Briefs · legal
Data Privacy & Compliance Review
Check how you handle personal data against GDPR / POPIA expectations.
You walk away with
A gap list against privacy principles with proportionate fixes.
Decidi convenes
🛡️ The Privacy Counsel📋 The Compliance Officer🔐 The Security Engineer⚖️ The Risk Officer🔧 The Pragmatist
Recommended level: Deep — The newest, most capable models — for when being wrong is expensive.
What the council debates
Review how we handle personal data and flag the privacy and compliance gaps. WHAT WE DO WITH DATA: [what personal data you collect, how, why, where it is stored, who you share it with, how long you keep it] JURISDICTIONS / FRAMEWORKS: [e.g. GDPR, POPIA, sector rules that apply] THE FEATURE OR CHANGE TRIGGERING THIS: [if any] Debate: 1. Lawful basis and consent — do we have a clear, valid reason for each use. 2. Data minimisation — are we collecting more than we need "just in case". 3. Retention and deletion — do we keep data too long; can we honour deletion requests. 4. Sharing and cross-border transfer — third parties and the risks. 5. The individual's rights — access, correction, deletion, portability. 6. Proportionate controls versus box-ticking. FINAL SYNTHESIS: - A gap list against the core privacy principles, severity-ranked. - The lowest-friction fix for each significant gap. - A clear note that this is general guidance, not legal advice, and a qualified privacy professional should validate.

