GDPR Compliance Guide¶
How to use Aegis for GDPR and data protection compliance.
Overview¶
Aegis helps organizations comply with GDPR and similar data protection regulations by:
- Detecting personal data before it leaves your systems
- Preventing unauthorized transfers to third parties
- Providing audit trails for data processing activities
- Supporting data residency requirements
Key GDPR Concepts¶
Personal Data Categories¶
| Category | Aegis Detection | GDPR Article |
|---|---|---|
| Identifiers | SSN, ID numbers | Art. 4(1) |
| Contact Data | Email, phone, address | Art. 4(1) |
| Financial | Credit cards, bank accounts | Art. 4(1) |
| Health (PHI) | Medical records | Art. 9 |
| Biometric | Fingerprints, facial data | Art. 9 |
Data Subjects' Rights¶
Aegis supports compliance with:
- Right to be informed (audit logs)
- Right to restriction (blocking policies)
- Right to data portability (metadata mode)
Data Residency¶
Configure Data Region¶
Set data processing region per organization:
# Organization settings
{
"data_region": "EU", # Process data in EU
"retention_mode": "METADATA" # Don't store content
}
Available Regions¶
| Region | Location | GDPR Compliant |
|---|---|---|
EU |
Frankfurt | Yes (primary) |
US |
Virginia | With SCCs |
APAC |
Singapore | With SCCs |
Region Selection¶
from aegis_sdk import Aegis
# SDK respects org's data region setting
aegis = Aegis(license_key="aegis_lic_xxx")
# Automatically routes to EU if org is EU-based
Retention Modes¶
FULL Mode¶
Content is stored for audit purposes:
Use cases: - Incident investigation - Compliance audits - Training data review
METADATA Mode¶
Only metadata is stored (no content):
Stored metadata: - Timestamp - Decision (ALLOWED/BLOCKED/MASKED) - Detection types (not content) - Policy version
Use cases: - GDPR-strict environments - Minimizing data footprint
Processing Legal Basis¶
Legitimate Interest¶
Configure Aegis as a security measure:
# Policy description for legal basis
{
"name": "GDPR Security Policy",
"description": "Legitimate interest: Prevent unauthorized data disclosure",
"legal_basis": "Art. 6(1)(f) - Legitimate interests"
}
Consent-Based Processing¶
For contexts requiring consent:
def check_with_consent(content: str, user_consent: bool) -> str:
if not user_consent:
# Block all personal data without consent
result = aegis.check(content, destination="VENDOR")
if result.detected:
raise ValueError("Content contains personal data; consent required")
return content
Audit Logging¶
Audit Trail¶
Every check is logged:
{
"preflight_id": "pf_abc123",
"timestamp": "2024-01-15T10:30:00Z",
"org_id": "eu_company",
"decision": "BLOCKED",
"detected_types": ["EMAIL", "PHONE"],
"destination": "AI_TOOL",
"policy_version": "1.0"
}
Accessing Audit Logs¶
# Via API
GET /api/audit?org_id=eu_company&limit=100
# Filter by date
GET /api/audit?from=2024-01-01&to=2024-01-31
Export for DPA¶
import json
from datetime import datetime, timedelta
# Export last 30 days for Data Protection Authority
logs = get_audit_logs(
org_id="eu_company",
from_date=datetime.now() - timedelta(days=30),
to_date=datetime.now()
)
with open("dpa_export.json", "w") as f:
json.dump(logs, f)
Policy Configuration¶
EU Data Protection Policy¶
{
"name": "EU GDPR Policy",
"description": "Compliant with GDPR Art. 44-49 (International Transfers)",
"rules": [
{
"name": "Block EU PII to Non-EU",
"description": "Prevent transfer of EU personal data outside EU",
"dataTypes": ["EU_DATA", "PII"],
"destinations": ["AI_TOOL", "VENDOR"],
"action": "BLOCK",
"conditions": ["non_eu_destination"]
},
{
"name": "Mask Email for Analytics",
"description": "Pseudonymization per Art. 4(5)",
"dataTypes": ["PII"],
"destinations": ["VENDOR"],
"action": "MASK"
}
]
}
Cross-Border Transfer Policy¶
{
"name": "Cross-Border Transfer Policy",
"rules": [
{
"name": "Block PHI International Transfer",
"dataTypes": ["PHI"],
"destinations": ["VENDOR"],
"action": "BLOCK"
},
