Nex GDPR

intent

run this skill to register, track, and process GDPR data subject requests (Articles 15-21) and Belgian AVG compliance obligations. use it when a data subject asks for access to their personal data, deletion, portability, rectification, processing restriction, or objection. the skill scans OpenClaw sessions, agent memory, logs, and databases to discover personal data, generates compliant response letters in dutch and english, processes erasure with secure deletion, exports machine-readable formats, maintains immutable audit trails, and monitors 30-day legal deadlines. designed for belgian agencies, service providers, and data controllers running multiple client operations.

inputs

environment variables:

• OPENCLAW_SESSIONS: path to openclaw session files (default: ~/.openclaw/sessions or ~/.claw/sessions)
• NEX_GDPR_SCAN_PATHS: colon-separated list of additional paths to scan for personal data (e.g., /custom/path1:/custom/path2)

external connections:

• none required. all data operations are local to the machine running the skill.

runtime requirements:

• python3 (binary)
• sqlite3 (for database operations)
• access to ~/.nex-gdpr/ directory (writable, created by setup.sh)
• access to directories being scanned (readable)

initial setup: run bash setup.sh once to create data directory, install python dependencies, and initialize the sqlite database at ~/.nex-gdpr/gdpr.db. this creates tables: requests, data_findings, audit_trail, retention_policies.

procedure

1. register a new data subject request

inputs: request type (ACCESS, ERASURE, PORTABILITY, RECTIFICATION, RESTRICTION, OBJECTION), data subject name, email, optional internal user id.

command:

nex-gdpr new --type <TYPE> --name "<NAME>" --email "<EMAIL>" --id "<USER_ID>"

outputs: request id (integer), status set to PENDING, deadline calculated as today + 30 days (iso 8601), all fields stored in requests table, audit trail entry created.

---

2. scan for personal data

inputs: either email address or request id.

command:

nex-gdpr scan "<EMAIL>"
nex-gdpr scan --request <ID>

scanning locations:

• ~/.openclaw/sessions and ~/.claw/sessions (openclaw session files)
• ~/.nex-memory (agent memory)
• ~/.nex-logs (application logs)
• ~/.nex-uploads (uploaded files)
• other nex-* skill databases (life-logger, inbox, notes, etc.)
• custom paths from NEX_GDPR_SCAN_PATHS env var

pii detection patterns: email addresses, phone numbers, national id numbers, vat numbers, names in context.

outputs: findings list with file path, data type (email, phone, name, etc.), context snippet, file modification date. all results stored in data_findings table. audit trail entry logged with finding count.

---

3. verify data subject identity

inputs: request id, verification method (email confirmation, phone verification, documented identity proof, etc.).

command:

nex-gdpr verify <ID> --method "<METHOD>"

outputs: request status changed to VERIFIED (or IDENTITY_FAILED if verification failed). audit trail entry with verification timestamp and method. must complete before processing.

---

4. process the request

inputs: verified request id.

command:

nex-gdpr process <ID>

automatic sub-steps by request type:

for ACCESS requests:

• locate all findings for the data subject
• create zip export at ~/.nex-gdpr/exports/<ID>_access_<TIMESTAMP>.zip
• include manifest file with metadata (request id, date, findings count, export timestamp)
• include all found data files (copies, not originals)
• set status to COMPLETED
• log audit trail entry

for ERASURE requests:

• locate all findings
• for each file: apply 3-pass secure overwrite (zeros, ones, random), then delete
• for database entries: mark as deleted with anonymized placeholder
• log each erasure operation in audit trail with file path and timestamp
• set status to COMPLETED
• generate deletion report

for PORTABILITY requests:

• locate all findings
• export to json format with schema: {"request_id": <ID>, "subject_email": "<EMAIL>", "export_date": "<ISO8601>", "data": [{"type": "<TYPE>", "value": "<VALUE>", "source": "<FILE>", "date_found": "<ISO8601>"}]}
• create file at ~/.nex-gdpr/exports/<ID>_portability_<TIMESTAMP>.json
• set status to COMPLETED
• log audit trail entry

for RECTIFICATION requests:

• locate all findings
• create correction task in audit trail (not auto-executed)
• set status to PENDING_CORRECTION
• manual correction must be logged via separate audit entry
• mark status as COMPLETED when all corrections are done

for RESTRICTION requests:

• flag data subject in system for processing restriction
• create audit trail entry
• set status to RESTRICTED
• no automatic processing occurs until restriction is lifted

for OBJECTION requests:

• create objection record in audit trail
• set status to OBJECTION_RECEIVED
• requires manual review and business decision
• manual audit entry needed to change status

outputs: processed data (zip, json, or report), status updated, audit trail with processing timestamp and actor.

