Skip to content

GDPR Data Privacy Controls

Description

Provides data subject rights management — right to access, right to erasure, data portability — and consent tracking for GDPR compliance. Enables organisations to export or delete all data associated with a contact on request and maintain consent records for audit.

Canonical use case

A customer submits a GDPR erasure request; the platform locates all conversation records, recordings, and personal data linked to the customer's identity and permanently deletes them within the 30-day regulatory deadline.

Open Items

  • [ ] Canon alignment — populate canon_axiom_refs or confirm no existing axiom applies
  • [ ] Dependency assessment — set dependencies_assessed: true once SA has reviewed the full chain
  • [ ] effort_estimate — replace 0 with rough engineering days (order of magnitude)
  • [ ] public_description — write the public-facing description before publishing