{
"name": "Allow Masked PII with SCCs",
"description": "Standard Contractual Clauses in place",
"dataTypes": ["PII"],
"destinations": ["VENDOR"],
"action": "MASK",
"conditions": ["scc_verified"]
}
]
}
Pseudonymization¶
Aegis supports pseudonymization (Art. 4(5)):
Consistent Masking¶
# Same input produces same masked output
content = "Contact [email protected] for info"
result = aegis.check(content, destination="VENDOR")
# result.content: "Contact [EMAIL_abc123] for info"
# Later reference to same email gets same token
content2 = "Email [email protected] again"
result2 = aegis.check(content2, destination="VENDOR")
# result2.content: "Email [EMAIL_abc123] again"
Reversible Pseudonymization¶
For cases where re-identification is needed:
# Store mapping securely
mapping = aegis.get_pseudonymization_mapping(result)
# {
# "[EMAIL_abc123]": "[email protected]",
# "[PHONE_def456]": "+1-555-123-4567"
# }
# Re-identify when authorized
original = aegis.reverse_pseudonymization(masked_content, mapping)
Data Subject Requests¶
Right to Access (Art. 15)¶
Find all data related to a subject:
# Search audit logs for a data subject
logs = get_audit_logs(
org_id="eu_company",
search="[email protected]"
)
# Generate access report
report = generate_access_report(logs)
Right to Erasure (Art. 17)¶
With METADATA mode, content isn't stored:
# Configure organization for no content retention
org_settings = {
"retention_mode": "METADATA",
# Only timestamps and decisions are stored
}
Right to Restriction (Art. 18)¶
Temporarily block processing:
# Create strict policy for a data subject
restricted_policy = create_policy(
name="Restricted Processing",
rules=[{
"name": "Block All Processing",
"dataTypes": ["ALL"],
"destinations": ["AI_TOOL", "VENDOR", "CUSTOMER"],
"action": "BLOCK"
}]
)
DPO Integration¶
Dashboard Access¶
Grant Data Protection Officer read-only access:
# Create DPO user role
create_user(
email="[email protected]",
role="dpo", # Read-only access to all org data
permissions=["view_audit", "view_analytics", "export_data"]
)
Automated Reports¶
Schedule GDPR compliance reports:
# Weekly GDPR summary
{
"report_type": "gdpr_summary",
"frequency": "weekly",
"recipients": ["[email protected]"],
"include": [
"total_checks",
"blocked_transfers",
"detected_pii_types",
"policy_violations"
]
}
Third-Party AI Tools¶
AI Tool Assessment¶
Before using AI tools, assess data protection:
| AI Tool | Data Location | Aegis Recommendation |
|---|---|---|
| OpenAI | US | Use with MASK policy |
| Anthropic | US | Use with MASK policy |
| Azure OpenAI | EU available | Use EU endpoint |
| Self-hosted | On-premises | ALLOW with logging |
Safe AI Integration¶
from aegis_sdk import Aegis
aegis = Aegis(license_key="...")
def gdpr_safe_ai(prompt: str, ai_provider: str) -> str:
# Determine policy based on AI provider location
if ai_provider in ["openai", "anthropic"]:
destination = "AI_TOOL" # Non-EU, apply strict rules
else:
destination = "AI_TOOL" # EU-hosted
result = aegis.check(prompt, destination=destination)
if result.decision == "BLOCKED":
raise ValueError("Cannot send EU personal data to non-EU AI")
# Use masked content for non-EU AI
return call_ai(result.content, ai_provider)
Compliance Checklist¶
Technical Measures¶
- Configure data region (EU)
- Set retention mode (METADATA preferred)
- Enable audit logging
- Implement BLOCK policy for PHI
- Implement MASK policy for PII to third parties
- Configure pseudonymization for analytics
Organizational Measures¶
- Document legal basis in policy descriptions
- Create DPO dashboard access
- Set up automated compliance reports
- Establish data subject request workflow
- Review AI tool SCCs
Regular Review¶
- Monthly policy effectiveness review
- Quarterly audit log analysis
- Annual DPA compliance assessment
See Also¶
- Multi-Tenant Setup - Organization configuration
- API Reference - Audit log endpoints
- SDK Reference - Detection configuration