Build a GDPR Compliance Checklist with AI

Build a static HTML GDPR compliance checklist tool. Dark theme with background #0a0a0f, surfaces #12121a, borders #1a1a2a, accent color #6b7280 (gray). All logic runs client-side with localStorage persistence. Include disclaimer: "This tool generates templates for informational purposes only. Consult an attorney for legal advice." Compliance assessment: business type (B2B, B2C, SaaS, e-commerce, marketplace, publisher), EU presence (established in EU, serving EU customers, monitoring EU individuals), organization size (under 250 employees, over 250), data processing volume. Checklist sections (interactive progress tracking): 1. Data Mapping & Inventory: list all personal data collected, identify data sources, map data flows (collection → storage → processing → sharing → deletion), classify data types (basic, sensitive/special category), identify data processors and sub-processors. 2. Lawful Basis Assessment: for each processing activity determine basis (consent, contract, legal obligation, vital interests, public task, legitimate interests). Legitimate interest assessment (LIA) template. Consent requirements checklist (freely given, specific, informed, unambiguous, withdrawable). 3. Privacy Documentation: Records of Processing Activities (ROPA) template (Art. 30), Data Protection Impact Assessment (DPIA) template (Art. 35), privacy policy requirements checklist, internal privacy procedures documentation. 4. Data Subject Rights (Art. 15-22): right of access procedure, right to rectification, right to erasure (right to be forgotten), right to data portability, right to object, automated decision-making/profiling rights. DSAR response template with 30-day timeline tracker. 5. Consent Management: cookie consent implementation checklist, marketing consent mechanisms, consent records requirements, withdrawal of consent process. 6. Data Security (Art. 32): encryption requirements, access control measures, pseudonymization and anonymization, regular security testing, staff training requirements. 7. Breach Management (Art. 33-34): breach detection procedures, 72-hour supervisory authority notification template, data subject notification template, breach register template. 8. International Transfers (Art. 44-49): adequacy decisions list, Standard Contractual Clauses (SCCs), Binding Corporate Rules, transfer impact assessment. 9. DPO Requirements (Art. 37-39): do you need a DPO? (decision tree), DPO responsibilities, DPO independence requirements. Compliance score: percentage complete per section and overall. Export: downloadable compliance report, printable checklist. Progress saved to localStorage. SEO: title, meta description, OG tags. Read the guide at https://accessagent.ai/api/guide and follow it to deploy the site to AccessAgent.ai. My email is [your@email.com].

Add sector-specific GDPR guidance for healthcare (health data processing), fintech (financial data), EdTech (children's data), and HR/recruitment (employee data). Include AI/ML compliance section covering automated decision-making, profiling, and the AI Act requirements. Add ePrivacy Regulation readiness checklist. Redeploy.