home / skills / jeremylongshore / claude-code-plugins-plus-skills / groq-data-handling

groq-data-handling skill

needs review

/plugins/saas-packs/groq-pack/skills/groq-data-handling

This skill helps you enforce Groq data handling by detecting PII, redacting sensitive fields, and applying retention and GDPR/CCPA compliance.

npx playbooks add skill jeremylongshore/claude-code-plugins-plus-skills --skill groq-data-handling

Review the files below or copy the command above to add this skill to your agents.

Files (1)

SKILL.md

5.4 KB

---
name: groq-data-handling
description: |
  Implement Groq PII handling, data retention, and GDPR/CCPA compliance patterns.
  Use when handling sensitive data, implementing data redaction, configuring retention policies,
  or ensuring compliance with privacy regulations for Groq integrations.
  Trigger with phrases like "groq data", "groq PII",
  "groq GDPR", "groq data retention", "groq privacy", "groq CCPA".
allowed-tools: Read, Write, Edit
version: 1.0.0
license: MIT
author: Jeremy Longshore <[email protected]>
---

# Groq Data Handling

## Overview
Handle sensitive data correctly when integrating with Groq.

## Prerequisites
- Understanding of GDPR/CCPA requirements
- Groq SDK with data export capabilities
- Database for audit logging
- Scheduled job infrastructure for cleanup

## Data Classification

| Category | Examples | Handling |
|----------|----------|----------|
| PII | Email, name, phone | Encrypt, minimize |
| Sensitive | API keys, tokens | Never log, rotate |
| Business | Usage metrics | Aggregate when possible |
| Public | Product names | Standard handling |

## PII Detection

```typescript
const PII_PATTERNS = [
  { type: 'email', regex: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g },
  { type: 'phone', regex: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/g },
  { type: 'ssn', regex: /\b\d{3}-\d{2}-\d{4}\b/g },
  { type: 'credit_card', regex: /\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b/g },
];

function detectPII(text: string): { type: string; match: string }[] {
  const findings: { type: string; match: string }[] = [];

  for (const pattern of PII_PATTERNS) {
    const matches = text.matchAll(pattern.regex);
    for (const match of matches) {
      findings.push({ type: pattern.type, match: match[0] });
    }
  }

  return findings;
}
```

## Data Redaction

```typescript
function redactPII(data: Record<string, any>): Record<string, any> {
  const sensitiveFields = ['email', 'phone', 'ssn', 'password', 'apiKey'];
  const redacted = { ...data };

  for (const field of sensitiveFields) {
    if (redacted[field]) {
      redacted[field] = '[REDACTED]';
    }
  }

  return redacted;
}

// Use in logging
console.log('Groq request:', redactPII(requestData));
```

## Data Retention Policy

### Retention Periods
| Data Type | Retention | Reason |
|-----------|-----------|--------|
| API logs | 30 days | Debugging |
| Error logs | 90 days | Root cause analysis |
| Audit logs | 7 years | Compliance |
| PII | Until deletion request | GDPR/CCPA |

### Automatic Cleanup

```typescript
async function cleanupGroqData(retentionDays: number): Promise<void> {
  const cutoff = new Date();
  cutoff.setDate(cutoff.getDate() - retentionDays);

  await db.groqLogs.deleteMany({
    createdAt: { $lt: cutoff },
    type: { $nin: ['audit', 'compliance'] },
  });
}

// Schedule daily cleanup
cron.schedule('0 3 * * *', () => cleanupGroqData(30));
```

## GDPR/CCPA Compliance

### Data Subject Access Request (DSAR)

```typescript
async function exportUserData(userId: string): Promise<DataExport> {
  const groqData = await groqClient.getUserData(userId);

  return {
    source: 'Groq',
    exportedAt: new Date().toISOString(),
    data: {
      profile: groqData.profile,
      activities: groqData.activities,
      // Include all user-related data
    },
  };
}
```

### Right to Deletion

```typescript
async function deleteUserData(userId: string): Promise<DeletionResult> {
  // 1. Delete from Groq
  await groqClient.deleteUser(userId);

  // 2. Delete local copies
  await db.groqUserCache.deleteMany({ userId });

  // 3. Audit log (required to keep)
  await auditLog.record({
    action: 'GDPR_DELETION',
    userId,
    service: 'groq',
    timestamp: new Date(),
  });

  return { success: true, deletedAt: new Date() };
}
```

