlikely to result in a risk' test, US state breach thresholds, sector-specific rules — and gives a binary notify / no-notify output with reasoning.
- 4
Notification timeline and checklist produced
A deadline matrix and notification checklist is produced for each regulator and affected individual group, including required content elements for each notification.
What it produces
- Jurisdiction scope map (which regimes apply and why)
- Notify / no-notify decision per regime with reasoning
- Deadline matrix (DPA notification, individual notification, sector regulator)
- Required content checklist per notification type
- Draft notification structure for DPA notification
Jurisdictions covered
Related skills
FAQ
- My incident details are highly confidential. Are they safe with Legalcode?
- Your incident details never leave your device. The AI agent works with your facts locally and queries Legalcode only for the notification rules, thresholds, and regulatory requirements for each jurisdiction. Zero data retention applies — nothing about your incident is logged, stored, or accessible to Legalcode.
- Does the skill cover US state breach notification laws?
- Yes. The skill covers all 50 US state breach notification statutes plus HIPAA, GLBA, and state-level financial sector rules, identifying which states' laws are triggered by the affected individuals' locations.
- What if the breach is still being investigated and facts are uncertain?
- You can run the triage with known facts and mark uncertain elements as unknown. The skill produces a conservative analysis for uncertain inputs, erring toward notification to avoid regulatory exposure.
- Can the skill draft the DPA notification?
- The skill produces a structured draft of the regulator notification meeting the content requirements of GDPR Article 33(3) or the applicable national form. Full drafting of the final notification document is handled by the Document Drafting skill.
Run Breach Notification Triage locally — no uploads, no data retention
Plug Legalcode into your AI agent and work with your own documents locally. Free tier gives you laws and case law across 24 jurisdictions with full text in your agent's context. Pro unlocks all source types, file downloads to local Markdown, and higher throughput at $39/month ($29 billed annually). The full skill library is available on annual plans.