AI
Atlas AI
JK
← Template library
GDPRhighv1.0.0 · System

GDPR Data Minimization

Detects when prompts request more personal data than necessary for the stated purpose. Flags for review.

📘Clone & start observing

Creates a Guideline policy. Observation only — nothing is blocked until you promote to Strict.

Mode on clone: log
Defaults to template name. Customise to distinguish multiple instances of the same template.
Leave empty to apply broadly via the template's default data-classification / risk-tier filters.
Rationale

Art. 5(1)(c) requires data to be 'adequate, relevant and limited to what is necessary'. This policy flags broad personal-data queries.

Example violation
Prompt: "Give me all customer records including DOB, address, phone, email, medical conditions for the marketing campaign."
Triggers (1)
  • inputInspect data requests in prompts
Detectors (1)
  • llm_judgebroad-query-detector
    LLM judges proportionality of data request vs stated purpose
Actions (2)
  • flagFlag for DPO review
  • logRecord for compliance audit
Tunable parameters (1)
Proportionality threshold
advancednumber
Confidence above which to flag as disproportionate.
Default: 0.7
Regulatory references
GDPR Art. 5(1)(c)
Template defaults (suggested target after promotion)
Suggested mode
flag
Risk tiers
Data classifications
confidential, restricted
Departments

Cloned policies start in Guideline mode. Use the promotion wizard to flip to Strict once you trust the false-positive rate.