---

5. generate response letter

inputs: request id (must be at VERIFIED or COMPLETED status).

command:

nex-gdpr letter <ID>

outputs: formal response letter (dutch and english versions) in plain text. letter includes:

• request reference number
• data subject name and email
• request type and rights cited (article 15-21 reference)
• processing date and 30-day deadline
• summary of findings (count and categories, not personal data itself)
• for ACCESS: export file location and how to retrieve
• for ERASURE: confirmation of deletion and timeline
• for PORTABILITY: export format and delivery method
• for RECTIFICATION/RESTRICTION/OBJECTION: status and next steps
• contact information for questions
• compliance statement (GDPR/AVG regulation reference)

letters saved to ~/.nex-gdpr/letters/<ID>_<LANGUAGE>_<TIMESTAMP>.txt.

---

6. show audit trail

inputs: request id.

command:

nex-gdpr audit <ID>

outputs: chronological list of all actions on the request. each entry includes: timestamp (iso 8601), action type (register, scan, verify, process, deny, complete), actor (user, system), details, and status change if applicable. audit trail is append-only (no modifications).

---

7. list and filter requests

inputs: optional filters (status, type, overdue).

commands:

nex-gdpr list
nex-gdpr list --status VERIFIED
nex-gdpr list --type ERASURE
nex-gdpr overdue

outputs: table of matching requests with id, type, status, deadline, data subject email, and days remaining. sorted by deadline (ascending).

---

8. show request details

inputs: request id.

command:

nex-gdpr show <ID>

outputs: full request details including id, type, status, data subject name/email, registration date, deadline, findings count, verification status, processing status, and compact audit trail.

---

9. deny a request

inputs: request id, reason (string).

command:

nex-gdpr deny <ID> --reason "<REASON>"

outputs: status set to DENIED, reason stored in audit trail, audit trail entry logged with timestamp. response letter can still be generated to explain denial.

---

10. complete a request

inputs: request id (must be processed or verified, depending on type).

command:

nex-gdpr complete <ID>

outputs: status set to COMPLETED, completion timestamp recorded, audit trail entry created. marks request as closed.

---

11. export compliance report

inputs: request id.

command:

nex-gdpr export <ID>

outputs: json file at ~/.nex-gdpr/exports/<ID>_report_<TIMESTAMP>.json containing: request metadata, all findings, audit trail entries, response letters (if generated), processing status, and compliance checklist.

---

12. manage data retention policies

inputs: data type (sessions, logs, uploads, memory, audit), retention days, auto-delete flag.

commands:

nex-gdpr retention show
nex-gdpr retention set --type sessions --days 180 --auto-delete

outputs: retention policy stored in database. defaults are: sessions 180 days, logs 90 days, uploads 365 days, memory 90 days, audit trail 2555 days (7 years, non-deletable). auto-delete flag enables automatic cleanup when policy expires.

---

13. run data cleanup

inputs: none (uses retention policies).

commands:

nex-gdpr cleanup --dry-run
nex-gdpr cleanup --execute

dry-run: outputs files that would be deleted without deleting.

execute: deletes files older than retention period, securely overwrites (3-pass), logs each deletion in audit trail. audit trail entries are never deleted.

outputs: cleanup report with count of files deleted, space freed, any errors encountered.

---

14. show gdpr statistics

inputs: none.

command:

nex-gdpr stats

outputs: dashboard showing request counts by status (PENDING, VERIFIED, COMPLETED, DENIED, OVERDUE), counts by type, total pii findings discovered, data volume scanned, overdue request count, and average response time.

---

decision points

decision: should i register the request?

• if data subject provides sufficient identifying information (name, email, or known user id), register the request (go to step 1).
• else, respond to data subject requesting additional identifying information before registration.

decision: is the data subject's identity verified?

• if you have email confirmation, phone verification, documented identity proof, or other accepted method, run verify (step 3). proceed to processing.
• else, request verification from data subject and wait for response before processing. status remains PENDING.

decision: can i process this request?

• if status is VERIFIED, run process (step 4) immediately.
• if status is PENDING, verify identity first (step 3), then process.
• if status is DENIED or COMPLETED, do not process. request is closed.

decision: should i process the request now or extend the deadline?

• if request is complex (multiple data sources, large data volume, requires external coordination), extend deadline by 60 days (allowable under GDPR Article 12(3)). log extension reason in audit trail.
• else, process within 30-day deadline.

decision: what if scan finds no personal data?

• if data_findings is empty, create audit trail entry noting "no personal data found". generate response letter confirming zero findings. mark request as COMPLETED. no export or deletion needed.

decision: what if identity verification fails?

