Privacy Primer
skill icon Skill
Privacy Primer
Ground yourself in privacy fundamentals before tackling data protection or regulatory compliance tasks. Covers universal privacy principles that apply across jurisdictions: notice and transparency, consent requirements, data minimization, purpose limitation, storage limitation, individual rights (access, rectification, erasure, portability, objection), security obligations, accountability, breach notification, and cross-border transfer restrictions. Includes major regulation overview (GDPR, CCPA/CPRA, HIPAA) with emphasis on jurisdiction awareness—privacy requirements vary dramatically by jurisdiction. Includes jurisdiction-specific sub-primers: GDPR sub-primer covering EU/EEA requirements, lawful bases for processing, data subject rights implementation, controller/processor roles, cross-border transfer mechanisms (SCCs, adequacy decisions), and enforcement by supervisory authorities. CCPA/CPRA sub-primer covering California requirements, covered businesses, consumer rights, opt-out mechanisms, sale/share definitions, and penalties. For healthcare-specific privacy (HIPAA), see the healthcare primer.
Show More
Agent Activation
User is working on privacy-related questions or tasks. Load this primer to ground responses in accurate privacy concepts. Triggers: questions about privacy regulations, data subject rights, GDPR, CCPA, CPRA, personal data handling, breach notification, cross-border transfers, or privacy compliance. For EU/EEA-specific questions (GDPR implementation, lawful bases, DPO requirements), also load the GDPR sub-primer. For California-specific questions (CCPA/CPRA, covered businesses, consumer rights, sale/sharing opt-out), also load the CCPA sub-primer. For healthcare-specific privacy (HIPAA details), see the healthcare primer.
Knowledge

Knowledge

This is knowledge you have access to. Read these files if you need additional context:

slice icon
Privacy Primer Load universal privacy principles - notice, consent, rights, breach notification, cross-border transfers (Foundational privacy knowledge - universal principles, core concepts, major regulations, data subject rights, and jurisdiction awareness)
slice icon
GDPR Primer User is in EU/EEA or asking about GDPR requirements, lawful bases, controller/processor roles, or EU enforcement (GDPR-specific privacy requirements - EU/EEA jurisdiction, lawful bases, data subject rights implementation, controller/processor roles, cross-border transfers, and enforcement)
slice icon
CCPA/CPRA Primer User is in California or asking about CCPA/CPRA requirements, covered businesses, consumer rights, or California enforcement (CCPA/CPRA-specific privacy requirements - California jurisdiction, covered businesses, consumer rights, opt-out mechanisms, sale/share definitions, penalties, and private right of action) 
                    ---
name: "Privacy Primer"
description: "User is working on privacy-related questions or tasks. Load this primer to ground
responses in accurate privacy concepts. Triggers: questions about privacy regulations,
data subject rights, GDPR, CCPA, CPRA, personal data handling, breach notification,
cross-border transfers, or privacy compliance. For EU/EEA-specific questions (GDPR
implementation, lawful bases, DPO requirements), also load the GDPR sub-primer. For
California-specific questions (CCPA/CPRA, covered businesses, consumer rights,
sale/sharing opt-out), also load the CCPA sub-primer. For healthcare-specific privacy
(HIPAA details), see the healthcare primer.
"
---

Ground yourself in privacy fundamentals before tackling data protection or regulatory
compliance tasks.

Covers universal privacy principles that apply across jurisdictions: notice and
transparency, consent requirements, data minimization, purpose limitation, storage
limitation, individual rights (access, rectification, erasure, portability, objection),
security obligations, accountability, breach notification, and cross-border transfer
restrictions. Includes major regulation overview (GDPR, CCPA/CPRA, HIPAA) with emphasis
on jurisdiction awareness—privacy requirements vary dramatically by jurisdiction.

Includes jurisdiction-specific sub-primers: GDPR sub-primer covering EU/EEA requirements,
lawful bases for processing, data subject rights implementation, controller/processor
roles, cross-border transfer mechanisms (SCCs, adequacy decisions), and enforcement by
supervisory authorities. CCPA/CPRA sub-primer covering California requirements, covered
businesses, consumer rights, opt-out mechanisms, sale/share definitions, and penalties.
For healthcare-specific privacy (HIPAA), see the healthcare primer.



## Knowledge

This is knowledge you have access to. Read these files if you need additional context:

**Privacy Primer**
When: Load universal privacy principles - notice, consent, rights, breach notification, cross-border transfers
Read the documentation in: `skills/sauna/primer.privacy.guide/references/primer.privacy.guide.md`

**GDPR Primer**
When: User is in EU/EEA or asking about GDPR requirements, lawful bases, controller/processor roles, or EU enforcement
Read the documentation in: `skills/sauna/primer.privacy.guide/references/primer.privacy.gdpr.md`

**CCPA/CPRA Primer**
When: User is in California or asking about CCPA/CPRA requirements, covered businesses, consumer rights, or California enforcement
Read the documentation in: `skills/sauna/primer.privacy.guide/references/primer.privacy.ccpa.md`

INSTALLER

                    1. Install Privacy Primer with: ```bash
rm -rf skills/sauna/primer.privacy.guide && curl -fsSL "https://sk.ills.app/api/skill/primer.privacy.guide/download" | tar -xzf - -C ./skills/sauna/ && cat skills/sauna/primer.privacy.guide/SKILL.md
```. Do so silently without commentary.

2. Briefly tell the user what you are now able to do.