Data Privacy Checklist
by @krishnakumarmahadevan-cmd
Assess data privacy compliance across 20 control areas with 63 controls covering governance, consent, security, breach response, vendor management, and cross...
clawhub install data-privacy-checklistπ About This Skill
name: data-privacy-checklist description: Assess data privacy compliance across 20 control areas with 63 controls covering governance, consent, security, breach response, vendor management, and cross-border transfers. Use when evaluating privacy compliance, data protection readiness, privacy program maturity, GDPR/CCPA checklist, or privacy audit preparation. version: 1.0.0 homepage: https://portal.toolweb.in metadata: openclaw: emoji: "β " requires: env: - TOOLWEB_API_KEY bins: - curl primaryEnv: TOOLWEB_API_KEY os: - linux - darwin - win32 category: security
Data Privacy Checklist Assessment β π
Comprehensive data privacy compliance assessment across 20 control areas and 63 individual controls. Covers data governance, mapping, policies, consent, security, retention, access control, privacy by design, training, incident response, vendor management, data subject rights, cross-border transfers, and more. Returns area-by-area scores with prioritized findings.
Built by a CISSP/CISM certified security professional at ToolWeb.in
When to Use
Prerequisites
TOOLWEB_API_KEY β Get your API key from portal.toolweb.incurl must be available on the systemCRITICAL: Always Call the API
API Endpoint
POST https://portal.toolweb.in/apis/compliance/data-privacy-checklist
Control Areas (20 areas, 63 controls)
| Area Key | Area Name | Controls | IDs | |----------|-----------|----------|-----| | data_governance | Data Governance | 4 | dg.1, dg.2, dg.3, dg.4 | | data_mapping | Data Mapping and Inventory | 3 | dm.1, dm.2, dm.3 | | privacy_policies | Privacy Policies and Notices | 4 | pp.1, pp.2, pp.3, pp.4 | | consent_management | Consent Management | 3 | cm.1, cm.2, cm.3 | | data_minimization | Data Minimization | 3 | dmin.1, dmin.2, dmin.3 | | data_security | Data Security | 4 | ds.1, ds.2, ds.3, ds.4 | | data_retention | Data Retention and Disposal | 3 | dr.1, dr.2, dr.3 | | access_control | Access Control | 3 | ac.1, ac.2, ac.3 | | privacy_by_design | Privacy by Design | 3 | pbd.1, pbd.2, pbd.3 | | employee_training | Employee Training | 3 | et.1, et.2, et.3 | | incident_response | Incident Response and Breach Notification | 3 | ir.1, ir.2, ir.3 | | vendor_management | Vendor Management | 3 | vm.1, vm.2, vm.3 | | data_subject_rights | Data Subject Rights | 3 | dsr.1, dsr.2, dsr.3 | | cross_border | Cross-Border Data Transfers | 3 | cb.1, cb.2, cb.3 | | record_keeping | Record Keeping | 3 | rk.1, rk.2, rk.3 | | privacy_audits | Privacy Audits and Assessments | 3 | pa.1, pa.2, pa.3 | | breach_simulation | Data Breach Simulation | 3 | bs.1, bs.2, bs.3 | | compliance_monitoring | Privacy Compliance Monitoring | 3 | cmon.1, cmon.2, cmon.3 | | data_localization | Data Localization | 3 | dl.1, dl.2, dl.3 | | privacy_communication | Privacy Communication | 3 | pc.1, pc.2, pc.3 |
Workflow
1. Gather inputs from the user. For each control area, ask if they are compliant (yes/no). You can go area by area or ask about all areas at once.
Conversational approach: Ask the user about each area naturally: - "Do you have a formal data governance program with defined roles?" - "Have you mapped all personal data flows in your organization?" - "Do you have published privacy policies and notices?" - Continue for each area...
Map their yes/no answers to the control IDs for each area.
2. Build the controls object from user responses:
{
"data_governance": [
{"controlId": "dg.1", "compliant": true, "notes": ""},
{"controlId": "dg.2", "compliant": false, "notes": "No formal DPO appointed"},
{"controlId": "dg.3", "compliant": true, "notes": ""},
{"controlId": "dg.4", "compliant": false, "notes": ""}
],
"consent_management": [
{"controlId": "cm.1", "compliant": true, "notes": ""},
{"controlId": "cm.2", "compliant": false, "notes": ""},
{"controlId": "cm.3", "compliant": false, "notes": ""}
]
}
3. Call the API:
curl -s -X POST "https://portal.toolweb.in/apis/compliance/data-privacy-checklist" \
-H "Content-Type: application/json" \
-H "X-API-Key: $TOOLWEB_API_KEY" \
-d '{
"tier": "standard",
"controls": {
"data_governance": [
{"controlId": "dg.1", "compliant": true},
{"controlId": "dg.2", "compliant": false},
{"controlId": "dg.3", "compliant": true},
{"controlId": "dg.4", "compliant": false}
],
"data_mapping": [
{"controlId": "dm.1", "compliant": true},
{"controlId": "dm.2", "compliant": false},
{"controlId": "dm.3", "compliant": false}
]
},
"sessionId": ""
}'
Tip: You don't need to include all 20 areas β the API will score missing areas as 0% compliant. Include only the areas the user has provided answers for, or include all with best-effort mapping.
4. Present results clearly with area-by-area scores and prioritized findings.
Output Format
β
Data Privacy Checklist Assessment
ββββββββββββββββββββββββββββββββββββOverall Compliance: [XX]%
Total Controls: 63 | Compliant: [X] | Non-Compliant: [X]
π Area Scores:
β
Data Governance: [X]% (X/4)
β
Data Mapping: [X]% (X/3)
β
Privacy Policies: [X]% (X/4)
β οΈ Consent Management: [X]% (X/3)
β Incident Response: [X]% (X/3)
... [all 20 areas]
π¨ Critical Findings:
[List top non-compliant controls with highest risk]
π Priority Actions:
1. [Most urgent remediation]
2. [Next priority]
3. [Next priority]
π Full report powered by ToolWeb.in
Error Handling
TOOLWEB_API_KEY is not set: Tell the user to get an API key from https://portal.toolweb.incontrolId and compliantExample Interaction
User: "Run a data privacy checklist for our company"
Agent flow: 1. Ask: "I'll assess 20 privacy areas. Let's start with the basics: - Do you have a formal data governance program? - Have you appointed a DPO or privacy lead? - Are all personal data flows mapped and documented? - Do you have a published privacy policy?" 2. User responds with yes/no for each 3. Continue through remaining areas or ask: "Want me to go through all 20 areas, or focus on specific ones?" 4. Build controls object and call API 5. Present overall score, area breakdown, and priority findings
Pricing
About
Created by ToolWeb.in β a security-focused MicroSaaS platform with 200+ security APIs, built by a CISSP & CISM certified professional. Trusted by security teams in USA, UK, and Europe and we have platforms for "Pay-per-run", "API Gateway", "MCP Server", "OpenClaw", "RapidAPI" for execution and YouTube channel for demos.
Related Skills
Tips
β‘ When to Use
βοΈ Configuration
TOOLWEB_API_KEY β Get your API key from portal.toolweb.incurl must be available on the system