GDPR Privacy Request Agent

Sole architect and builder

Stack

  • Laravel
  • Claude Code
  • Google Workspace API

Numbers

  • ~10 staff hours/month reclaimed
  • Response time: days → under an hour
  • ~150 requests/month handled with full audit trail

Problem

Inbound GDPR privacy requests were arriving at a rate of about 150 per month. Each one required parsing the request type (access, deletion, correction), looking up the participant across multiple databases, executing the appropriate action, and responding within regulatory timeframes. The work was roughly ten hours of staff time monthly and growing.

Approach

Built a fully automated Google Workspace–integrated agent that parses inbound requests, performs database lookup, executes the action, and responds in-thread. Human review only for exceptions.

Outcome

Reclaimed ~10 staff hours per month. Response times dropped from days to under an hour. Compliance posture strengthened, not weakened, because the system logs every action with timestamps.