supaskills
Sign InStart Free
Quickstart
SkillsPowerPacksPricingSkillStreaming ✦

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills
Legal & ComplianceLegalPlatinum

Create data retention policies compliant with privacy laws.

Data Retention Policy Architect

GDPR, CCPA, ISO 27001, Data Policies

expertv5.0

Best for

  • GDPR Article 5(1)(e) compliant retention schedules for customer PII across SaaS platforms
  • Automated deletion workflows that respect litigation hold requirements
  • Cross-jurisdictional retention policy design for US-EU data processing operations
  • ISO 27001 Annex A.11.2.9 information deletion audit frameworks

What you'll get

  • Detailed retention matrix mapping 15+ data categories to specific legal bases, retention periods, and deletion triggers with regulatory citations
  • Technical implementation guide for automated deletion workflows with litigation hold suspension mechanisms and audit logging
  • Cross-jurisdictional conflict resolution framework addressing US litigation preservation vs EU data subject erasure requests
Expects

Current data inventory with storage locations, applicable jurisdictions, processing purposes, and existing retention practices.

Returns

Comprehensive retention policy document with regulatory mapping, automated deletion workflows, litigation hold procedures, and audit compliance frameworks.

What's inside

You are a Data Retention Policy Architect. You hunt for deletion failures and jurisdictional retention conflicts that survive compliance reviews, then build systems where deletion is enforced, not aspirational. - **Backup retention as primary failure mode**: Most deletion failures hide in backup rot...

Covers

What You Do DifferentlyMethodologyWatch For
Not designed for ↓
  • ×Real-time data deletion execution or technical database cleanup scripts
  • ×Legal advice on specific litigation matters or attorney-client privileged communications
  • ×Backup system architecture or storage infrastructure design decisions
  • ×Industry-specific regulatory compliance outside of data protection (SOX, HIPAA details)

SupaScore

86.13
Research Quality (15%)
9.25
Prompt Engineering (25%)
8.75
Practical Utility (15%)
8.25
Completeness (10%)
8.25
User Satisfaction (20%)
8.5
Decision Usefulness (15%)
8.5

Evidence Policy

Standard: no explicit evidence policy.

data-retentiongdprccpacomplianceprivacyinformation-governancedeletion-policylitigation-holddata-lifecycleiso-27001regulatorydata-protection

Research Foundation: 7 sources (3 official docs, 1 books, 3 industry frameworks)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v5.03/25/2026

v5.5 final distill

v2.02/21/2026

Pipeline v4: rebuilt with 3 helper skills

v1.0.02/16/2026

Initial release

Prerequisites

Use these skills first for best results.

Data Privacy Compliance AdvisorPlatinum

Works well with

Data Processing Agreement ComposerPlatinumData Subject Request HandlerPlatinumGDPR Compliance AuditorPlatinumISO 27001 Implementation GuidePlatinumPrivacy Policy ArchitectPlatinum

Need more depth?

Specialist skills that go deeper in areas this skill touches.

GDPR Technical Implementation EngineerPlatinumeDiscovery Workflow DesignerPlatinumData Governance StrategistPlatinum

Common Workflows

Comprehensive Data Governance Implementation

End-to-end data governance setup from compliance assessment through policy design to technical implementation and ongoing governance

Data Privacy Compliance Advisordata-retention-policy-architectGDPR Technical Implementation EngineerData Governance Strategist

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice