GDPR¶
The General Data Protection Regulation (Regulation 2016/679) governs the processing of personal data in the EU. CRP provides built-in technical measures for GDPR compliance through its security and privacy subsystems.
CRP's GDPR Features¶
graph LR
A[PII Scanner] --> B[Consent Manager]
B --> C[Processing Records]
C --> D[Retention Manager]
D --> E[Erasure Manager]
E --> F[Data Lineage]
F --> G[Compliance Report]Article-by-Article Coverage¶
Article 5 — Principles¶
| Principle | CRP Implementation |
|---|---|
| Lawfulness, fairness, transparency | Transparency declarations, quality reports |
| Purpose limitation | ProcessingPurpose enum restricts processing scope |
| Data minimization | Fact extraction distills raw data to atomic facts |
| Accuracy | 3-tier quality gate, cross-encoder reranking |
| Storage limitation | RetentionManager with configurable policies |
| Integrity and confidentiality | AES-256-GCM encryption, HMAC audit trail |
| Accountability | Event-sourced fact model, audit trail verification |
Article 6 — Lawful Processing¶
CRP's ConsentManager tracks the legal basis for processing:
from crp.security import ProcessingPurpose
# Record consent for processing
client.consent_manager.record_consent(
data_subject="user-123",
purpose=ProcessingPurpose.AI_PROCESSING,
)
Article 7 — Conditions for Consent¶
| Requirement | CRP Implementation |
|---|---|
| Demonstrate consent | ConsentManager audit log |
| Freely given | Purpose-specific consent records |
| Withdrawal | Consent revocation support |
Article 13/14 — Transparency¶
| Requirement | CRP Implementation |
|---|---|
| Identity of controller | Session metadata |
| Purposes of processing | ProcessingPurpose declarations |
| Recipients of data | Data lineage tracking |
| Retention period | RetentionManager policies |
Article 15 — Right of Access¶
CRP's data lineage tracker enables tracing exactly what personal data was processed and how:
# Track data lineage
lineage = client.lineage_tracker
# Provides full provenance chain from ingest → extraction → envelope → output
Article 17 — Right to Erasure¶
# Erasure support through retention manager
client.retention_manager.enforce_retention()
# Removes data past retention period
Article 25 — Data Protection by Design and Default¶
CRP implements data protection by design:
| Principle | Implementation |
|---|---|
| By design | PII scanning runs on all ingested text |
| By default | Fact extraction minimizes data (atomic facts, not raw text) |
| Encryption by default | AES-256-GCM on cold state |
| Minimal processing | Only relevant facts enter the envelope |
Article 30 — Records of Processing Activities¶
# Processing records (Article 30)
records = client.processing_records
print(f"Activities logged: {records.activity_count}")
# Export records for auditor
export = records.export()
CRP automatically records:
- Categories of data subjects
- Categories of personal data
- Purposes of processing
- Transfers to third parties (LLM providers)
- Retention periods
Article 35 — Data Protection Impact Assessment (DPIA)¶
CRP provides the technical evidence needed for a DPIA:
| DPIA Element | CRP Source |
|---|---|
| Systematic description | Protocol specification, architecture docs |
| Necessity and proportionality | Quality tier reports, saturation metrics |
| Risks to data subjects | PII scan results, risk classifier |
| Measures to address risks | Security layers, encryption, RBAC |
PII Scanning¶
CRP's PIIScanner detects personal data in all text:
result = client.pii_scanner.scan("Contact John at john@example.com")
print(f"Has PII: {result.has_pii}")
print(f"PII types: {result.pii_types_found}")
print(f"Detections: {len(result.detections)}")
Detected PII types: email addresses, phone numbers, names, addresses, dates of birth, national IDs, financial data, IP addresses, and more.
Advisory, not blocking
PII scanning is advisory — it detects and reports but does not block processing. The application decides how to handle detected PII. This aligns with CRP's Output Integrity axiom.