• if data subject cannot verify identity after reasonable attempts, run deny (step 9) with reason "identity could not be verified". generate response letter explaining denial and appeal process. status becomes DENIED.

decision: what if database is not initialized?

• if ~/.nex-gdpr/gdpr.db does not exist, run setup.sh before executing any other commands. setup is idempotent (safe to re-run).

decision: should audit trail entries be deleted?

• never delete audit trail entries. audit trail is append-only. compliance requires immutable history for disputes and regulatory review. retention policy for audit entries is 7 years minimum (2555 days).

decision: what if erasure encounters a locked or permission-denied file?

• log the error in audit trail with file path. continue processing other files. after erasure, generate report listing files that could not be deleted. notify data subject of partial completion (if applicable) or request manual intervention.

decision: what if scan encounters network timeout or unavailable data source?

• log timeout in audit trail. skip that data source. continue scanning other sources. after scan, generate report noting which sources were unavailable. if critical data source is unavailable, extend deadline to allow retry.

decision: what if request id does not exist?

• return error message and exit with code 1. do not create a new request. require user to provide valid id or register new request.

decision: what if retention policy deletes data but audit trail references it?

• audit trail references are stored as text/metadata. do not delete audit trail entries when referenced data expires. audit trail remains complete for compliance history.

---

output contract

request registration: integer request id assigned, unique, stored in requests table.

data scanning: json array of findings, each with: {"type": "email|phone|national_id|vat|name", "value": "<MASKED_VALUE>", "source": "<FILE_PATH>", "date_found": "<ISO8601>", "context_snippet": "<TEXT>"}. stored in data_findings table.

access export: zip file at ~/.nex-gdpr/exports/<ID>_access_<TIMESTAMP>.zip containing manifest.json and data files (copies). manifest includes request id, export date, findings count, file listing.

erasure report: text report listing all files securely deleted (3-pass overwrite), deletion timestamps, and any failures. stored in audit trail.

portability export: json file at ~/.nex-gdpr/exports/<ID>_portability_<TIMESTAMP>.json with schema: {"request_id": <ID>, "subject_email": "<EMAIL>", "export_date": "<ISO8601>", "data": [...]}. machine-readable, no encryption required (but can be encrypted by user).

response letter: plain text file (dutch and english versions) at ~/.nex-gdpr/letters/<ID>_<LANGUAGE>_<TIMESTAMP>.txt. includes article reference, deadline, findings summary, compliance statement, contact info.

audit trail: json array of audit entries, each with: {"timestamp": "<ISO8601>", "action": "<ACTION_TYPE>", "actor": "<USER|SYSTEM>", "request_id": <ID>, "details": "<TEXT>", "status_before": "<STATUS>", "status_after": "<STATUS>"}. stored in audit_trail table. append-only, no modifications.

compliance report: json file at ~/.nex-gdpr/exports/<ID>_report_<TIMESTAMP>.json containing request metadata, all findings, full audit trail, response letters, processing timeline, and compliance checklist.

request list: table output (stdout) with columns: id, type, status, deadline, email, days_remaining. sortable by column.

statistics: dashboard output (stdout) showing counts by status/type, overdue count, total pii findings, scan volume, average response time.

error output: stderr message describing validation failure, file access error, database error, etc. exit code 1 on error.

exit codes: 0 for success, 1 for error.

---

outcome signal

you know this skill worked when:

• request is registered: nex-gdpr list shows the new request with id, status PENDING, and correct deadline 30 days from today.
• data is scanned: nex-gdpr findings <ID> displays discovered personal data (emails, phone numbers, etc.) with file locations and context.
• identity is verified: nex-gdpr show <ID> shows status changed to VERIFIED.
• access request is processed: export zip file exists at ~/.nex-gdpr/exports/<ID>_access_*.zip and is readable; nex-gdpr show <ID> shows status COMPLETED.
• erasure request is processed: files listed in findings are no longer present on disk; audit trail shows "3-pass secure delete" entries for each file; nex-gdpr show <ID> shows status COMPLETED.
• portability request is processed: json export file exists at ~/.nex-gdpr/exports/<ID>_portability_*.json and contains all found data in machine-readable format.
• response letter is generated: .txt file exists in ~/.nex-gdpr/letters/ with correct dutch and english versions, includes GDPR/AVG article references.
• audit trail is maintained: nex-gdpr audit <ID> displays chronological log of every action (register, scan, verify, process, complete) with timestamps.
• deadline is tracked: nex-gdpr overdue returns empty if all requests are on track; shows overdue requests if any exist (deadline passed).
• retention policy is applied: nex-gdpr cleanup --execute deletes old data according to policy; audit trail logs each deletion.
• no errors on exit: command returns exit code 0; no error messages on stderr.

---

credits: original skill design from clawhub. enriched per implexa quality standards.