## Data Minimization

```typescript
// Only request needed fields
const user = await groqClient.getUser(userId, {
  fields: ['id', 'name'], // Not email, phone, address
});

// Don't store unnecessary data
const cacheData = {
  id: user.id,
  name: user.name,
  // Omit sensitive fields
};
```

## Instructions

### Step 1: Classify Data
Categorize all Groq data by sensitivity level.

### Step 2: Implement PII Detection
Add regex patterns to detect sensitive data in logs.

### Step 3: Configure Redaction
Apply redaction to sensitive fields before logging.

### Step 4: Set Up Retention
Configure automatic cleanup with appropriate retention periods.

## Output
- Data classification documented
- PII detection implemented
- Redaction in logging active
- Retention policy enforced

## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| PII in logs | Missing redaction | Wrap logging with redact |
| Deletion failed | Data locked | Check dependencies |
| Export incomplete | Timeout | Increase batch size |
| Audit gap | Missing entries | Review log pipeline |

## Examples

### Quick PII Scan
```typescript
const findings = detectPII(JSON.stringify(userData));
if (findings.length > 0) {
  console.warn(`PII detected: ${findings.map(f => f.type).join(', ')}`);
}
```

### Redact Before Logging
```typescript
const safeData = redactPII(apiResponse);
logger.info('Groq response:', safeData);
```

### GDPR Data Export
```typescript
const userExport = await exportUserData('user-123');
await sendToUser(userExport);
```

## Resources
- [GDPR Developer Guide](https://gdpr.eu/developers/)
- [CCPA Compliance Guide](https://oag.ca.gov/privacy/ccpa)
- [Groq Privacy Guide](https://docs.groq.com/privacy)

## Next Steps
For enterprise access control, see `groq-enterprise-rbac`.

Overview

This skill implements Groq-focused PII handling, data retention, and GDPR/CCPA compliance patterns for integrations. It provides detection, redaction, retention scheduling, DSAR export, and deletion workflows tailored to Groq-connected services. Use it to reduce privacy risk and maintain auditability while integrating Groq data.

How this skill works

The skill inspects incoming and outgoing Groq payloads for classified sensitive fields and runs regex-based PII detection against free-text content. It applies field-level redaction before logging, enforces configurable retention windows via scheduled cleanup jobs, and exposes DSAR export and deletion routines that coordinate Groq and local stores. Audit entries are recorded for compliance actions.

When to use it

Integrating Groq APIs where user data or logs may include PII or sensitive tokens.
Setting up logging pipelines and needing redaction before storage or observability exports.
Implementing GDPR/CCPA DSAR exports or user data deletion requests for Groq-backed users.
Configuring automated retention and cleanup for API, error, and audit logs.
Auditing data flows to ensure sensitive fields are minimized and encrypted.

Best practices

Classify all Groq data sources by sensitivity (PII, sensitive, business, public) before coding.
Run regex-based PII scans on free text and validate patterns periodically to reduce false negatives.
Redact or remove sensitive fields before any logs or third-party telemetry are emitted.
Keep audit logs immutable and retain them according to legal requirements even when deleting user data.
Schedule daily cleanup jobs with clear retention settings and whitelist 'audit' or 'compliance' records.
Encrypt backups and rotate credentials; never log API keys or raw tokens.

Example use cases

Detect and redact emails, phones, SSNs, and credit card numbers from Groq request/response logs.
Automatically delete non-audit Groq logs older than 30 days while preserving audit records for seven years.
Export a complete DSAR package for a user by aggregating Groq profile and activity data for delivery.
Perform a coordinated deletion: remove user data from Groq, purge local caches, and write a GDPR deletion audit entry.
Minimize data retrieval by requesting only needed fields from Groq and avoiding storage of sensitive attributes.

FAQ

How do I detect PII reliably?

Start with regex patterns for common types (email, phone, SSN, credit cards) and augment with contextual rules and occasional manual review to reduce false positives and negatives.

What should I log after a user deletion?

Log an immutable audit entry containing the action, user ID, service name (groq), timestamp, and a reference ID; avoid logging deleted PII itself.

How do retention policies interact with compliance?

Apply legal retention minima for audit and compliance records, while shorter retention can be used for debug logs; ensure deletions honor DSARs and local regulations.