Compliance & Legal
En bref
The compliance and legal console: GDPR request tracker with SLA timers and one-click execution, legal-document publisher with diff viewer and re-acceptance campaigns, security-posture snapshot, DPIA register, public subprocessor list with change notifications, breach-notification workflow under GDPR Article 33, retention-policy overview, and a read-only GDPR snapshot for support.
Comment ça fonctionne
Compliance & Legal centralises every regulatory artefact a federation auditor or DPO might ask for. The GDPR request tracker enumerates user access, export, and erasure requests with deadlines, assignee, and status; an SLA timer surfaces on the dashboard `Attention` panel as deadlines approach. `Execute request` triggers the GDPR service endpoints, packages the output, and stores it for the requester to download. The legal-document publisher builds on the existing PL-T094 infrastructure for ToS, DPA, Privacy Policy, and SLA, with a side-by-side diff viewer between versions.
Re-acceptance campaigns mark a version as requiring fresh consent and track acceptance rate per tenant so legal can prove who has accepted what. Security posture renders a snapshot of CIS benchmarks, SBOM age, and penetration-test findings — the place an SOC2 auditor lands first. The DPIA register logs Data Protection Impact Assessments per feature; a flag highlights features that need DPIA review.
The subprocessor list publishes to `/legal/subprocessors`, keeps a public changelog, and notifies tenants on change so the contractual obligation to inform of subprocessor changes is automated rather than manual. The breach-notification workflow activates when a SEV1 incident is tagged with personal-data impact: a guided workflow drives the operator through the GDPR Article 33 72-hour notification, capturing the supervisory authority recipient, the affected categories, and the remediation steps. Retention policy overview enumerates every collection with its configured TTL versus its observed age and flags anomalies (a collection holding rows older than its policy is a compliance breach in waiting).
Finally, the GDPR snapshot at `GET /sys/users/{id}/gdpr-snapshot` aggregates 13 categories (identity, profiles, tenant memberships, licenses, payments sent and received, matches, tournaments, communications, audit-on-user, linked OAuth, sessions summary, consent history) with sensitive payloads redacted (password hashes, session fingerprints, M2M secrets). It is an internal support tool — explicitly not a replacement for the formal Article 15 export — and is downloadable as JSON. Every read and download is audited as `sys.user.gdpr_snapshot.{read,download}`.
Capacités clés
- GDPR request tracker with deadlines, assignee, and SLA timers
- One-click execute for access/export/erasure with packaged output
- Legal-document publisher with diff viewer and re-acceptance campaigns
- Security posture: CIS benchmarks, SBOM age, pen-test findings
- DPIA register flagging features that need impact assessment
- Public subprocessor list with changelog and tenant notifications
- Breach-notification workflow guiding GDPR Article 33 72-hour reporting
- Retention-policy overview comparing configured TTL vs observed age
- Read-only GDPR snapshot (13 categories, redacted) for support — not the formal Article 15 export
En pratique
A user emails a GDPR Article 15 access request. The DPO opens the GDPR request tracker, creates a record with a 30-day deadline, assigns to herself, and clicks `Execute`. The GDPR service produces a packaged JSON; she downloads, reviews, and emails the requester a signed link.
A week later a SEV1 incident is tagged personal-data-impact: the breach-notification workflow opens, asks for affected categories and remediation steps, and pre-fills a draft for the supervisory authority within the 72-hour window. Separately a support operator opens the GDPR snapshot for a different user to answer a `what data do you have on me` ticket; the snapshot covers all 13 categories without exposing password hashes, and the read is audited.
Fonctionnalités de ce sous-système
10| ID | Status | Fonctionnalités |
|---|---|---|
| F21.13.01 | Livré | GDPR request tracker — user access / export / erasure requests with deadlines, assignee, status. ✅ PL-T133 |
| F21.13.02 | Livré | Execute request — triggers gdpr service endpoints and packages output. SLA timer on dashboard. ✅ PL-T133 |
| F21.13.03 | Livré | Legal document publisher — ToS, DPA, Privacy Policy, SLA. Builds on PL-T094 infrastructure. Diff viewer between versions. ✅ PL-T133 |
| F21.13.04 | Livré | Re-acceptance campaigns — mark a version as requiring re-accept, track acceptance rate per tenant. ✅ PL-T133 |
| F21.13.05 | Livré | Security posture — snapshot of CIS benchmarks, SBOM age, penetration test findings. ✅ PL-T133 |
| F21.13.06 | Livré | DPIA register — log DPIAs per feature; dashboard flags features needing review. ✅ PL-T133 |
| F21.13.07 | Livré | Subprocessor list — public /legal/subprocessors page, changelog, tenant notification on change. ✅ PL-T133 |
| F21.13.08 | Livré | Breach notification workflow — SEV1 incident + personal data impact → guided notification workflow under GDPR Article 33 (72 h). ✅ PL-T133 |
| F21.13.09 | Livré | Retention policy overview — per collection, configured TTL vs observed age, flags anomalies. ✅ PL-T133 |
| F21.13.10 | Livré | GDPR snapshot (read-only) — GET /sys/users/{id}/gdpr-snapshot aggregates 13 categories (identity, profiles, tenant memberships, licenses, payments sent/received, matches, tournaments, communications, audit-on-user, linked OAuth, sessions summary, consent history) with sensitive payloads redacted (password hashes, session fingerprints, M2M secrets). Internal support tool — not a replacement for the formal Article 15 export (F21.13.02). Downloadable JSON, audited as sys.user.gdpr_snapshot.{read,download}. ✅ PL-T148 |