birthday_messaging/docs/compliance/gdpr-audit.md

# \# GDPR Adequacy Checklist

# 

# \## Governance \& Breach Protocols

# \- DPO appointed and documented

# \- 72-hour breach notification process defined

# 

# \## Consent \& Data Collection

# \- No pre-ticked marketing consent boxes

# \- Explicit consent required for birthday listings

# 

# \## Sensitive Data Handling

# \- Medical data restricted to "unwell" status

# \- Dietary data shared only with explicit consent

# 

# \## International Data Transfers

# \- Photo/video sharing audited for adequacy mechanisms

# 


## Data Protection Officer (DPO)
Name: [Your Name Here]
Role: [Your Role Here]
Contact: [email@example.com]
Date Appointed: [YYYY-MM-DD]

## Data Protection Officer (DPO)
Name:
Role:
Contact:
Date Appointed: