Merge feat/zeroclaw-compliance-agent into main
Brings all compliance doc-check features: - 162 regex checks + 1874 Master Controls - LLM-agnostic agent with tool calling - Banner check (46 checks, 30 CMPs, stealth, Shadow DOM) - Impressum check (24 checks) - Deep consent verification (DataLayer, GCM, TCF) - CMP E2E tests (39 tests) - HTML email reports, FAQ, persistent history Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -1,7 +1,9 @@
|
||||
'use client'
|
||||
|
||||
import { useState } from 'react'
|
||||
import { LegalTemplateResult } from '@/lib/sdk/types'
|
||||
import { RuleEngineResult } from '../ruleEngine'
|
||||
import ReviewAssignmentPanel from './ReviewAssignmentPanel'
|
||||
|
||||
interface GeneratorPreviewTabProps {
|
||||
template: LegalTemplateResult
|
||||
@@ -10,8 +12,76 @@ interface GeneratorPreviewTabProps {
|
||||
missing: string[]
|
||||
onCopy: () => void
|
||||
onExportMarkdown: () => void
|
||||
onSaveToWorkflow?: () => void
|
||||
saveStatus?: string | null
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// Lightweight Markdown → HTML (no dependency needed)
|
||||
// ============================================================================
|
||||
|
||||
function markdownToHtml(md: string): string {
|
||||
let html = md
|
||||
// Escape HTML entities first
|
||||
.replace(/&/g, '&')
|
||||
.replace(/</g, '<')
|
||||
.replace(/>/g, '>')
|
||||
|
||||
// Headings
|
||||
html = html.replace(/^#### (.+)$/gm, '<h4>$1</h4>')
|
||||
html = html.replace(/^### (.+)$/gm, '<h3>$1</h3>')
|
||||
html = html.replace(/^## (.+)$/gm, '<h2>$1</h2>')
|
||||
html = html.replace(/^# (.+)$/gm, '<h1>$1</h1>')
|
||||
|
||||
// Horizontal rules
|
||||
html = html.replace(/^---$/gm, '<hr/>')
|
||||
|
||||
// Bold + Italic
|
||||
html = html.replace(/\*\*\*(.+?)\*\*\*/g, '<strong><em>$1</em></strong>')
|
||||
html = html.replace(/\*\*(.+?)\*\*/g, '<strong>$1</strong>')
|
||||
html = html.replace(/\*(.+?)\*/g, '<em>$1</em>')
|
||||
|
||||
// Links
|
||||
html = html.replace(/\[([^\]]+)\]\(([^)]+)\)/g, '<a href="$2" class="text-purple-600 underline">$1</a>')
|
||||
|
||||
// Tables (simple)
|
||||
html = html.replace(/^\|(.+)\|$/gm, (match) => {
|
||||
const cells = match.split('|').filter(c => c.trim())
|
||||
const isHeader = cells.every(c => /^[\s-:]+$/.test(c))
|
||||
if (isHeader) return '<!-- separator -->'
|
||||
const tag = 'td'
|
||||
return '<tr>' + cells.map(c => `<${tag}>${c.trim()}</${tag}>`).join('') + '</tr>'
|
||||
})
|
||||
|
||||
// Wrap consecutive table rows
|
||||
html = html.replace(/((?:<tr>.*<\/tr>\n?<!-- separator -->\n?)?(?:<tr>.*<\/tr>\n?)+)/g, (block) => {
|
||||
const rows = block.split('\n').filter(r => r.startsWith('<tr>'))
|
||||
if (rows.length === 0) return block
|
||||
const headerRow = rows[0].replace(/<td>/g, '<th>').replace(/<\/td>/g, '</th>')
|
||||
const bodyRows = rows.slice(1).join('\n')
|
||||
return `<table><thead>${headerRow}</thead><tbody>${bodyRows}</tbody></table>`
|
||||
})
|
||||
|
||||
// Remove separator comments
|
||||
html = html.replace(/<!-- separator -->\n?/g, '')
|
||||
|
||||
// Unordered lists
|
||||
html = html.replace(/^- (.+)$/gm, '<li>$1</li>')
|
||||
html = html.replace(/((?:<li>.*<\/li>\n?)+)/g, '<ul>$1</ul>')
|
||||
|
||||
// Paragraphs (lines that aren't already HTML)
|
||||
html = html.replace(/^(?!<[a-z/]|$)(.+)$/gm, '<p>$1</p>')
|
||||
|
||||
// Clean up empty paragraphs
|
||||
html = html.replace(/<p>\s*<\/p>/g, '')
|
||||
|
||||
return html
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// Component
|
||||
// ============================================================================
|
||||
|
||||
export default function GeneratorPreviewTab({
|
||||
template,
|
||||
ruleResult,
|
||||
@@ -19,13 +89,20 @@ export default function GeneratorPreviewTab({
|
||||
missing,
|
||||
onCopy,
|
||||
onExportMarkdown,
|
||||
onSaveToWorkflow,
|
||||
saveStatus,
|
||||
}: GeneratorPreviewTabProps) {
|
||||
const [viewMode, setViewMode] = useState<'preview' | 'markdown'>('preview')
|
||||
|
||||
const htmlContent = markdownToHtml(renderedContent)
|
||||
|
||||
return (
|
||||
<div className="space-y-4">
|
||||
{/* Violations */}
|
||||
{ruleResult && ruleResult.violations.length > 0 && (
|
||||
<div className="bg-red-50 border border-red-200 rounded-xl p-4">
|
||||
<p className="text-sm font-semibold text-red-700 mb-2">
|
||||
🔴 {ruleResult.violations.length} Fehler
|
||||
{ruleResult.violations.length} Fehler
|
||||
</p>
|
||||
<ul className="space-y-1">
|
||||
{ruleResult.violations.map((v) => (
|
||||
@@ -36,6 +113,8 @@ export default function GeneratorPreviewTab({
|
||||
</ul>
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Warnings */}
|
||||
{ruleResult && ruleResult.warnings.filter((w) => w.id !== 'WARN_LEGAL_REVIEW').length > 0 && (
|
||||
<div className="bg-yellow-50 border border-yellow-200 rounded-xl p-4">
|
||||
<ul className="space-y-1">
|
||||
@@ -43,69 +122,156 @@ export default function GeneratorPreviewTab({
|
||||
.filter((w) => w.id !== 'WARN_LEGAL_REVIEW')
|
||||
.map((w) => (
|
||||
<li key={w.id} className="text-xs text-yellow-700">
|
||||
🟡 <span className="font-mono font-medium">[{w.id}]</span> {w.message}
|
||||
<span className="font-mono font-medium">[{w.id}]</span> {w.message}
|
||||
</li>
|
||||
))}
|
||||
</ul>
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Legal notice */}
|
||||
{ruleResult && (
|
||||
<div className="bg-blue-50 border border-blue-200 rounded-xl p-3">
|
||||
<p className="text-xs text-blue-700">
|
||||
ℹ️ Rechtlicher Hinweis: Diese Vorlage ist MIT-lizenziert. Vor Produktionseinsatz
|
||||
wird eine rechtliche Überprüfung dringend empfohlen.
|
||||
Rechtlicher Hinweis: Diese Vorlage ist MIT-lizenziert. Vor Produktionseinsatz
|
||||
wird eine rechtliche Ueberpruefung dringend empfohlen.
|
||||
</p>
|
||||
</div>
|
||||
)}
|
||||
{ruleResult && ruleResult.appliedDefaults.length > 0 && (
|
||||
<p className="text-xs text-gray-400">
|
||||
Defaults angewendet: {ruleResult.appliedDefaults.join(', ')}
|
||||
</p>
|
||||
)}
|
||||
|
||||
{/* Toolbar */}
|
||||
<div className="flex items-center justify-between flex-wrap gap-2">
|
||||
<span className="text-sm text-gray-600">
|
||||
{missing.length > 0 && (
|
||||
<span className="text-orange-600">
|
||||
⚠ {missing.length} Platzhalter noch nicht ausgefüllt
|
||||
</span>
|
||||
)}
|
||||
</span>
|
||||
<div className="flex gap-2">
|
||||
<div className="flex gap-1 bg-gray-100 rounded-lg p-0.5">
|
||||
<button
|
||||
onClick={onCopy}
|
||||
className="flex items-center gap-1.5 px-3 py-1.5 text-xs border border-gray-200 rounded-lg hover:bg-gray-50 text-gray-600 transition-colors"
|
||||
onClick={() => setViewMode('preview')}
|
||||
className={`px-3 py-1 text-xs font-medium rounded-md transition-colors ${
|
||||
viewMode === 'preview' ? 'bg-white text-gray-900 shadow-sm' : 'text-gray-500'
|
||||
}`}
|
||||
>
|
||||
<svg className="w-3.5 h-3.5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
||||
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M8 16H6a2 2 0 01-2-2V6a2 2 0 012-2h8a2 2 0 012 2v2m-6 12h8a2 2 0 002-2v-8a2 2 0 00-2-2h-8a2 2 0 00-2 2v8a2 2 0 002 2z" />
|
||||
</svg>
|
||||
Kopieren
|
||||
Vorschau
|
||||
</button>
|
||||
<button
|
||||
onClick={onExportMarkdown}
|
||||
className="flex items-center gap-1.5 px-3 py-1.5 text-xs border border-gray-200 rounded-lg hover:bg-gray-50 text-gray-600 transition-colors"
|
||||
onClick={() => setViewMode('markdown')}
|
||||
className={`px-3 py-1 text-xs font-medium rounded-md transition-colors ${
|
||||
viewMode === 'markdown' ? 'bg-white text-gray-900 shadow-sm' : 'text-gray-500'
|
||||
}`}
|
||||
>
|
||||
<svg className="w-3.5 h-3.5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
||||
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M4 16v1a3 3 0 003 3h10a3 3 0 003-3v-1m-4-4l-4 4m0 0l-4-4m4 4V4" />
|
||||
</svg>
|
||||
Markdown
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div className="flex items-center gap-2">
|
||||
{missing.length > 0 && (
|
||||
<span className="text-xs text-orange-600">
|
||||
{missing.length} Platzhalter offen
|
||||
</span>
|
||||
)}
|
||||
<button onClick={onCopy} className="px-3 py-1.5 text-xs border border-gray-200 rounded-lg hover:bg-gray-50 text-gray-600">
|
||||
Kopieren
|
||||
</button>
|
||||
<button onClick={onExportMarkdown} className="px-3 py-1.5 text-xs border border-gray-200 rounded-lg hover:bg-gray-50 text-gray-600">
|
||||
Markdown
|
||||
</button>
|
||||
<button
|
||||
onClick={() => window.print()}
|
||||
className="flex items-center gap-1.5 px-4 py-1.5 text-xs bg-purple-600 text-white rounded-lg hover:bg-purple-700 transition-colors"
|
||||
onClick={() => {
|
||||
const printWindow = window.open('', '_blank')
|
||||
if (!printWindow) return
|
||||
printWindow.document.write(`<!DOCTYPE html><html><head><title>${template.documentTitle || 'Dokument'}</title><style>
|
||||
@page { size: A4; margin: 25mm 20mm; }
|
||||
body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; font-size: 11pt; line-height: 1.6; color: #1a202c; max-width: 170mm; margin: 0 auto; }
|
||||
h1 { font-size: 18pt; color: #5b21b6; margin: 24pt 0 8pt; border-bottom: 2px solid #7c3aed; padding-bottom: 4pt; }
|
||||
h2 { font-size: 14pt; color: #1f2937; margin: 18pt 0 6pt; }
|
||||
h3 { font-size: 12pt; color: #374151; margin: 12pt 0 4pt; }
|
||||
h4 { font-size: 11pt; color: #4b5563; margin: 10pt 0 4pt; }
|
||||
table { width: 100%; border-collapse: collapse; margin: 8pt 0; font-size: 10pt; }
|
||||
th { background: #f5f3ff; color: #5b21b6; font-weight: 600; text-align: left; padding: 6pt 8pt; border: 1px solid #e5e7eb; }
|
||||
td { padding: 5pt 8pt; border: 1px solid #e5e7eb; vertical-align: top; }
|
||||
ul { padding-left: 20pt; }
|
||||
li { margin: 2pt 0; }
|
||||
hr { border: none; border-top: 1px solid #e5e7eb; margin: 16pt 0; }
|
||||
a { color: #7c3aed; }
|
||||
p { margin: 4pt 0; }
|
||||
strong { font-weight: 600; }
|
||||
</style></head><body>${htmlContent}</body></html>`)
|
||||
printWindow.document.close()
|
||||
printWindow.print()
|
||||
}}
|
||||
className="px-4 py-1.5 text-xs bg-purple-600 text-white rounded-lg hover:bg-purple-700"
|
||||
>
|
||||
<svg className="w-3.5 h-3.5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
||||
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M17 17h2a2 2 0 002-2v-4a2 2 0 00-2-2H5a2 2 0 00-2 2v4a2 2 0 002 2h2m2 4h6a2 2 0 002-2v-4a2 2 0 00-2-2H9a2 2 0 00-2 2v4a2 2 0 002 2zm8-12V5a2 2 0 00-2-2H9a2 2 0 00-2 2v4h10z" />
|
||||
</svg>
|
||||
PDF drucken
|
||||
</button>
|
||||
{onSaveToWorkflow && (
|
||||
<button
|
||||
onClick={onSaveToWorkflow}
|
||||
disabled={saveStatus === 'saving'}
|
||||
className={`px-4 py-1.5 text-xs rounded-lg transition-colors ${
|
||||
saveStatus === 'saved' ? 'bg-green-600 text-white' :
|
||||
saveStatus === 'error' ? 'bg-red-600 text-white' :
|
||||
'bg-indigo-600 text-white hover:bg-indigo-700'
|
||||
} disabled:opacity-50`}
|
||||
>
|
||||
{saveStatus === 'saving' ? 'Speichern...' :
|
||||
saveStatus === 'saved' ? 'Gespeichert!' :
|
||||
saveStatus === 'error' ? 'Fehler' :
|
||||
'Als Version speichern'}
|
||||
</button>
|
||||
)}
|
||||
</div>
|
||||
</div>
|
||||
<div className="bg-gray-50 rounded-xl border border-gray-200 p-6 max-h-[600px] overflow-y-auto">
|
||||
<pre className="text-sm text-gray-800 whitespace-pre-wrap leading-relaxed font-sans">
|
||||
{renderedContent}
|
||||
</pre>
|
||||
</div>
|
||||
|
||||
{/* Content */}
|
||||
{viewMode === 'markdown' ? (
|
||||
<div className="bg-gray-50 rounded-xl border border-gray-200 p-6 max-h-[800px] overflow-y-auto">
|
||||
<pre className="text-sm text-gray-800 whitespace-pre-wrap leading-relaxed font-mono">
|
||||
{renderedContent}
|
||||
</pre>
|
||||
</div>
|
||||
) : (
|
||||
<div className="bg-gray-100 rounded-xl p-8 flex justify-center overflow-y-auto max-h-[85vh]">
|
||||
{/* A4 Page */}
|
||||
<div
|
||||
className="bg-white shadow-lg border border-gray-300"
|
||||
style={{
|
||||
width: '210mm',
|
||||
minHeight: '297mm',
|
||||
padding: '25mm 20mm',
|
||||
fontFamily: '-apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif',
|
||||
fontSize: '11pt',
|
||||
lineHeight: '1.6',
|
||||
color: '#1a202c',
|
||||
}}
|
||||
>
|
||||
<style>{`
|
||||
.a4-content h1 { font-size: 18pt; color: #5b21b6; margin: 24pt 0 8pt; border-bottom: 2px solid #7c3aed; padding-bottom: 4pt; }
|
||||
.a4-content h2 { font-size: 14pt; color: #1f2937; margin: 18pt 0 6pt; }
|
||||
.a4-content h3 { font-size: 12pt; color: #374151; margin: 12pt 0 4pt; }
|
||||
.a4-content h4 { font-size: 11pt; color: #4b5563; margin: 10pt 0 4pt; }
|
||||
.a4-content table { width: 100%; border-collapse: collapse; margin: 8pt 0; font-size: 10pt; }
|
||||
.a4-content th { background: #f5f3ff; color: #5b21b6; font-weight: 600; text-align: left; padding: 6pt 8pt; border: 1px solid #e5e7eb; }
|
||||
.a4-content td { padding: 5pt 8pt; border: 1px solid #e5e7eb; vertical-align: top; }
|
||||
.a4-content ul { padding-left: 20pt; margin: 4pt 0; }
|
||||
.a4-content li { margin: 2pt 0; }
|
||||
.a4-content hr { border: none; border-top: 1px solid #e5e7eb; margin: 16pt 0; }
|
||||
.a4-content a { color: #7c3aed; text-decoration: underline; }
|
||||
.a4-content p { margin: 4pt 0; }
|
||||
.a4-content strong { font-weight: 600; }
|
||||
`}</style>
|
||||
<div
|
||||
className="a4-content"
|
||||
dangerouslySetInnerHTML={{ __html: htmlContent }}
|
||||
/>
|
||||
</div>
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Review Assignment */}
|
||||
<ReviewAssignmentPanel
|
||||
documentType={template.templateType || ''}
|
||||
documentTitle={template.documentTitle || 'Dokument'}
|
||||
documentContent={renderedContent}
|
||||
/>
|
||||
|
||||
{/* Attribution */}
|
||||
{template.attributionRequired && template.attributionText && (
|
||||
<div className="text-xs text-orange-600 bg-orange-50 p-3 rounded-lg border border-orange-200">
|
||||
<strong>Attribution erforderlich:</strong> {template.attributionText}
|
||||
|
||||
@@ -38,7 +38,7 @@ export default function GeneratorSection({
|
||||
const [activeTab, setActiveTab] = useState<'placeholders' | 'preview'>('placeholders')
|
||||
const [expandedSections, setExpandedSections] = useState<Set<string>>(new Set(['PROVIDER', 'LEGAL']))
|
||||
|
||||
const placeholders = template.placeholders || []
|
||||
const placeholders = Array.isArray(template.placeholders) ? template.placeholders : []
|
||||
const relevantSections = useMemo(() => getRelevantSections(placeholders), [placeholders])
|
||||
const uncovered = useMemo(() => getUncoveredPlaceholders(placeholders, context), [placeholders, context])
|
||||
const missing = useMemo(() => getMissingRequired(placeholders, context), [placeholders, context])
|
||||
@@ -101,6 +101,45 @@ export default function GeneratorSection({
|
||||
|
||||
const handleCopy = () => navigator.clipboard.writeText(renderedContent)
|
||||
|
||||
const [saveStatus, setSaveStatus] = useState<string | null>(null)
|
||||
|
||||
const handleSaveToWorkflow = async () => {
|
||||
setSaveStatus('saving')
|
||||
try {
|
||||
// 1. Create or find document
|
||||
const docRes = await fetch('/api/sdk/v1/compliance/legal-documents/documents', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({
|
||||
type: template.templateType || 'custom',
|
||||
name: template.documentTitle || 'Dokument',
|
||||
description: `Generiert aus Template: ${template.templateType}`,
|
||||
}),
|
||||
})
|
||||
if (!docRes.ok) throw new Error('Dokument konnte nicht erstellt werden')
|
||||
const doc = await docRes.json()
|
||||
|
||||
// 2. Create version
|
||||
const verRes = await fetch('/api/sdk/v1/compliance/legal-documents/versions', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({
|
||||
document_id: doc.id,
|
||||
title: template.documentTitle || 'Dokument',
|
||||
content: renderedContent,
|
||||
language: template.language || 'de',
|
||||
version: '1.0',
|
||||
}),
|
||||
})
|
||||
if (!verRes.ok) throw new Error('Version konnte nicht erstellt werden')
|
||||
setSaveStatus('saved')
|
||||
setTimeout(() => setSaveStatus(null), 3000)
|
||||
} catch (e) {
|
||||
setSaveStatus('error')
|
||||
setTimeout(() => setSaveStatus(null), 3000)
|
||||
}
|
||||
}
|
||||
|
||||
const handleExportMarkdown = () => {
|
||||
const blob = new Blob([renderedContent], { type: 'text/markdown' })
|
||||
const url = URL.createObjectURL(blob)
|
||||
@@ -160,6 +199,33 @@ export default function GeneratorSection({
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
<div className="flex items-center gap-2 shrink-0">
|
||||
<button
|
||||
onClick={() => {
|
||||
// Load example data for current template type
|
||||
const templateType = template.templateType || ''
|
||||
const lang = template.language || 'de'
|
||||
const exampleFile = `/sdk/document-generator/examples/${templateType}_${lang}.json`
|
||||
fetch(exampleFile)
|
||||
.then(r => r.ok ? r.json() : null)
|
||||
.then(data => {
|
||||
if (!data?.context) return
|
||||
const ctx = data.context
|
||||
for (const [section, fields] of Object.entries(ctx)) {
|
||||
if (typeof fields === 'object' && fields) {
|
||||
for (const [key, value] of Object.entries(fields as Record<string, unknown>)) {
|
||||
onContextChange(section as keyof TemplateContext, key, value)
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
.catch(() => {/* no example available */})
|
||||
}}
|
||||
className="px-3 py-1 text-xs bg-blue-50 text-blue-600 border border-blue-200 rounded-lg hover:bg-blue-100 transition-colors"
|
||||
>
|
||||
Beispieldaten
|
||||
</button>
|
||||
</div>
|
||||
<button onClick={onClose} className="text-gray-400 hover:text-gray-600 transition-colors shrink-0" aria-label="Schließen">
|
||||
<svg className="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
||||
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" />
|
||||
@@ -223,6 +289,8 @@ export default function GeneratorSection({
|
||||
missing={missing}
|
||||
onCopy={handleCopy}
|
||||
onExportMarkdown={handleExportMarkdown}
|
||||
onSaveToWorkflow={handleSaveToWorkflow}
|
||||
saveStatus={saveStatus}
|
||||
/>
|
||||
)}
|
||||
</div>
|
||||
|
||||
@@ -0,0 +1,130 @@
|
||||
'use client'
|
||||
|
||||
import { useMemo, useState } from 'react'
|
||||
import { useSDK } from '@/lib/sdk'
|
||||
import { evaluateTemplateRecommendations, type TemplateRecommendation } from '../templateRecommendations'
|
||||
import { getProfileLabel } from '../scopeDefaults'
|
||||
import type { LegalTemplateResult } from '@/lib/sdk/types'
|
||||
import type { ComplianceDepthLevel } from '@/lib/sdk/compliance-scope-types/core-levels'
|
||||
|
||||
interface Props {
|
||||
allTemplates: LegalTemplateResult[]
|
||||
onUseTemplate: (t: LegalTemplateResult) => void
|
||||
}
|
||||
|
||||
export default function RecommendedDocuments({ allTemplates, onUseTemplate }: Props) {
|
||||
const { state } = useSDK()
|
||||
const [showOptional, setShowOptional] = useState(false)
|
||||
|
||||
const level = state?.complianceScope?.determinedLevel as ComplianceDepthLevel | undefined
|
||||
const scopeAnswers = state?.complianceScope?.answers || []
|
||||
|
||||
const recommendations = useMemo(() => {
|
||||
if (!level) return null
|
||||
return evaluateTemplateRecommendations(
|
||||
scopeAnswers,
|
||||
level,
|
||||
(state?.companyProfile as Record<string, unknown>) || {},
|
||||
)
|
||||
}, [level, scopeAnswers, state?.companyProfile])
|
||||
|
||||
if (!level || !recommendations || recommendations.length === 0) return null
|
||||
|
||||
// Match recommendations to actual templates in the library
|
||||
const templateMap = new Map<string, LegalTemplateResult>()
|
||||
for (const t of allTemplates) {
|
||||
if (t.templateType) templateMap.set(t.templateType, t)
|
||||
}
|
||||
|
||||
const required = recommendations.filter((r) => r.requirement === 'required')
|
||||
const recommended = recommendations.filter((r) => r.requirement === 'recommended')
|
||||
const optional = recommendations.filter((r) => r.requirement === 'optional')
|
||||
|
||||
const renderCard = (rec: TemplateRecommendation) => {
|
||||
const template = templateMap.get(rec.templateType)
|
||||
const exists = !!template
|
||||
|
||||
return (
|
||||
<div
|
||||
key={rec.templateType}
|
||||
className={`rounded-lg border p-3 text-sm ${
|
||||
exists
|
||||
? 'border-gray-200 bg-white hover:border-purple-300 cursor-pointer'
|
||||
: 'border-dashed border-gray-300 bg-gray-50'
|
||||
}`}
|
||||
onClick={() => exists && template && onUseTemplate(template)}
|
||||
>
|
||||
<div className="font-medium text-gray-900 truncate">{rec.label}</div>
|
||||
<div className="text-xs text-gray-500 mt-1">
|
||||
{exists ? (
|
||||
<span className="text-purple-600">Vorlage verfuegbar</span>
|
||||
) : (
|
||||
<span className="text-gray-400">Noch nicht erstellt</span>
|
||||
)}
|
||||
</div>
|
||||
</div>
|
||||
)
|
||||
}
|
||||
|
||||
return (
|
||||
<div className="bg-gradient-to-br from-purple-50 to-white rounded-xl border border-purple-200 p-6">
|
||||
<div className="flex items-center justify-between mb-4">
|
||||
<div>
|
||||
<h3 className="text-lg font-semibold text-gray-900">
|
||||
Empfohlene Dokumente fuer Ihr Unternehmen
|
||||
</h3>
|
||||
<p className="text-sm text-gray-500 mt-1">
|
||||
Basierend auf Ihrem Compliance-Profil ({getProfileLabel(level)})
|
||||
</p>
|
||||
</div>
|
||||
<span className="inline-flex items-center px-3 py-1 rounded-full text-xs font-medium bg-purple-100 text-purple-700">
|
||||
{level}
|
||||
</span>
|
||||
</div>
|
||||
|
||||
{/* Required */}
|
||||
{required.length > 0 && (
|
||||
<div className="mb-4">
|
||||
<div className="flex items-center gap-2 mb-2">
|
||||
<span className="text-sm font-medium text-red-700">Pflicht</span>
|
||||
<span className="text-xs text-gray-400">({required.length})</span>
|
||||
</div>
|
||||
<div className="grid grid-cols-2 sm:grid-cols-3 lg:grid-cols-4 xl:grid-cols-5 gap-2">
|
||||
{required.map(renderCard)}
|
||||
</div>
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Recommended */}
|
||||
{recommended.length > 0 && (
|
||||
<div className="mb-4">
|
||||
<div className="flex items-center gap-2 mb-2">
|
||||
<span className="text-sm font-medium text-amber-700">Empfohlen</span>
|
||||
<span className="text-xs text-gray-400">({recommended.length})</span>
|
||||
</div>
|
||||
<div className="grid grid-cols-2 sm:grid-cols-3 lg:grid-cols-4 xl:grid-cols-5 gap-2">
|
||||
{recommended.map(renderCard)}
|
||||
</div>
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Optional (collapsed by default) */}
|
||||
{optional.length > 0 && (
|
||||
<div>
|
||||
<button
|
||||
onClick={() => setShowOptional(!showOptional)}
|
||||
className="text-sm text-gray-500 hover:text-purple-600 flex items-center gap-1"
|
||||
>
|
||||
<span>{showOptional ? '▼' : '▶'}</span>
|
||||
<span>Optional ({optional.length})</span>
|
||||
</button>
|
||||
{showOptional && (
|
||||
<div className="grid grid-cols-2 sm:grid-cols-3 lg:grid-cols-4 xl:grid-cols-5 gap-2 mt-2">
|
||||
{optional.map(renderCard)}
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
)}
|
||||
</div>
|
||||
)
|
||||
}
|
||||
@@ -0,0 +1,170 @@
|
||||
'use client'
|
||||
|
||||
import { useState, useEffect } from 'react'
|
||||
import { useSDK } from '@/lib/sdk'
|
||||
|
||||
interface ReviewerInfo {
|
||||
role_key: string
|
||||
role_label?: string
|
||||
person_name?: string | null
|
||||
person_email?: string | null
|
||||
is_primary?: boolean
|
||||
}
|
||||
|
||||
interface ReviewRecord {
|
||||
id: string
|
||||
status: string
|
||||
reviewer_role_key: string
|
||||
reviewer_name: string | null
|
||||
email_sent: boolean
|
||||
}
|
||||
|
||||
const STATUS_COLORS: Record<string, string> = {
|
||||
pending: 'bg-gray-100 text-gray-700',
|
||||
in_review: 'bg-blue-100 text-blue-700',
|
||||
approved: 'bg-green-100 text-green-700',
|
||||
rejected: 'bg-red-100 text-red-700',
|
||||
}
|
||||
|
||||
const STATUS_LABELS: Record<string, string> = {
|
||||
pending: 'Ausstehend',
|
||||
in_review: 'In Pruefung',
|
||||
approved: 'Freigegeben',
|
||||
rejected: 'Abgelehnt',
|
||||
}
|
||||
|
||||
export default function ReviewAssignmentPanel({
|
||||
documentType,
|
||||
documentTitle,
|
||||
documentContent,
|
||||
}: {
|
||||
documentType: string
|
||||
documentTitle: string
|
||||
documentContent: string
|
||||
}) {
|
||||
const { projectId } = useSDK()
|
||||
const [reviewers, setReviewers] = useState<ReviewerInfo[]>([])
|
||||
const [existingReviews, setExistingReviews] = useState<ReviewRecord[]>([])
|
||||
const [sending, setSending] = useState(false)
|
||||
const [result, setResult] = useState<string | null>(null)
|
||||
|
||||
// Load reviewers for this document type
|
||||
useEffect(() => {
|
||||
if (!documentType) return
|
||||
const qs = new URLSearchParams()
|
||||
if (projectId) qs.set('project_id', projectId)
|
||||
qs.set('document_type', documentType)
|
||||
|
||||
// Load mapping + existing reviews
|
||||
Promise.all([
|
||||
fetch(`/api/sdk/v1/compliance/org-roles/mapping`).then(r => r.ok ? r.json() : []),
|
||||
fetch(`/api/sdk/v1/compliance/org-roles${projectId ? `?project_id=${projectId}` : ''}`).then(r => r.ok ? r.json() : []),
|
||||
fetch(`/api/sdk/v1/compliance/document-reviews/for-document?${qs}`).then(r => r.ok ? r.json() : []),
|
||||
]).then(([mappings, roles, reviews]) => {
|
||||
// Filter mappings for this document type
|
||||
const relevant = (mappings as Array<{ document_type: string; role_key: string; is_primary: boolean }>)
|
||||
.filter(m => m.document_type === documentType)
|
||||
// Enrich with role info
|
||||
const enriched: ReviewerInfo[] = relevant.map(m => {
|
||||
const role = (roles as Array<{ role_key: string; role_label: string; person_name: string | null; person_email: string | null }>)
|
||||
.find(r => r.role_key === m.role_key)
|
||||
return { ...m, role_label: role?.role_label, person_name: role?.person_name, person_email: role?.person_email }
|
||||
})
|
||||
setReviewers(enriched)
|
||||
setExistingReviews(reviews)
|
||||
}).catch(() => {})
|
||||
}, [documentType, projectId])
|
||||
|
||||
const handleSendForReview = async () => {
|
||||
setSending(true)
|
||||
setResult(null)
|
||||
try {
|
||||
const res = await fetch('/api/sdk/v1/compliance/document-reviews', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({
|
||||
document_type: documentType,
|
||||
document_title: documentTitle,
|
||||
document_content: documentContent,
|
||||
project_id: projectId,
|
||||
review_link: window.location.href,
|
||||
}),
|
||||
})
|
||||
if (!res.ok) throw new Error('Fehler beim Erstellen')
|
||||
const reviews = await res.json()
|
||||
|
||||
// Send email for each review
|
||||
let sentCount = 0
|
||||
for (const review of reviews) {
|
||||
if (review.reviewer_email) {
|
||||
const sendRes = await fetch(`/api/sdk/v1/compliance/document-reviews/${review.id}/send`, { method: 'POST' })
|
||||
if (sendRes.ok) sentCount++
|
||||
}
|
||||
}
|
||||
setResult(`${reviews.length} Review(s) erstellt, ${sentCount} E-Mail(s) gesendet`)
|
||||
// Refresh
|
||||
const qs = new URLSearchParams({ document_type: documentType })
|
||||
if (projectId) qs.set('project_id', projectId)
|
||||
const updated = await fetch(`/api/sdk/v1/compliance/document-reviews/for-document?${qs}`).then(r => r.json())
|
||||
setExistingReviews(updated)
|
||||
} catch (e) {
|
||||
setResult(e instanceof Error ? e.message : 'Fehler')
|
||||
} finally {
|
||||
setSending(false)
|
||||
}
|
||||
}
|
||||
|
||||
if (reviewers.length === 0 && existingReviews.length === 0) return null
|
||||
|
||||
return (
|
||||
<div className="border border-purple-200 rounded-lg p-4 bg-purple-50/50 space-y-3">
|
||||
<h4 className="font-semibold text-sm text-gray-900 flex items-center gap-2">
|
||||
<svg className="w-4 h-4 text-purple-600" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
||||
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M17 20h5v-2a3 3 0 00-5.356-1.857M17 20H7m10 0v-2c0-.656-.126-1.283-.356-1.857M7 20H2v-2a3 3 0 015.356-1.857M7 20v-2c0-.656.126-1.283.356-1.857m0 0a5.002 5.002 0 019.288 0M15 7a3 3 0 11-6 0 3 3 0 016 0z" />
|
||||
</svg>
|
||||
Pruefung & Freigabe
|
||||
</h4>
|
||||
|
||||
{/* Assigned reviewers */}
|
||||
{reviewers.length > 0 && (
|
||||
<div className="space-y-1">
|
||||
{reviewers.map(r => (
|
||||
<div key={r.role_key} className="flex items-center gap-2 text-xs">
|
||||
<span className="font-medium text-gray-700">{r.role_label || r.role_key}:</span>
|
||||
{r.person_name ? (
|
||||
<span className="text-gray-600">{r.person_name} ({r.person_email || 'keine E-Mail'})</span>
|
||||
) : (
|
||||
<span className="text-gray-400 italic">Nicht zugewiesen</span>
|
||||
)}
|
||||
</div>
|
||||
))}
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Existing reviews */}
|
||||
{existingReviews.length > 0 && (
|
||||
<div className="space-y-1">
|
||||
{existingReviews.map(r => (
|
||||
<div key={r.id} className="flex items-center gap-2">
|
||||
<span className={`px-2 py-0.5 text-[10px] font-medium rounded-full ${STATUS_COLORS[r.status] || ''}`}>
|
||||
{STATUS_LABELS[r.status] || r.status}
|
||||
</span>
|
||||
<span className="text-xs text-gray-600">{r.reviewer_name || r.reviewer_role_key}</span>
|
||||
{r.email_sent && <span className="text-[10px] text-green-600">E-Mail gesendet</span>}
|
||||
</div>
|
||||
))}
|
||||
</div>
|
||||
)}
|
||||
|
||||
{/* Send for review */}
|
||||
<button onClick={handleSendForReview} disabled={sending || reviewers.length === 0}
|
||||
className="w-full px-4 py-2 text-sm bg-purple-600 text-white rounded-lg hover:bg-purple-700 disabled:opacity-50 transition-colors">
|
||||
{sending ? 'Sende...' : 'Zur Pruefung senden'}
|
||||
</button>
|
||||
|
||||
{result && (
|
||||
<p className={`text-xs ${result.includes('Fehler') ? 'text-red-600' : 'text-green-600'}`}>{result}</p>
|
||||
)}
|
||||
</div>
|
||||
)
|
||||
}
|
||||
@@ -6,6 +6,7 @@ import { TemplateContext } from './contextBridge'
|
||||
|
||||
export const CATEGORIES: { key: string; label: string; types: string[] | null }[] = [
|
||||
{ key: 'all', label: 'Alle', types: null },
|
||||
<<<<<<< HEAD
|
||||
{ key: 'privacy_policy', label: 'Datenschutz', types: ['privacy_policy'] },
|
||||
{ key: 'terms', label: 'AGB', types: ['terms_of_service', 'agb', 'clause'] },
|
||||
{ key: 'impressum', label: 'Impressum', types: ['impressum'] },
|
||||
@@ -22,6 +23,66 @@ export const CATEGORIES: { key: string; label: string; types: string[] | null }[
|
||||
'dsr_process_art15', 'dsr_process_art16', 'dsr_process_art17',
|
||||
'dsr_process_art18', 'dsr_process_art19', 'dsr_process_art20', 'dsr_process_art21',
|
||||
]},
|
||||
=======
|
||||
|
||||
// ── Nach Nutzungskontext sortiert ──────────────────────────────────────
|
||||
|
||||
// Jede Website / App braucht:
|
||||
{ key: 'website', label: 'Website / App', types: ['privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner', 'social_media_dsi'] },
|
||||
|
||||
// Online-Shop / E-Commerce:
|
||||
{ key: 'shop', label: 'Online-Shop', types: ['agb', 'widerruf', 'privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner'] },
|
||||
|
||||
// SaaS / Cloud-Dienst:
|
||||
{ key: 'saas', label: 'SaaS / Cloud', types: ['agb', 'dpa', 'sla', 'cloud_service_agreement', 'privacy_policy', 'terms_of_use'] },
|
||||
|
||||
// App / Plattform mit Nutzern:
|
||||
{ key: 'platform', label: 'App / Plattform', types: ['terms_of_use', 'community_guidelines', 'privacy_policy', 'agb', 'acceptable_use', 'media_content_policy', 'copyright_policy'] },
|
||||
|
||||
// Vertraege mit Geschaeftspartnern:
|
||||
{ key: 'contracts', label: 'Vertraege (B2B)', types: ['dpa', 'nda', 'sla', 'cloud_service_agreement', 'data_usage_clause'] },
|
||||
|
||||
// Drittlandtransfer:
|
||||
{ key: 'third_country', label: 'Drittlandtransfer', types: ['transfer_impact_assessment', 'scc_companion'] },
|
||||
|
||||
// ── Interne Compliance-Dokumente ──────────────────────────────────────
|
||||
|
||||
// DSGVO-Kernpflichten:
|
||||
{ key: 'dsgvo_core', label: 'DSGVO-Pflichten', types: ['tom_documentation', 'vvt_register', 'loeschkonzept', 'dsfa', 'pflichtenregister'] },
|
||||
|
||||
// Betroffenenrechte:
|
||||
{ key: 'dsr', label: 'Betroffenenrechte', types: [
|
||||
'dsr_process_art15', 'dsr_process_art16', 'dsr_process_art17',
|
||||
'dsr_process_art18', 'dsr_process_art19', 'dsr_process_art20', 'dsr_process_art21',
|
||||
]},
|
||||
|
||||
// Datenschutz-Informationen (alle DSI-Typen):
|
||||
{ key: 'dsi', label: 'Datenschutzinfos', types: ['privacy_policy', 'applicant_dsi', 'employee_dsi', 'social_media_dsi', 'video_conference_dsi', 'informationspflichten'] },
|
||||
|
||||
// Einwilligungen:
|
||||
{ key: 'consent', label: 'Einwilligungen', types: ['consent_texts', 'cookie_banner', 'verpflichtungserklaerung'] },
|
||||
|
||||
// ── Sicherheit & IT ───────────────────────────────────────────────────
|
||||
|
||||
{ key: 'security_concepts', label: 'Sicherheitskonzepte', types: ['it_security_concept', 'data_protection_concept', 'backup_recovery_concept', 'logging_concept', 'incident_response_plan', 'access_control_concept', 'risk_management_concept', 'isms_manual'] },
|
||||
|
||||
{ key: 'security_policies', label: 'Sicherheitsrichtlinien', types: [
|
||||
'information_security_policy', 'access_control_policy', 'password_policy', 'encryption_policy',
|
||||
'cybersecurity_policy', 'incident_response_policy', 'logging_policy', 'patch_management_policy',
|
||||
'vulnerability_management_policy', 'secrets_management_policy', 'devsecops_policy',
|
||||
'cloud_security_policy', 'change_management_policy', 'asset_management_policy', 'backup_policy',
|
||||
]},
|
||||
|
||||
// ── Organisation & HR ─────────────────────────────────────────────────
|
||||
|
||||
{ key: 'hr', label: 'HR & Mitarbeiter', types: ['applicant_dsi', 'employee_dsi', 'employee_security_policy', 'security_awareness_policy', 'remote_work_policy', 'offboarding_policy', 'byod_policy', 'ai_usage_policy', 'whistleblower_policy', 'verpflichtungserklaerung'] },
|
||||
|
||||
{ key: 'data_governance', label: 'Daten-Governance', types: ['data_protection_policy', 'data_classification_policy', 'data_retention_policy', 'data_transfer_policy', 'privacy_incident_policy'] },
|
||||
|
||||
{ key: 'vendor', label: 'Lieferanten / Vendor', types: ['vendor_risk_management_policy', 'third_party_security_policy', 'supplier_security_policy', 'dpa'] },
|
||||
|
||||
{ key: 'bcm', label: 'BCM / Notfall', types: ['business_continuity_policy', 'disaster_recovery_policy', 'crisis_management_policy', 'incident_response_plan'] },
|
||||
>>>>>>> feat/zeroclaw-compliance-agent
|
||||
]
|
||||
|
||||
// =============================================================================
|
||||
@@ -41,6 +102,8 @@ export const SECTION_LABELS: Record<keyof TemplateContext, string> = {
|
||||
CONSENT: 'Cookie / Einwilligung',
|
||||
HOSTING: 'Hosting-Provider',
|
||||
FEATURES: 'Dokument-Features & Textbausteine',
|
||||
TOM: 'TOM-Dokumentation',
|
||||
DPA: 'AVV / Auftragsverarbeitung',
|
||||
}
|
||||
|
||||
export type FieldType = 'text' | 'email' | 'number' | 'select' | 'textarea' | 'boolean'
|
||||
@@ -186,6 +249,192 @@ export const SECTION_FIELDS: Record<keyof TemplateContext, FieldDef[]> = {
|
||||
{ key: 'EDITORIAL_RESPONSIBLE_ADDRESS', label: 'V.i.S.d.P. Adresse' },
|
||||
{ key: 'HAS_DISPUTE_RESOLUTION', label: 'Streitbeilegungshinweis', type: 'boolean' },
|
||||
{ key: 'DISPUTE_RESOLUTION_TEXT', label: 'Streitbeilegungstext', type: 'textarea', span: true },
|
||||
// ── SaaS AGB v2 ─────────────────────────────────────────────────────────
|
||||
{ key: 'B2B_ONLY', label: 'Nur B2B (keine Verbraucher)', type: 'boolean' },
|
||||
{ key: 'HAS_END_USERS', label: 'Endkunden-Weitergabe (B2B2C)', type: 'boolean' },
|
||||
{ key: 'HAS_MODULAR_PACKAGES', label: 'Modulare Leistungspakete', type: 'boolean' },
|
||||
{ key: 'HAS_STORAGE', label: 'Speicherplatz als Leistung', type: 'boolean' },
|
||||
{ key: 'HAS_STORAGE_LIMITS', label: 'Speicherplatz begrenzt', type: 'boolean' },
|
||||
{ key: 'HAS_TRIAL', label: 'Kostenlose Testphase', type: 'boolean' },
|
||||
{ key: 'TRIAL_DAYS', label: 'Testphase (Tage)', type: 'select', opts: ['7', '14', '30'] },
|
||||
{ key: 'HAS_PRICE_ADJUSTMENT', label: 'Preisanpassungsklausel', type: 'boolean' },
|
||||
{ key: 'PRICE_ADJUSTMENT_NOTICE_WEEKS', label: 'Ankündigung Preisanpassung (Wo.)', type: 'select', opts: ['4', '8', '12'] },
|
||||
{ key: 'PRICE_INCREASE_THRESHOLD_PERCENT', label: 'Schwelle Sonderkündigung (%)', type: 'select', opts: ['5', '10', '15'] },
|
||||
{ key: 'HAS_UPLOAD', label: 'Datei-Upload Funktion', type: 'boolean' },
|
||||
{ key: 'NO_AUDIT_PROOF_STORAGE', label: 'Keine revisionssichere Speicherung', type: 'boolean' },
|
||||
{ key: 'HAS_API_ACCESS', label: 'API-Zugang', type: 'boolean' },
|
||||
{ key: 'HAS_MAINTENANCE_ACCESS', label: 'Fernwartungszugang (On-Premise)', type: 'boolean' },
|
||||
{ key: 'HAS_MAX_DOWNTIME', label: 'Max. Ausfalldauer begrenzt', type: 'boolean' },
|
||||
{ key: 'MAX_DOWNTIME_DAYS', label: 'Max. Ausfalldauer (Tage)', type: 'number' },
|
||||
{ key: 'HAS_IP_INDEMNIFICATION', label: 'IP-Freistellung (Schutzrechte)', type: 'boolean' },
|
||||
{ key: 'LIABILITY_MULTIPLIER', label: 'Haftungsdeckel (x Jahreslizenz)', type: 'select', opts: ['1', '2', '3'] },
|
||||
{ key: 'HAS_REFERENCE_MARKETING', label: 'Referenzmarketing (Logo-Nutzung)', type: 'boolean' },
|
||||
{ key: 'HAS_WHITELABEL', label: 'Whitelabel-Paket vorhanden', type: 'boolean' },
|
||||
{ key: 'HAS_FORCE_MAJEURE', label: 'Force-Majeure-Klausel', type: 'boolean' },
|
||||
{ key: 'HAS_COMMUNITY_GUIDELINES', label: 'Community Guidelines als Bestandteil', type: 'boolean' },
|
||||
// ── Community Guidelines (modular) ──────────────────────────────────────
|
||||
{ key: 'TONE_FRIENDLY', label: 'Ton: Freundlich/Einladend', type: 'boolean' },
|
||||
{ key: 'TONE_EDITORIAL', label: 'Ton: Editorial/Sachlich', type: 'boolean' },
|
||||
{ key: 'TONE_FORMAL', label: 'Ton: Formal/Juristisch', type: 'boolean' },
|
||||
{ key: 'HAS_MEDIA_UPLOADS', label: 'Plattform: Medien-Uploads (Bilder/Videos)', type: 'boolean' },
|
||||
{ key: 'HAS_MESSAGING', label: 'Plattform: Messaging/Chat', type: 'boolean' },
|
||||
{ key: 'HAS_MARKETPLACE', label: 'Plattform: Marketplace/Handel', type: 'boolean' },
|
||||
{ key: 'DETAILED_ILLEGAL', label: '↳ Details: Rechtswidrige Inhalte', type: 'boolean' },
|
||||
{ key: 'DETAILED_HATE_SPEECH', label: '↳ Details: Hassrede', type: 'boolean' },
|
||||
{ key: 'DETAILED_FRAUD', label: '↳ Details: Betrug/Deepfakes', type: 'boolean' },
|
||||
{ key: 'EXCEPTIONS_FRAUD', label: '↳ Ausnahmen: Parodie/Satire/Kunst', type: 'boolean' },
|
||||
{ key: 'DETAILED_PRIVACY', label: '↳ Details: Sicherheit/Privatsphäre', type: 'boolean' },
|
||||
{ key: 'DETAILED_VIOLENCE', label: '↳ Details: Gewalt (bei Medien-Uploads)', type: 'boolean' },
|
||||
{ key: 'EXCEPTIONS_VIOLENCE', label: '↳ Ausnahmen: Kampfsport/Journalismus/Kunst', type: 'boolean' },
|
||||
{ key: 'DETAILED_PORNOGRAPHY', label: '↳ Details: Pornografie (bei Medien-Uploads)', type: 'boolean' },
|
||||
{ key: 'EXCEPTIONS_PORNOGRAPHY', label: '↳ Ausnahmen: Bodypainting/Stillen/Medizin', type: 'boolean' },
|
||||
{ key: 'DETAILED_SELF_HARM', label: '↳ Details: Suizid/Selbstverletzung', type: 'boolean' },
|
||||
{ key: 'EXCEPTIONS_SELF_HARM', label: '↳ Ausnahmen: Prävention/Journalismus', type: 'boolean' },
|
||||
{ key: 'DETAILED_EXPLOITATION', label: '↳ Details: Ausbeutung/Missbrauch/CSAM', type: 'boolean' },
|
||||
{ key: 'DETAILED_HARASSMENT', label: '↳ Details: Sexuelle Belästigung (bei Messaging)', type: 'boolean' },
|
||||
{ key: 'DETAILED_DANGEROUS_PRODUCTS', label: '↳ Details: Gefährliche Produkte (bei Marketplace)', type: 'boolean' },
|
||||
{ key: 'DETAILED_TERRORISM', label: '↳ Details: Terrorismus/Gefährliche Gruppen', type: 'boolean' },
|
||||
{ key: 'DETAILED_DANGEROUS_ACTIVITIES', label: '↳ Details: Gefährdende Aktivitäten', type: 'boolean' },
|
||||
{ key: 'GUIDELINES_URL', label: 'URL der Richtlinien' },
|
||||
// ── Medien & Content Module ─────────────────────────────────────────────
|
||||
{ key: 'IS_JOURNALISTIC_MEDIA', label: 'Journalistisches Medium (MStV §§ 18-22)', type: 'boolean' },
|
||||
{ key: 'EDITORIAL_EMAIL', label: 'Redaktions-E-Mail (Gegendarstellung)', type: 'email' },
|
||||
{ key: 'HAS_AI_GENERATED_CONTENT', label: 'KI-generierte Inhalte (AI Act Art. 50)', type: 'boolean' },
|
||||
{ key: 'DETAILED_AI_LABELING', label: '↳ Detaillierte KI-Kennzeichnungstabelle', type: 'boolean' },
|
||||
{ key: 'HAS_SPONSORED_CONTENT', label: 'Bezahlte/werbliche Inhalte (§ 5a UWG)', type: 'boolean' },
|
||||
{ key: 'HAS_PRESS_COUNCIL', label: 'Pressekodex-Selbstverpflichtung (Presserat)', type: 'boolean' },
|
||||
// ── Nutzungsbedingungen ─────────────────────────────────────────────────
|
||||
{ key: 'HAS_UGC', label: 'User Generated Content', type: 'boolean' },
|
||||
{ key: 'HAS_CONTENT_LICENSING', label: 'Content Licensing (Nutzer-zu-Nutzer)', type: 'boolean' },
|
||||
{ key: 'HAS_TDM_OPTOUT', label: 'Text- und Data-Mining Opt-out', type: 'boolean' },
|
||||
{ key: 'HAS_CONTENT_AUTHENTICITY', label: 'Content Authenticity (kryptogr. Herkunft)', type: 'boolean' },
|
||||
{ key: 'HAS_TIPPING', label: 'Tipping/Anerkennungsfunktion', type: 'boolean' },
|
||||
{ key: 'HAS_CRYPTO_PAYMENTS', label: 'Krypto-Zahlungen', type: 'boolean' },
|
||||
{ key: 'HAS_INTEGRATED_WALLET', label: 'Integriertes Wallet (Non-Custodial)', type: 'boolean' },
|
||||
{ key: 'HAS_IDENTITY_VERIFICATION', label: 'Identitätsprüfung erforderlich', type: 'boolean' },
|
||||
{ key: 'HAS_COPYRIGHT_TAKEDOWN', label: 'Copyright Takedown-Verfahren', type: 'boolean' },
|
||||
{ key: 'HAS_PAID_USER_ACCOUNTS', label: 'Kostenpflichtige Nutzeraccounts', type: 'boolean' },
|
||||
{ key: 'HAS_EU_USERS', label: 'EU-weite Nutzer (Verbraucherschutz)', type: 'boolean' },
|
||||
{ key: 'MFA_REQUIRED', label: 'MFA verpflichtend für Nutzer', type: 'boolean' },
|
||||
{ key: 'DATA_EXPORT_BEFORE_DELETION', label: 'Datenexport vor Kontolöschung', type: 'boolean' },
|
||||
{ key: 'EXPORT_BEFORE_DELETION_DAYS', label: 'Exportfrist (Tage)', type: 'select', opts: ['7', '14', '30'] },
|
||||
{ key: 'MIN_AGE', label: 'Mindestalter', type: 'select', opts: ['13', '16', '18'] },
|
||||
{ key: 'ALLOWS_MINORS', label: 'Minderjährige mit Eltern-Einwilligung', type: 'boolean' },
|
||||
{ key: 'TIPPING_FEE_PERCENT', label: 'Tipping-Gebühr (%)', type: 'number' },
|
||||
{ key: 'SUPPORTED_CURRENCIES', label: 'Unterstützte Währungen/Token' },
|
||||
// ── Widerrufsbelehrung ──────────────────────────────────────────────────
|
||||
{ key: 'HAS_PHYSICAL_GOODS', label: 'Physische Waren (Rücksendung)', type: 'boolean' },
|
||||
{ key: 'HAS_COMBO_PACKAGE', label: 'Kombi-Paket (Hardware + Software)', type: 'boolean' },
|
||||
{ key: 'HAS_DIGITAL_CONTENT', label: 'Digitale Inhalte (§ 356 Abs. 5 BGB)', type: 'boolean' },
|
||||
{ key: 'HAS_SAAS_SERVICE', label: 'SaaS-Dienstleistung (§ 356 Abs. 4 BGB)', type: 'boolean' },
|
||||
{ key: 'HAS_IOT_BUNDLE', label: 'Verbundenes Produkt (Hardware + App/Cloud)', type: 'boolean' },
|
||||
{ key: 'IOT_SEPARATE_CONTRACTS', label: '↳ HW und Cloud getrennt widerrufbar', type: 'boolean' },
|
||||
{ key: 'RETURN_ADDRESS', label: 'Rücksendeadresse (Servicecenter)' },
|
||||
// ── Social Media DSI ────────────────────────────────────────────────────
|
||||
{ key: 'HAS_FACEBOOK', label: 'Facebook & Instagram', type: 'boolean' },
|
||||
{ key: 'HAS_YOUTUBE', label: 'YouTube', type: 'boolean' },
|
||||
{ key: 'HAS_LINKEDIN', label: 'LinkedIn', type: 'boolean' },
|
||||
{ key: 'HAS_TIKTOK', label: 'TikTok', type: 'boolean' },
|
||||
{ key: 'HAS_X_TWITTER', label: 'X (Twitter)', type: 'boolean' },
|
||||
{ key: 'HAS_META_PIXEL', label: 'Meta Pixel (Konversionsmessung)', type: 'boolean' },
|
||||
{ key: 'HAS_RECRUITING_VIA_SOCIAL', label: 'Personalgewinnung über Social Media', type: 'boolean' },
|
||||
{ key: 'SOCIAL_MEDIA_PLATFORMS_LIST', label: 'Plattform-Liste (Text)', type: 'textarea', span: true },
|
||||
// ── DSI Erweiterungen ───────────────────────────────────────────────────
|
||||
{ key: 'DSI_TITLE', label: 'Titel', type: 'select', opts: ['Datenschutzerklaerung', 'Datenschutzinformation'] },
|
||||
{ key: 'SERVICE_SCOPE_DESCRIPTION', label: 'Geltungsbereich (z.B. "die App xy" / "den Online-Shop")' },
|
||||
{ key: 'HAS_ONLINE_SHOP', label: 'Online-Shop Funktionen', type: 'boolean' },
|
||||
{ key: 'HAS_PICKUP_STATION', label: 'Abholstationen', type: 'boolean' },
|
||||
{ key: 'HAS_SUBSCRIPTION', label: 'Abonnement-Modell', type: 'boolean' },
|
||||
{ key: 'HAS_PRODUCT_REVIEWS', label: 'Produktbewertungen', type: 'boolean' },
|
||||
{ key: 'HAS_PARENT_COMPANY', label: 'Konzernstruktur (Mutter-/Tochtergesellschaft)', type: 'boolean' },
|
||||
{ key: 'HAS_LOCATION', label: 'Standortdaten erhoben', type: 'boolean' },
|
||||
{ key: 'HAS_E2E_ENCRYPTION', label: 'Ende-zu-Ende-Verschlüsselung (Messaging)', type: 'boolean' },
|
||||
{ key: 'DETAILED_RIGHTS', label: 'Ausführliche Rechte-Beschreibung', type: 'boolean' },
|
||||
{ key: 'PROCESSOR_LIST_URL', label: 'URL Auftragsverarbeiter-Liste' },
|
||||
// ── Whistleblower ───────────────────────────────────────────────────────
|
||||
{ key: 'WHISTLEBLOWER_CONTACT_NAME', label: 'Meldestelle: Ansprechperson' },
|
||||
{ key: 'WHISTLEBLOWER_CONTACT_ROLE', label: 'Meldestelle: Funktion/Rolle' },
|
||||
{ key: 'WHISTLEBLOWER_EMAIL', label: 'Meldestelle: E-Mail', type: 'email' },
|
||||
{ key: 'WHISTLEBLOWER_PHONE', label: 'Meldestelle: Telefon' },
|
||||
{ key: 'WHISTLEBLOWER_URL', label: 'Meldestelle: Online-Formular URL' },
|
||||
{ key: 'HAS_ANONYMOUS_REPORTING', label: 'Anonyme Meldungen möglich', type: 'boolean' },
|
||||
{ key: 'HAS_EXTERNAL_REPORTING', label: 'Externe Meldestelle (BfJ) erwähnen', type: 'boolean' },
|
||||
// ── Bewerber-DSI ────────────────────────────────────────────────────────
|
||||
{ key: 'HAS_VIDEO_INTERVIEW', label: 'Video-Interviews', type: 'boolean' },
|
||||
{ key: 'HAS_ASSESSMENT', label: 'Assessment-Center/Tests', type: 'boolean' },
|
||||
{ key: 'HAS_TALENT_POOL', label: 'Talentpool (Einwilligung)', type: 'boolean' },
|
||||
{ key: 'TALENT_POOL_MONTHS', label: 'Talentpool Aufbewahrung (Monate)', type: 'select', opts: ['6', '12', '24'] },
|
||||
{ key: 'HAS_RECRUITING_AGENCY', label: 'Personalvermittler', type: 'boolean' },
|
||||
{ key: 'HAS_RECRUITING_SOFTWARE', label: 'Bewerbermanagement-Software', type: 'boolean' },
|
||||
{ key: 'HAS_EMPLOYEE_REFERRAL', label: 'Mitarbeiterempfehlungen', type: 'boolean' },
|
||||
// ── Mitarbeiter-DSI ─────────────────────────────────────────────────────
|
||||
{ key: 'HAS_IT_USAGE_MONITORING', label: 'IT-Nutzungsüberwachung', type: 'boolean' },
|
||||
{ key: 'HAS_COMPANY_VEHICLE', label: 'Dienstfahrzeuge/Fuhrpark', type: 'boolean' },
|
||||
{ key: 'HAS_ACCESS_CONTROL', label: 'Zutrittskontrolle (Chipkarte)', type: 'boolean' },
|
||||
{ key: 'HAS_VIDEO_SURVEILLANCE', label: 'Videoüberwachung (Arbeitsplatz)', type: 'boolean' },
|
||||
{ key: 'HAS_COMPANY_PENSION', label: 'Betriebliche Altersvorsorge', type: 'boolean' },
|
||||
{ key: 'HAS_EXTERNAL_HR_SOFTWARE', label: 'Externe HR-Software', type: 'boolean' },
|
||||
{ key: 'HAS_WORKS_COUNCIL', label: 'Betriebsrat vorhanden', type: 'boolean' },
|
||||
{ key: 'HAS_SPECIAL_CATEGORIES_EMPLOYEES', label: 'Besondere Datenkategorien (Gesundheit, Religion)', type: 'boolean' },
|
||||
],
|
||||
// ── TOM ─────────────────────────────────────────────────────────────────
|
||||
TOM: [
|
||||
{ key: 'ISB_NAME', label: 'IT-Sicherheitsbeauftragter' },
|
||||
{ key: 'GF_NAME', label: 'Geschäftsführung' },
|
||||
{ key: 'DOCUMENT_VERSION', label: 'Dokumentversion' },
|
||||
{ key: 'NEXT_REVIEW_DATE', label: 'Nächste Prüfung (JJJJ-MM-TT)' },
|
||||
{ key: 'HAS_MFA', label: 'Multi-Faktor-Authentifizierung aktiv', type: 'boolean' },
|
||||
{ key: 'HAS_USB_LOCKED', label: 'USB-Schnittstellen physisch gesperrt', type: 'boolean' },
|
||||
{ key: 'HAS_MOBILE_MEDIA', label: 'Mobile Datenträger im Einsatz', type: 'boolean' },
|
||||
{ key: 'HAS_FOUR_EYES_DELETE', label: 'Vier-Augen-Prinzip für Löschungen', type: 'boolean' },
|
||||
{ key: 'LOG_RETENTION_MONTHS', label: 'Log-Aufbewahrung (Monate)', type: 'select', opts: ['3', '6', '12', '24'] },
|
||||
{ key: 'DIN_66399_LEVEL', label: 'Vernichtungsstufe (DIN 66399)', type: 'select', opts: ['1', '2', '3', '4', '5', '6', '7'] },
|
||||
{ key: 'HAS_EXTERNAL_DESTRUCTION', label: 'Externer Vernichtungsdienstleister', type: 'boolean' },
|
||||
{ key: 'HAS_PHYSICAL_TRANSPORT', label: 'Physischer Datenträgertransport', type: 'boolean' },
|
||||
{ key: 'HAS_THIRD_COUNTRY_TRANSFER', label: 'Datenübermittlung in Drittländer', type: 'boolean' },
|
||||
{ key: 'AVAILABILITY_TARGET', label: 'Verfügbarkeitsziel', type: 'select', opts: ['99.0', '99.5', '99.9', '99.99'] },
|
||||
{ key: 'HAS_USV', label: 'USV vorhanden', type: 'boolean' },
|
||||
{ key: 'HAS_REDUNDANCY', label: 'Redundante Systeme / Failover', type: 'boolean' },
|
||||
{ key: 'HAS_GEO_REDUNDANCY', label: 'Georedundanter Standort', type: 'boolean' },
|
||||
{ key: 'HAS_OWN_SERVER_ROOM', label: 'Eigener Serverraum', type: 'boolean' },
|
||||
{ key: 'HAS_CLOUD_SERVICES', label: 'Cloud-Dienste im Einsatz', type: 'boolean' },
|
||||
{ key: 'HAS_MULTI_TENANT', label: 'Multi-Tenant-System', type: 'boolean' },
|
||||
{ key: 'SEPARATION_TYPE', label: 'Art der Mandantentrennung', type: 'select', opts: ['logisch', 'physisch', 'eigene Infrastruktur'] },
|
||||
{ key: 'HAS_TEST_DATA_ANONYMIZED', label: 'Testdaten anonymisiert/synthetisch', type: 'boolean' },
|
||||
],
|
||||
// ── DPA / AVV ─────────────────────────────────────────────────────────
|
||||
DPA: [
|
||||
{ key: 'AG_NAME', label: 'Auftraggeber (Name/Firma)' },
|
||||
{ key: 'AG_STRASSE', label: 'Auftraggeber Straße' },
|
||||
{ key: 'AG_PLZ_ORT', label: 'Auftraggeber PLZ Ort' },
|
||||
{ key: 'AN_NAME', label: 'Auftragnehmer (Name/Firma)' },
|
||||
{ key: 'AN_STRASSE', label: 'Auftragnehmer Straße' },
|
||||
{ key: 'AN_PLZ_ORT', label: 'Auftragnehmer PLZ Ort' },
|
||||
{ key: 'VERARBEITUNGSGEGENSTAND', label: 'Gegenstand der Verarbeitung', type: 'textarea', span: true },
|
||||
{ key: 'VERARBEITUNGSZWECK', label: 'Zweck der Verarbeitung', type: 'textarea', span: true },
|
||||
{ key: 'VERARBEITUNGSARTEN', label: 'Art der Verarbeitung (Erheben, Speichern, …)', type: 'textarea', span: true },
|
||||
{ key: 'DATENKATEGORIEN', label: 'Datenkategorien', type: 'textarea', span: true },
|
||||
{ key: 'PERSONENKATEGORIEN', label: 'Betroffene Personenkategorien', type: 'textarea', span: true },
|
||||
{ key: 'BREACH_NOTIFICATION_HOURS', label: 'Meldefrist Datenschutzverletzung (h)', type: 'select', opts: ['12', '24', '48'] },
|
||||
{ key: 'INSTRUCTION_RETENTION_YEARS', label: 'Aufbewahrung Weisungen (Jahre)', type: 'select', opts: ['3', '5', '10'] },
|
||||
{ key: 'SUB_PROCESSOR_NOTICE_WEEKS', label: 'Ankündigung Sub-AV (Wochen)', type: 'select', opts: ['2', '4', '6'] },
|
||||
{ key: 'SUB_PROCESSOR_OBJECTION_WEEKS', label: 'Widerspruchsfrist Sub-AV (Wochen)', type: 'select', opts: ['2', '4'] },
|
||||
{ key: 'DATA_EXPORT_FORMAT', label: 'Datenformat bei Rückgabe', type: 'select', opts: ['CSV/JSON', 'CSV', 'JSON', 'XML', 'nach Vereinbarung'] },
|
||||
{ key: 'RETURN_CHOICE_WEEKS', label: 'Frist Rückgabe-Wahl (Wochen)', type: 'select', opts: ['2', '4', '8'] },
|
||||
{ key: 'DELETION_DAYS', label: 'Löschfrist nach Vertragsende (Tage)', type: 'select', opts: ['30', '60', '90'] },
|
||||
{ key: 'AN_DSB_NAME', label: 'DSB Auftragnehmer Name' },
|
||||
{ key: 'AN_DSB_EMAIL', label: 'DSB Auftragnehmer E-Mail', type: 'email' },
|
||||
{ key: 'VERTRAGSDATUM', label: 'Vertragsdatum (JJJJ-MM-TT)' },
|
||||
{ key: 'GERICHTSSTAND', label: 'Gerichtsstand' },
|
||||
{ key: 'HAS_LIABILITY_PROTECTION', label: 'Haftungsschutz bei Weisung (§ 4.1a)', type: 'boolean' },
|
||||
{ key: 'HAS_SUPPORT_COST_CLAUSE', label: 'Kostenregelung Unterstützung (§ 7.4)', type: 'boolean' },
|
||||
{ key: 'HAS_SUB_PROCESSOR_SILENCE_APPROVAL', label: 'Zustimmungsfiktion bei Sub-AV (§ 8.2a)', type: 'boolean' },
|
||||
{ key: 'HAS_SUB_PROCESSOR_TERMINATION_RIGHT', label: 'Kündigungsrecht bei Sub-AV-Widerspruch (§ 8.3)', type: 'boolean' },
|
||||
{ key: 'HAS_REACTIVATION_PERIOD', label: 'Reaktivierungszeitraum (§ 10.1)', type: 'boolean' },
|
||||
{ key: 'REACTIVATION_MONTHS', label: 'Reaktivierung (Monate)', type: 'select', opts: ['1', '3', '6'] },
|
||||
{ key: 'HAS_RETURN_COST_CLAUSE', label: 'Kosten für Datenrückgabe (§ 10.5)', type: 'boolean' },
|
||||
{ key: 'HAS_GERICHTSSTAND_CLAUSE', label: 'Gerichtsstandklausel (§ 11.1)', type: 'boolean' },
|
||||
{ key: 'HAS_UNILATERAL_CHANGE_RIGHT', label: '⚠️ Einseitiges Änderungsrecht AN (§ 11.6)', type: 'boolean' },
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
@@ -9,6 +9,8 @@ import type {
|
||||
TemplateContext,
|
||||
ProviderCtx,
|
||||
ComputedFlags,
|
||||
TOMCtx,
|
||||
DPACtx,
|
||||
} from './contextBridge'
|
||||
|
||||
// =============================================================================
|
||||
@@ -44,6 +46,8 @@ export function contextToPlaceholders(ctx: TemplateContext): Record<string, stri
|
||||
const con = ctx.CONSENT
|
||||
const h = ctx.HOSTING
|
||||
const f = ctx.FEATURES
|
||||
const tom = ctx.TOM
|
||||
const dpa = ctx.DPA
|
||||
|
||||
const address = providerAddress(p)
|
||||
|
||||
@@ -180,6 +184,86 @@ export function contextToPlaceholders(ctx: TemplateContext): Record<string, stri
|
||||
'{{LIMITATION_CAP_TEXT}}': str(f.LIMITATION_CAP_TEXT),
|
||||
'{{CONSUMER_WITHDRAWAL_TEXT}}': str(f.CONSUMER_WITHDRAWAL_TEXT),
|
||||
'{{SUPPORT_CHANNELS_TEXT}}': str(f.SUPPORT_CHANNELS_TEXT),
|
||||
|
||||
// --- TOM ---
|
||||
'{{ISB_NAME}}': str(tom.ISB_NAME),
|
||||
'{{GF_NAME}}': str(tom.GF_NAME),
|
||||
'{{DOCUMENT_VERSION}}': str(tom.DOCUMENT_VERSION),
|
||||
'{{NEXT_REVIEW_DATE}}': str(tom.NEXT_REVIEW_DATE),
|
||||
|
||||
// --- DPA / AVV ---
|
||||
'{{AG_NAME}}': str(dpa.AG_NAME) || str(c.LEGAL_NAME),
|
||||
'{{AG_STRASSE}}': str(dpa.AG_STRASSE) || str(c.ADDRESS_LINE),
|
||||
'{{AG_PLZ_ORT}}': str(dpa.AG_PLZ_ORT) || [c.POSTAL_CODE, c.CITY].filter(Boolean).join(' '),
|
||||
'{{AN_NAME}}': str(dpa.AN_NAME) || str(p.LEGAL_NAME),
|
||||
'{{AN_STRASSE}}': str(dpa.AN_STRASSE) || str(p.ADDRESS_LINE),
|
||||
'{{AN_PLZ_ORT}}': str(dpa.AN_PLZ_ORT) || [p.POSTAL_CODE, p.CITY].filter(Boolean).join(' '),
|
||||
'{{VERARBEITUNGSGEGENSTAND}}': str(dpa.VERARBEITUNGSGEGENSTAND),
|
||||
'{{VERARBEITUNGSZWECK}}': str(dpa.VERARBEITUNGSZWECK),
|
||||
'{{VERARBEITUNGSARTEN}}': str(dpa.VERARBEITUNGSARTEN),
|
||||
'{{DATENKATEGORIEN}}': str(dpa.DATENKATEGORIEN),
|
||||
'{{PERSONENKATEGORIEN}}': str(dpa.PERSONENKATEGORIEN),
|
||||
'{{BREACH_NOTIFICATION_HOURS}}': str(dpa.BREACH_NOTIFICATION_HOURS) || str(sec.INCIDENT_NOTICE_HOURS),
|
||||
'{{INSTRUCTION_RETENTION_YEARS}}': str(dpa.INSTRUCTION_RETENTION_YEARS),
|
||||
'{{SUB_PROCESSOR_NOTICE_WEEKS}}': str(dpa.SUB_PROCESSOR_NOTICE_WEEKS),
|
||||
'{{SUB_PROCESSOR_OBJECTION_WEEKS}}': str(dpa.SUB_PROCESSOR_OBJECTION_WEEKS),
|
||||
'{{DATA_EXPORT_FORMAT}}': str(dpa.DATA_EXPORT_FORMAT),
|
||||
'{{RETURN_CHOICE_WEEKS}}': str(dpa.RETURN_CHOICE_WEEKS),
|
||||
'{{DELETION_DAYS}}': str(dpa.DELETION_DAYS),
|
||||
'{{REACTIVATION_MONTHS}}': str(dpa.REACTIVATION_MONTHS),
|
||||
'{{TERMINATION_WEEKS}}': str(dpa.TERMINATION_WEEKS),
|
||||
'{{CHANGE_NOTICE_WEEKS}}': str(dpa.CHANGE_NOTICE_WEEKS),
|
||||
'{{THIRD_COUNTRY_OBJECTION_WEEKS}}': str(dpa.THIRD_COUNTRY_OBJECTION_WEEKS),
|
||||
'{{AN_DSB_NAME}}': str(dpa.AN_DSB_NAME) || str(prv.DPO_NAME),
|
||||
'{{AN_DSB_EMAIL}}': str(dpa.AN_DSB_EMAIL) || str(prv.DPO_EMAIL),
|
||||
'{{AG_ORT}}': str(dpa.AG_ORT),
|
||||
'{{AN_ORT}}': str(dpa.AN_ORT),
|
||||
'{{VERTRAGSDATUM}}': str(dpa.VERTRAGSDATUM) || str(l.VERSION_DATE),
|
||||
'{{AG_UNTERZEICHNER_NAME}}': str(dpa.AG_UNTERZEICHNER_NAME),
|
||||
'{{AG_UNTERZEICHNER_FUNKTION}}': str(dpa.AG_UNTERZEICHNER_FUNKTION),
|
||||
'{{AN_UNTERZEICHNER_NAME}}': str(dpa.AN_UNTERZEICHNER_NAME) || str(p.CEO_NAME),
|
||||
'{{AN_UNTERZEICHNER_FUNKTION}}': str(dpa.AN_UNTERZEICHNER_FUNKTION),
|
||||
'{{GERICHTSSTAND}}': str(dpa.GERICHTSSTAND) || str(l.JURISDICTION_CITY),
|
||||
|
||||
// --- FEATURES: Whistleblower ---
|
||||
'{{WHISTLEBLOWER_CONTACT_NAME}}': str(f.WHISTLEBLOWER_CONTACT_NAME),
|
||||
'{{WHISTLEBLOWER_CONTACT_ROLE}}': str(f.WHISTLEBLOWER_CONTACT_ROLE),
|
||||
'{{WHISTLEBLOWER_EMAIL}}': str(f.WHISTLEBLOWER_EMAIL),
|
||||
'{{WHISTLEBLOWER_PHONE}}': str(f.WHISTLEBLOWER_PHONE),
|
||||
'{{WHISTLEBLOWER_URL}}': str(f.WHISTLEBLOWER_URL),
|
||||
// --- FEATURES: Video Conference ---
|
||||
'{{VIDEO_PROVIDER_NAME}}': str(f.VIDEO_PROVIDER_NAME),
|
||||
'{{VIDEO_PROVIDER_COUNTRY}}': str(f.VIDEO_PROVIDER_COUNTRY),
|
||||
'{{VIDEO_PROVIDER_ROLE}}': str(f.VIDEO_PROVIDER_ROLE),
|
||||
'{{VIDEO_PROVIDER_PRIVACY_URL}}': str(f.VIDEO_PROVIDER_PRIVACY_URL),
|
||||
'{{RECORDING_RETENTION_DAYS}}': str(f.RECORDING_RETENTION_DAYS),
|
||||
// --- FEATURES: KI/AI ---
|
||||
'{{APPROVED_AI_SYSTEMS}}': str(f.APPROVED_AI_SYSTEMS),
|
||||
// --- FEATURES: BYOD ---
|
||||
'{{BYOD_COST_DETAILS}}': str(f.BYOD_COST_DETAILS),
|
||||
// --- FEATURES: Consent ---
|
||||
'{{NEWSLETTER_SIGNUP_URL}}': str(f.NEWSLETTER_SIGNUP_URL),
|
||||
// --- FEATURES: Social Media ---
|
||||
'{{SOCIAL_MEDIA_PLATFORMS_LIST}}': str(f.SOCIAL_MEDIA_PLATFORMS_LIST),
|
||||
'{{EDITORIAL_EMAIL}}': str(f.EDITORIAL_EMAIL),
|
||||
// --- FEATURES: Transfer/SCC ---
|
||||
'{{RECIPIENT_NAME}}': str(f.RECIPIENT_NAME),
|
||||
'{{RECIPIENT_COUNTRY}}': str(f.RECIPIENT_COUNTRY),
|
||||
'{{RECIPIENT_ADDRESS}}': str(f.RECIPIENT_ADDRESS),
|
||||
'{{RECIPIENT_CONTACT}}': str(f.RECIPIENT_CONTACT),
|
||||
'{{RECIPIENT_EMAIL}}': str(f.RECIPIENT_EMAIL),
|
||||
'{{RECIPIENT_ROLE}}': str(f.RECIPIENT_ROLE),
|
||||
'{{TRANSFER_PURPOSE}}': str(f.TRANSFER_PURPOSE),
|
||||
'{{TRANSFER_MECHANISM}}': str(f.TRANSFER_MECHANISM),
|
||||
'{{DATA_CATEGORIES_TRANSFERRED}}': str(f.DATA_CATEGORIES_TRANSFERRED),
|
||||
'{{DATA_SUBJECTS}}': str(f.DATA_SUBJECTS),
|
||||
'{{TRANSFER_FREQUENCY}}': str(f.TRANSFER_FREQUENCY),
|
||||
// --- FEATURES: DSI ---
|
||||
'{{DSI_TITLE}}': str(f.DSI_TITLE) || 'Datenschutzerklaerung',
|
||||
'{{SERVICE_SCOPE_DESCRIPTION}}': str(f.SERVICE_SCOPE_DESCRIPTION),
|
||||
'{{FULFILLMENT_LOCATION}}': str(f.FULFILLMENT_LOCATION),
|
||||
'{{GUIDELINES_URL}}': str(f.GUIDELINES_URL),
|
||||
'{{PROCESSOR_LIST_URL}}': str(f.PROCESSOR_LIST_URL),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -216,7 +300,9 @@ const SECTION_COVERS: Record<keyof TemplateContext, string[]> = {
|
||||
NDA: ['{{PURPOSE}}', '{{DURATION_YEARS}}', '{{PENALTY_AMOUNT}}'],
|
||||
CONSENT: ['{{WEBSITE_NAME}}', '{{ANALYTICS_TOOLS}}', '{{MARKETING_PARTNERS}}', '{{ANALYTICS_TOOLS_LIST}}', '{{MARKETING_PARTNERS_LIST}}'],
|
||||
HOSTING: ['{{HOSTING_PROVIDER_NAME}}', '{{HOSTING_PROVIDER_COUNTRY}}', '{{HOSTING_PROVIDER_CONTRACT_TYPE}}'],
|
||||
FEATURES: ['{{CONSENT_WITHDRAWAL_PATH}}', '{{SECURITY_MEASURES_SUMMARY}}', '{{DATA_SUBJECT_REQUEST_CHANNEL}}', '{{TRANSFER_GUARDS}}', '{{REGULATED_PROFESSION_TEXT}}', '{{EDITORIAL_RESPONSIBLE_NAME}}', '{{EDITORIAL_RESPONSIBLE_ADDRESS}}', '{{DISPUTE_RESOLUTION_TEXT}}', '{{NEWSLETTER_PROVIDER_DETAIL}}', '{{PAYMENT_PROVIDER_DETAIL}}', '{{SOCIAL_MEDIA_DETAIL}}', '{{ANALYTICS_TOOLS_DETAIL}}', '{{MARKETING_TOOLS_DETAIL}}', '{{CMP_NAME}}', '{{PRICES_TEXT}}', '{{PAYMENT_TERMS_TEXT}}', '{{CONTRACT_TERM_TEXT}}', '{{SLA_URL}}', '{{EXPORT_POLICY_TEXT}}', '{{LIMITATION_CAP_TEXT}}', '{{CONSUMER_WITHDRAWAL_TEXT}}', '{{SUPPORT_CHANNELS_TEXT}}'],
|
||||
FEATURES: ['{{CONSENT_WITHDRAWAL_PATH}}', '{{SECURITY_MEASURES_SUMMARY}}', '{{DATA_SUBJECT_REQUEST_CHANNEL}}', '{{TRANSFER_GUARDS}}', '{{REGULATED_PROFESSION_TEXT}}', '{{EDITORIAL_RESPONSIBLE_NAME}}', '{{EDITORIAL_RESPONSIBLE_ADDRESS}}', '{{DISPUTE_RESOLUTION_TEXT}}', '{{NEWSLETTER_PROVIDER_DETAIL}}', '{{PAYMENT_PROVIDER_DETAIL}}', '{{SOCIAL_MEDIA_DETAIL}}', '{{ANALYTICS_TOOLS_DETAIL}}', '{{MARKETING_TOOLS_DETAIL}}', '{{CMP_NAME}}', '{{PRICES_TEXT}}', '{{PAYMENT_TERMS_TEXT}}', '{{CONTRACT_TERM_TEXT}}', '{{SLA_URL}}', '{{EXPORT_POLICY_TEXT}}', '{{LIMITATION_CAP_TEXT}}', '{{CONSUMER_WITHDRAWAL_TEXT}}', '{{SUPPORT_CHANNELS_TEXT}}', '{{WHISTLEBLOWER_CONTACT_NAME}}', '{{WHISTLEBLOWER_EMAIL}}', '{{WHISTLEBLOWER_URL}}', '{{VIDEO_PROVIDER_NAME}}', '{{APPROVED_AI_SYSTEMS}}', '{{SOCIAL_MEDIA_PLATFORMS_LIST}}', '{{DSI_TITLE}}', '{{SERVICE_SCOPE_DESCRIPTION}}', '{{GUIDELINES_URL}}', '{{PROCESSOR_LIST_URL}}', '{{RECIPIENT_NAME}}', '{{RECIPIENT_COUNTRY}}', '{{TRANSFER_PURPOSE}}', '{{TRANSFER_MECHANISM}}'],
|
||||
TOM: ['{{ISB_NAME}}', '{{GF_NAME}}', '{{DOCUMENT_VERSION}}', '{{NEXT_REVIEW_DATE}}'],
|
||||
DPA: ['{{AG_NAME}}', '{{AG_STRASSE}}', '{{AG_PLZ_ORT}}', '{{AN_NAME}}', '{{AN_STRASSE}}', '{{AN_PLZ_ORT}}', '{{VERARBEITUNGSGEGENSTAND}}', '{{VERARBEITUNGSZWECK}}', '{{VERARBEITUNGSARTEN}}', '{{DATENKATEGORIEN}}', '{{PERSONENKATEGORIEN}}', '{{BREACH_NOTIFICATION_HOURS}}', '{{INSTRUCTION_RETENTION_YEARS}}', '{{SUB_PROCESSOR_NOTICE_WEEKS}}', '{{SUB_PROCESSOR_OBJECTION_WEEKS}}', '{{DATA_EXPORT_FORMAT}}', '{{RETURN_CHOICE_WEEKS}}', '{{DELETION_DAYS}}', '{{REACTIVATION_MONTHS}}', '{{TERMINATION_WEEKS}}', '{{AN_DSB_NAME}}', '{{AN_DSB_EMAIL}}', '{{AG_ORT}}', '{{AN_ORT}}', '{{VERTRAGSDATUM}}', '{{AG_UNTERZEICHNER_NAME}}', '{{AG_UNTERZEICHNER_FUNKTION}}', '{{AN_UNTERZEICHNER_NAME}}', '{{AN_UNTERZEICHNER_FUNKTION}}', '{{GERICHTSSTAND}}'],
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -167,6 +167,84 @@ export interface FeaturesCtx {
|
||||
SUPPORT_CHANNELS_TEXT: string
|
||||
}
|
||||
|
||||
export interface TOMCtx {
|
||||
ISB_NAME: string
|
||||
GF_NAME: string
|
||||
DOCUMENT_VERSION: string
|
||||
NEXT_REVIEW_DATE: string
|
||||
// Conditional blocks
|
||||
HAS_PHYSICAL_TRANSPORT: boolean
|
||||
HAS_THIRD_COUNTRY_TRANSFER: boolean
|
||||
HAS_CLOUD_SERVICES: boolean
|
||||
HAS_MFA: boolean
|
||||
HAS_USB_LOCKED: boolean
|
||||
HAS_MOBILE_MEDIA: boolean
|
||||
HAS_FOUR_EYES_DELETE: boolean
|
||||
HAS_EXTERNAL_DESTRUCTION: boolean
|
||||
HAS_REDUNDANCY: boolean
|
||||
HAS_GEO_REDUNDANCY: boolean
|
||||
HAS_USV: boolean
|
||||
HAS_OWN_SERVER_ROOM: boolean
|
||||
HAS_MULTI_TENANT: boolean
|
||||
HAS_TEST_DATA_ANONYMIZED: boolean
|
||||
// Selects
|
||||
LOG_RETENTION_MONTHS: number | ''
|
||||
DIN_66399_LEVEL: string
|
||||
AVAILABILITY_TARGET: string
|
||||
SEPARATION_TYPE: string
|
||||
}
|
||||
|
||||
export interface DPACtx {
|
||||
// Parties
|
||||
AG_NAME: string
|
||||
AG_STRASSE: string
|
||||
AG_PLZ_ORT: string
|
||||
AN_NAME: string
|
||||
AN_STRASSE: string
|
||||
AN_PLZ_ORT: string
|
||||
// Processing details
|
||||
VERARBEITUNGSGEGENSTAND: string
|
||||
VERARBEITUNGSZWECK: string
|
||||
VERARBEITUNGSARTEN: string
|
||||
DATENKATEGORIEN: string
|
||||
PERSONENKATEGORIEN: string
|
||||
// Timings
|
||||
BREACH_NOTIFICATION_HOURS: number | ''
|
||||
INSTRUCTION_RETENTION_YEARS: number | ''
|
||||
SUB_PROCESSOR_NOTICE_WEEKS: number | ''
|
||||
SUB_PROCESSOR_OBJECTION_WEEKS: number | ''
|
||||
RETURN_CHOICE_WEEKS: number | ''
|
||||
DELETION_DAYS: number | ''
|
||||
REACTIVATION_MONTHS: number | ''
|
||||
TERMINATION_WEEKS: number | ''
|
||||
CHANGE_NOTICE_WEEKS: number | ''
|
||||
THIRD_COUNTRY_OBJECTION_WEEKS: number | ''
|
||||
// Data return
|
||||
DATA_EXPORT_FORMAT: string
|
||||
// DSB
|
||||
AN_DSB_NAME: string
|
||||
AN_DSB_EMAIL: string
|
||||
// Signatures
|
||||
AG_ORT: string
|
||||
AN_ORT: string
|
||||
VERTRAGSDATUM: string
|
||||
AG_UNTERZEICHNER_NAME: string
|
||||
AG_UNTERZEICHNER_FUNKTION: string
|
||||
AN_UNTERZEICHNER_NAME: string
|
||||
AN_UNTERZEICHNER_FUNKTION: string
|
||||
GERICHTSSTAND: string
|
||||
// Optional clauses
|
||||
HAS_LIABILITY_PROTECTION: boolean
|
||||
HAS_SUPPORT_COST_CLAUSE: boolean
|
||||
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: boolean
|
||||
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: boolean
|
||||
HAS_REACTIVATION_PERIOD: boolean
|
||||
HAS_RETURN_COST_CLAUSE: boolean
|
||||
HAS_GERICHTSSTAND_CLAUSE: boolean
|
||||
HAS_UNILATERAL_CHANGE_RIGHT: boolean
|
||||
HAS_THIRD_COUNTRY_OBJECTION: boolean
|
||||
}
|
||||
|
||||
export interface TemplateContext {
|
||||
PROVIDER: ProviderCtx
|
||||
CUSTOMER: CustomerCtx
|
||||
@@ -180,6 +258,8 @@ export interface TemplateContext {
|
||||
CONSENT: ConsentCtx
|
||||
HOSTING: HostingCtx
|
||||
FEATURES: FeaturesCtx
|
||||
TOM: TOMCtx
|
||||
DPA: DPACtx
|
||||
}
|
||||
|
||||
export interface ComputedFlags {
|
||||
@@ -263,6 +343,37 @@ export const EMPTY_CONTEXT: TemplateContext = {
|
||||
LIMITATION_CAP_TEXT: '', HAS_WITHDRAWAL: false, CONSUMER_WITHDRAWAL_TEXT: '',
|
||||
SUPPORT_CHANNELS_TEXT: '',
|
||||
},
|
||||
TOM: {
|
||||
ISB_NAME: '', GF_NAME: '', DOCUMENT_VERSION: '1.0.0', NEXT_REVIEW_DATE: '',
|
||||
HAS_PHYSICAL_TRANSPORT: false, HAS_THIRD_COUNTRY_TRANSFER: false,
|
||||
HAS_CLOUD_SERVICES: false, HAS_MFA: true, HAS_USB_LOCKED: false,
|
||||
HAS_MOBILE_MEDIA: false, HAS_FOUR_EYES_DELETE: false,
|
||||
HAS_EXTERNAL_DESTRUCTION: false, HAS_REDUNDANCY: false,
|
||||
HAS_GEO_REDUNDANCY: false, HAS_USV: true, HAS_OWN_SERVER_ROOM: false,
|
||||
HAS_MULTI_TENANT: false, HAS_TEST_DATA_ANONYMIZED: true,
|
||||
LOG_RETENTION_MONTHS: 6, DIN_66399_LEVEL: '3',
|
||||
AVAILABILITY_TARGET: '99.5', SEPARATION_TYPE: 'logisch',
|
||||
},
|
||||
DPA: {
|
||||
AG_NAME: '', AG_STRASSE: '', AG_PLZ_ORT: '',
|
||||
AN_NAME: '', AN_STRASSE: '', AN_PLZ_ORT: '',
|
||||
VERARBEITUNGSGEGENSTAND: '', VERARBEITUNGSZWECK: '', VERARBEITUNGSARTEN: '',
|
||||
DATENKATEGORIEN: '', PERSONENKATEGORIEN: '',
|
||||
BREACH_NOTIFICATION_HOURS: 24, INSTRUCTION_RETENTION_YEARS: 3,
|
||||
SUB_PROCESSOR_NOTICE_WEEKS: 2, SUB_PROCESSOR_OBJECTION_WEEKS: 2,
|
||||
RETURN_CHOICE_WEEKS: 4, DELETION_DAYS: 90, REACTIVATION_MONTHS: 3,
|
||||
TERMINATION_WEEKS: 4, CHANGE_NOTICE_WEEKS: 4, THIRD_COUNTRY_OBJECTION_WEEKS: 3,
|
||||
DATA_EXPORT_FORMAT: 'CSV/JSON', AN_DSB_NAME: '', AN_DSB_EMAIL: '',
|
||||
AG_ORT: '', AN_ORT: '', VERTRAGSDATUM: '',
|
||||
AG_UNTERZEICHNER_NAME: '', AG_UNTERZEICHNER_FUNKTION: 'Geschaeftsfuehrer',
|
||||
AN_UNTERZEICHNER_NAME: '', AN_UNTERZEICHNER_FUNKTION: 'Geschaeftsfuehrer',
|
||||
GERICHTSSTAND: '',
|
||||
HAS_LIABILITY_PROTECTION: false, HAS_SUPPORT_COST_CLAUSE: false,
|
||||
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true, HAS_SUB_PROCESSOR_TERMINATION_RIGHT: false,
|
||||
HAS_REACTIVATION_PERIOD: true, HAS_RETURN_COST_CLAUSE: false,
|
||||
HAS_GERICHTSSTAND_CLAUSE: true, HAS_UNILATERAL_CHANGE_RIGHT: false,
|
||||
HAS_THIRD_COUNTRY_OBJECTION: false,
|
||||
},
|
||||
}
|
||||
|
||||
// =============================================================================
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"document_type": "ai_usage_policy",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"PROVIDER": { "LEGAL_NAME": "Muster GmbH" },
|
||||
"FEATURES": {
|
||||
"APPROVED_AI_SYSTEMS": "ChatGPT (OpenAI), GitHub Copilot, DeepL Pro",
|
||||
"HAS_APPROVED_AI_LIST": true,
|
||||
"HAS_AI_LABELING_INTERNAL": true,
|
||||
"HAS_TDM_OPTOUT": true
|
||||
},
|
||||
"TOM": { "DOCUMENT_VERSION": "1.0.0", "NEXT_REVIEW_DATE": "2026-11-01" }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,36 @@
|
||||
{
|
||||
"document_type": "dpa",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"DPA": {
|
||||
"AG_NAME": "Muster GmbH",
|
||||
"AG_STRASSE": "Musterstrasse 1",
|
||||
"AG_PLZ_ORT": "10115 Berlin",
|
||||
"AN_NAME": "BreakPilot GmbH",
|
||||
"AN_STRASSE": "Hardtring 6",
|
||||
"AN_PLZ_ORT": "78224 Singen",
|
||||
"VERARBEITUNGSGEGENSTAND": "Bereitstellung und Betrieb einer SaaS-Compliance-Plattform",
|
||||
"VERARBEITUNGSZWECK": "Compliance-Management, Dokumentengenerierung, Risikobewertung",
|
||||
"VERARBEITUNGSARTEN": "Erheben, Speichern, Veraendern, Auslesen, Abfragen, Uebermitteln, Loeschen",
|
||||
"DATENKATEGORIEN": "Stammdaten, Kontaktdaten, Vertragsdaten, Nutzungsdaten, Kommunikationsdaten",
|
||||
"PERSONENKATEGORIEN": "Mitarbeitende des Auftraggebers, Kunden des Auftraggebers, Ansprechpartner",
|
||||
"BREACH_NOTIFICATION_HOURS": 24,
|
||||
"INSTRUCTION_RETENTION_YEARS": 3,
|
||||
"SUB_PROCESSOR_NOTICE_WEEKS": 4,
|
||||
"SUB_PROCESSOR_OBJECTION_WEEKS": 2,
|
||||
"DATA_EXPORT_FORMAT": "CSV/JSON",
|
||||
"RETURN_CHOICE_WEEKS": 4,
|
||||
"DELETION_DAYS": 90,
|
||||
"AN_DSB_NAME": "Max Mustermann",
|
||||
"AN_DSB_EMAIL": "datenschutz@breakpilot.ai",
|
||||
"VERTRAGSDATUM": "2026-05-01",
|
||||
"AG_ORT": "Berlin",
|
||||
"AN_ORT": "Singen",
|
||||
"AG_UNTERZEICHNER_NAME": "Anna Beispiel",
|
||||
"AG_UNTERZEICHNER_FUNKTION": "Geschaeftsfuehrerin",
|
||||
"AN_UNTERZEICHNER_NAME": "Benjamin Boenisch",
|
||||
"AN_UNTERZEICHNER_FUNKTION": "Geschaeftsfuehrer",
|
||||
"GERICHTSSTAND": "Singen"
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,33 @@
|
||||
{
|
||||
"document_type": "employee_dsi",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"PROVIDER": {
|
||||
"LEGAL_NAME": "Muster GmbH",
|
||||
"LEGAL_FORM": "GmbH",
|
||||
"ADDRESS_LINE": "Musterstrasse 1",
|
||||
"POSTAL_CODE": "10115",
|
||||
"CITY": "Berlin",
|
||||
"COUNTRY": "DE",
|
||||
"EMAIL": "info@muster.de",
|
||||
"PHONE": "+49 30 123456"
|
||||
},
|
||||
"PRIVACY": {
|
||||
"DPO_NAME": "Dr. Datenschutz",
|
||||
"DPO_EMAIL": "dsb@muster.de",
|
||||
"SUPERVISORY_AUTHORITY_NAME": "Berliner Beauftragte fuer Datenschutz"
|
||||
},
|
||||
"FEATURES": {
|
||||
"HAS_IT_USAGE_MONITORING": true,
|
||||
"HAS_COMPANY_VEHICLE": false,
|
||||
"HAS_ACCESS_CONTROL": true,
|
||||
"HAS_VIDEO_SURVEILLANCE": false,
|
||||
"HAS_COMPANY_PENSION": true,
|
||||
"HAS_EXTERNAL_HR_SOFTWARE": true,
|
||||
"HAS_WORKS_COUNCIL": false,
|
||||
"HAS_SPECIAL_CATEGORIES_EMPLOYEES": true,
|
||||
"DATA_SUBJECT_REQUEST_CHANNEL": "per E-Mail an dsb@muster.de"
|
||||
},
|
||||
"SECURITY": { "LOG_RETENTION_DAYS": 90 }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,27 @@
|
||||
{
|
||||
"document_type": "social_media_dsi",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"PROVIDER": {
|
||||
"LEGAL_NAME": "Muster GmbH",
|
||||
"WEBSITE_URL": "https://www.muster.de",
|
||||
"EMAIL": "info@muster.de",
|
||||
"PHONE": "+49 30 123456"
|
||||
},
|
||||
"PRIVACY": {
|
||||
"DPO_EMAIL": "dsb@muster.de",
|
||||
"SUPERVISORY_AUTHORITY_NAME": "Berliner Beauftragte fuer Datenschutz",
|
||||
"SUPERVISORY_AUTHORITY_ADDRESS": "Friedrichstr. 219, 10969 Berlin"
|
||||
},
|
||||
"FEATURES": {
|
||||
"HAS_FACEBOOK": true,
|
||||
"HAS_YOUTUBE": true,
|
||||
"HAS_LINKEDIN": true,
|
||||
"HAS_TIKTOK": false,
|
||||
"HAS_X_TWITTER": false,
|
||||
"HAS_META_PIXEL": true,
|
||||
"HAS_RECRUITING_VIA_SOCIAL": true,
|
||||
"SOCIAL_MEDIA_PLATFORMS_LIST": "Facebook, Instagram, YouTube und LinkedIn"
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,19 @@
|
||||
{
|
||||
"document_type": "transfer_impact_assessment",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"PROVIDER": { "LEGAL_NAME": "Muster GmbH" },
|
||||
"PRIVACY": { "DPO_NAME": "Dr. Datenschutz", "DPO_EMAIL": "dsb@muster.de" },
|
||||
"FEATURES": {
|
||||
"RECIPIENT_NAME": "Cloud Provider Inc.",
|
||||
"RECIPIENT_COUNTRY": "US",
|
||||
"RECIPIENT_ROLE": "Auftragsverarbeiter",
|
||||
"TRANSFER_PURPOSE": "Hosting der Anwendungsdaten",
|
||||
"TRANSFER_MECHANISM": "EU-Standardvertragsklauseln (SCC) + EU-US DPF",
|
||||
"DATA_CATEGORIES_TRANSFERRED": "Stammdaten, Kontaktdaten, Nutzungsdaten",
|
||||
"DATA_SUBJECTS": "Kunden, Nutzer der Plattform",
|
||||
"TRANSFER_FREQUENCY": "Kontinuierlich (Echtzeit-Datenverarbeitung)"
|
||||
},
|
||||
"TOM": { "GF_NAME": "Max Geschaeftsfuehrer", "DOCUMENT_VERSION": "1.0.0", "NEXT_REVIEW_DATE": "2027-05-01" }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,30 @@
|
||||
{
|
||||
"document_type": "tom_documentation",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"TOM": {
|
||||
"ISB_NAME": "Thomas Sicher",
|
||||
"GF_NAME": "Benjamin Boenisch",
|
||||
"DOCUMENT_VERSION": "2.0.0",
|
||||
"NEXT_REVIEW_DATE": "2027-05-01",
|
||||
"HAS_MFA": true,
|
||||
"HAS_USB_LOCKED": false,
|
||||
"HAS_MOBILE_MEDIA": false,
|
||||
"HAS_FOUR_EYES_DELETE": true,
|
||||
"HAS_EXTERNAL_DESTRUCTION": true,
|
||||
"HAS_PHYSICAL_TRANSPORT": false,
|
||||
"HAS_THIRD_COUNTRY_TRANSFER": false,
|
||||
"HAS_CLOUD_SERVICES": true,
|
||||
"HAS_REDUNDANCY": true,
|
||||
"HAS_GEO_REDUNDANCY": false,
|
||||
"HAS_USV": true,
|
||||
"HAS_OWN_SERVER_ROOM": true,
|
||||
"HAS_MULTI_TENANT": true,
|
||||
"HAS_TEST_DATA_ANONYMIZED": true,
|
||||
"LOG_RETENTION_MONTHS": 12,
|
||||
"DIN_66399_LEVEL": "4",
|
||||
"AVAILABILITY_TARGET": "99.9",
|
||||
"SEPARATION_TYPE": "logisch"
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,18 @@
|
||||
{
|
||||
"document_type": "whistleblower_policy",
|
||||
"language": "de",
|
||||
"context": {
|
||||
"PROVIDER": {
|
||||
"LEGAL_NAME": "Muster GmbH"
|
||||
},
|
||||
"FEATURES": {
|
||||
"WHISTLEBLOWER_CONTACT_NAME": "Dr. Maria Compliance",
|
||||
"WHISTLEBLOWER_CONTACT_ROLE": "Compliance-Beauftragte / Meldestellenbeauftragte",
|
||||
"WHISTLEBLOWER_EMAIL": "meldestelle@muster.de",
|
||||
"WHISTLEBLOWER_PHONE": "+49 123 456789",
|
||||
"WHISTLEBLOWER_URL": "https://muster.de/meldestelle",
|
||||
"HAS_ANONYMOUS_REPORTING": true,
|
||||
"HAS_EXTERNAL_REPORTING": true
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -11,8 +11,10 @@ import { generateAllPlaceholders } from '@/lib/sdk/document-generator/datapoint-
|
||||
import { loadAllTemplates } from './searchTemplates'
|
||||
import { TemplateContext, EMPTY_CONTEXT } from './contextBridge'
|
||||
import { CATEGORIES } from './_constants'
|
||||
import { getGeneratorDefaults, getProfileLabel } from './scopeDefaults'
|
||||
import TemplateLibrary from './_components/TemplateLibrary'
|
||||
import GeneratorSection from './_components/GeneratorSection'
|
||||
import RecommendedDocuments from './_components/RecommendedDocuments'
|
||||
|
||||
function DocumentGeneratorPageInner() {
|
||||
const { state } = useSDK()
|
||||
@@ -86,6 +88,7 @@ function DocumentGeneratorPageInner() {
|
||||
}
|
||||
}, [state?.companyProfile])
|
||||
|
||||
<<<<<<< HEAD
|
||||
// ── MODULE WIRING: CookieBanner → CONSENT + FEATURES ─────────────────────
|
||||
useEffect(() => {
|
||||
const banner = state?.cookieBanner
|
||||
@@ -157,6 +160,20 @@ function DocumentGeneratorPageInner() {
|
||||
},
|
||||
}))
|
||||
}, [state?.useCases])
|
||||
=======
|
||||
// Pre-fill TOM/DPA context from Compliance Scope Engine
|
||||
useEffect(() => {
|
||||
const scopeLevel = state?.complianceScope?.determinedLevel
|
||||
if (scopeLevel) {
|
||||
const defaults = getGeneratorDefaults(scopeLevel, state?.companyProfile as never)
|
||||
setContext((prev) => ({
|
||||
...prev,
|
||||
TOM: { ...prev.TOM, ...defaults.tom },
|
||||
DPA: { ...prev.DPA, ...defaults.dpa },
|
||||
}))
|
||||
}
|
||||
}, [state?.complianceScope?.determinedLevel, state?.companyProfile])
|
||||
>>>>>>> feat/zeroclaw-compliance-agent
|
||||
|
||||
// Pre-fill extra placeholders from Einwilligungen data points
|
||||
useEffect(() => {
|
||||
@@ -249,6 +266,12 @@ function DocumentGeneratorPageInner() {
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{/* Recommended documents based on scope profile */}
|
||||
<RecommendedDocuments
|
||||
allTemplates={allTemplates}
|
||||
onUseTemplate={handleUseTemplate}
|
||||
/>
|
||||
|
||||
<TemplateLibrary
|
||||
allTemplates={allTemplates}
|
||||
filteredTemplates={filteredTemplates}
|
||||
|
||||
@@ -0,0 +1,320 @@
|
||||
/**
|
||||
* Scope-basierte Generator-Defaults
|
||||
*
|
||||
* Nimmt ScopeDecision.determinedLevel + CompanyProfile und liefert
|
||||
* vorausgefuellte TOM/DPA-Context-Werte. Alle Felder bleiben vom
|
||||
* Kunden aenderbar — die Defaults sind Empfehlungen.
|
||||
*
|
||||
* Mapping:
|
||||
* L1 = Lean Startup (≤10 MA, Cloud-only, Home Office)
|
||||
* L2 = KMU Standard (11-249 MA)
|
||||
* L3 = Erweitert (risikoreich oder >100 MA)
|
||||
* L4 = Zertifizierungsbereit (≥250 MA oder regulierte Branche)
|
||||
*/
|
||||
|
||||
import type { ComplianceDepthLevel } from '../../lib/sdk/compliance-scope-types/core-levels'
|
||||
import type { CompanyProfile } from '../../lib/sdk/types'
|
||||
import type { TOMCtx, DPACtx } from './contextBridge'
|
||||
|
||||
// ============================================================================
|
||||
// TOM Defaults per Level
|
||||
// ============================================================================
|
||||
|
||||
const TOM_DEFAULTS: Record<ComplianceDepthLevel, Partial<TOMCtx>> = {
|
||||
L1: {
|
||||
// Lean Startup: Cloud-only, kein eigener Serverraum, Home Office
|
||||
HAS_MFA: true,
|
||||
HAS_USB_LOCKED: false,
|
||||
HAS_MOBILE_MEDIA: false,
|
||||
HAS_FOUR_EYES_DELETE: false,
|
||||
HAS_EXTERNAL_DESTRUCTION: false,
|
||||
HAS_PHYSICAL_TRANSPORT: false,
|
||||
HAS_THIRD_COUNTRY_TRANSFER: false,
|
||||
HAS_CLOUD_SERVICES: true,
|
||||
HAS_REDUNDANCY: false,
|
||||
HAS_GEO_REDUNDANCY: false,
|
||||
HAS_USV: false,
|
||||
HAS_OWN_SERVER_ROOM: false,
|
||||
HAS_MULTI_TENANT: false,
|
||||
HAS_TEST_DATA_ANONYMIZED: true,
|
||||
LOG_RETENTION_MONTHS: 3,
|
||||
DIN_66399_LEVEL: '3',
|
||||
AVAILABILITY_TARGET: '99.0',
|
||||
SEPARATION_TYPE: 'logisch',
|
||||
},
|
||||
L2: {
|
||||
// KMU Standard
|
||||
HAS_MFA: true,
|
||||
HAS_USB_LOCKED: false,
|
||||
HAS_MOBILE_MEDIA: false,
|
||||
HAS_FOUR_EYES_DELETE: false,
|
||||
HAS_EXTERNAL_DESTRUCTION: false,
|
||||
HAS_PHYSICAL_TRANSPORT: false,
|
||||
HAS_THIRD_COUNTRY_TRANSFER: false,
|
||||
HAS_CLOUD_SERVICES: true,
|
||||
HAS_REDUNDANCY: false,
|
||||
HAS_GEO_REDUNDANCY: false,
|
||||
HAS_USV: false,
|
||||
HAS_OWN_SERVER_ROOM: false,
|
||||
HAS_MULTI_TENANT: false,
|
||||
HAS_TEST_DATA_ANONYMIZED: true,
|
||||
LOG_RETENTION_MONTHS: 6,
|
||||
DIN_66399_LEVEL: '3',
|
||||
AVAILABILITY_TARGET: '99.5',
|
||||
SEPARATION_TYPE: 'logisch',
|
||||
},
|
||||
L3: {
|
||||
// Erweitert
|
||||
HAS_MFA: true,
|
||||
HAS_USB_LOCKED: false,
|
||||
HAS_MOBILE_MEDIA: false,
|
||||
HAS_FOUR_EYES_DELETE: true,
|
||||
HAS_EXTERNAL_DESTRUCTION: true,
|
||||
HAS_PHYSICAL_TRANSPORT: false,
|
||||
HAS_THIRD_COUNTRY_TRANSFER: false,
|
||||
HAS_CLOUD_SERVICES: true,
|
||||
HAS_REDUNDANCY: true,
|
||||
HAS_GEO_REDUNDANCY: false,
|
||||
HAS_USV: true,
|
||||
HAS_OWN_SERVER_ROOM: true,
|
||||
HAS_MULTI_TENANT: true,
|
||||
HAS_TEST_DATA_ANONYMIZED: true,
|
||||
LOG_RETENTION_MONTHS: 12,
|
||||
DIN_66399_LEVEL: '4',
|
||||
AVAILABILITY_TARGET: '99.9',
|
||||
SEPARATION_TYPE: 'logisch',
|
||||
},
|
||||
L4: {
|
||||
// Zertifizierungsbereit / Enterprise
|
||||
HAS_MFA: true,
|
||||
HAS_USB_LOCKED: true,
|
||||
HAS_MOBILE_MEDIA: false,
|
||||
HAS_FOUR_EYES_DELETE: true,
|
||||
HAS_EXTERNAL_DESTRUCTION: true,
|
||||
HAS_PHYSICAL_TRANSPORT: false,
|
||||
HAS_THIRD_COUNTRY_TRANSFER: false,
|
||||
HAS_CLOUD_SERVICES: true,
|
||||
HAS_REDUNDANCY: true,
|
||||
HAS_GEO_REDUNDANCY: true,
|
||||
HAS_USV: true,
|
||||
HAS_OWN_SERVER_ROOM: true,
|
||||
HAS_MULTI_TENANT: true,
|
||||
HAS_TEST_DATA_ANONYMIZED: true,
|
||||
LOG_RETENTION_MONTHS: 24,
|
||||
DIN_66399_LEVEL: '5',
|
||||
AVAILABILITY_TARGET: '99.99',
|
||||
SEPARATION_TYPE: 'logisch',
|
||||
},
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// DPA Defaults per Level
|
||||
// ============================================================================
|
||||
|
||||
const DPA_DEFAULTS: Record<ComplianceDepthLevel, Partial<DPACtx>> = {
|
||||
L1: {
|
||||
BREACH_NOTIFICATION_HOURS: 48,
|
||||
INSTRUCTION_RETENTION_YEARS: 3,
|
||||
SUB_PROCESSOR_NOTICE_WEEKS: 2,
|
||||
SUB_PROCESSOR_OBJECTION_WEEKS: 2,
|
||||
DATA_EXPORT_FORMAT: 'CSV/JSON',
|
||||
RETURN_CHOICE_WEEKS: 4,
|
||||
DELETION_DAYS: 90,
|
||||
HAS_LIABILITY_PROTECTION: false,
|
||||
HAS_SUPPORT_COST_CLAUSE: false,
|
||||
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true,
|
||||
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: false,
|
||||
HAS_REACTIVATION_PERIOD: true,
|
||||
REACTIVATION_MONTHS: 3,
|
||||
HAS_RETURN_COST_CLAUSE: false,
|
||||
HAS_GERICHTSSTAND_CLAUSE: false,
|
||||
HAS_UNILATERAL_CHANGE_RIGHT: false,
|
||||
HAS_THIRD_COUNTRY_OBJECTION: false,
|
||||
},
|
||||
L2: {
|
||||
BREACH_NOTIFICATION_HOURS: 24,
|
||||
INSTRUCTION_RETENTION_YEARS: 3,
|
||||
SUB_PROCESSOR_NOTICE_WEEKS: 4,
|
||||
SUB_PROCESSOR_OBJECTION_WEEKS: 2,
|
||||
DATA_EXPORT_FORMAT: 'CSV/JSON',
|
||||
RETURN_CHOICE_WEEKS: 4,
|
||||
DELETION_DAYS: 90,
|
||||
HAS_LIABILITY_PROTECTION: false,
|
||||
HAS_SUPPORT_COST_CLAUSE: false,
|
||||
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true,
|
||||
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: false,
|
||||
HAS_REACTIVATION_PERIOD: true,
|
||||
REACTIVATION_MONTHS: 3,
|
||||
HAS_RETURN_COST_CLAUSE: false,
|
||||
HAS_GERICHTSSTAND_CLAUSE: true,
|
||||
HAS_UNILATERAL_CHANGE_RIGHT: false,
|
||||
HAS_THIRD_COUNTRY_OBJECTION: false,
|
||||
},
|
||||
L3: {
|
||||
BREACH_NOTIFICATION_HOURS: 24,
|
||||
INSTRUCTION_RETENTION_YEARS: 5,
|
||||
SUB_PROCESSOR_NOTICE_WEEKS: 4,
|
||||
SUB_PROCESSOR_OBJECTION_WEEKS: 4,
|
||||
DATA_EXPORT_FORMAT: 'CSV/JSON',
|
||||
RETURN_CHOICE_WEEKS: 4,
|
||||
DELETION_DAYS: 60,
|
||||
HAS_LIABILITY_PROTECTION: true,
|
||||
HAS_SUPPORT_COST_CLAUSE: true,
|
||||
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: true,
|
||||
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: true,
|
||||
HAS_REACTIVATION_PERIOD: true,
|
||||
REACTIVATION_MONTHS: 3,
|
||||
HAS_RETURN_COST_CLAUSE: true,
|
||||
HAS_GERICHTSSTAND_CLAUSE: true,
|
||||
HAS_UNILATERAL_CHANGE_RIGHT: false,
|
||||
HAS_THIRD_COUNTRY_OBJECTION: false,
|
||||
},
|
||||
L4: {
|
||||
BREACH_NOTIFICATION_HOURS: 12,
|
||||
INSTRUCTION_RETENTION_YEARS: 5,
|
||||
SUB_PROCESSOR_NOTICE_WEEKS: 6,
|
||||
SUB_PROCESSOR_OBJECTION_WEEKS: 4,
|
||||
DATA_EXPORT_FORMAT: 'CSV/JSON',
|
||||
RETURN_CHOICE_WEEKS: 8,
|
||||
DELETION_DAYS: 30,
|
||||
HAS_LIABILITY_PROTECTION: true,
|
||||
HAS_SUPPORT_COST_CLAUSE: true,
|
||||
HAS_SUB_PROCESSOR_SILENCE_APPROVAL: false,
|
||||
HAS_SUB_PROCESSOR_TERMINATION_RIGHT: true,
|
||||
HAS_REACTIVATION_PERIOD: false,
|
||||
REACTIVATION_MONTHS: 3,
|
||||
HAS_RETURN_COST_CLAUSE: true,
|
||||
HAS_GERICHTSSTAND_CLAUSE: true,
|
||||
HAS_UNILATERAL_CHANGE_RIGHT: false,
|
||||
HAS_THIRD_COUNTRY_OBJECTION: false,
|
||||
},
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// Public API
|
||||
// ============================================================================
|
||||
|
||||
export interface GeneratorDefaults {
|
||||
tom: Partial<TOMCtx>
|
||||
dpa: Partial<DPACtx>
|
||||
/** Which fields were set by the scope engine (for UI highlighting) */
|
||||
scopeSet: Set<string>
|
||||
}
|
||||
|
||||
/**
|
||||
* Berechnet Generator-Defaults basierend auf dem Compliance-Level
|
||||
* und dem CompanyProfile. Alle Werte sind Vorschlaege — der Kunde
|
||||
* kann sie aendern.
|
||||
*/
|
||||
export function getGeneratorDefaults(
|
||||
level: ComplianceDepthLevel,
|
||||
profile?: CompanyProfile | null,
|
||||
): GeneratorDefaults {
|
||||
const tomBase = { ...TOM_DEFAULTS[level] }
|
||||
const dpaBase = { ...DPA_DEFAULTS[level] }
|
||||
const scopeSet = new Set<string>()
|
||||
|
||||
// CompanyProfile-Felder in TOM/DPA uebernehmen
|
||||
if (profile) {
|
||||
if (profile.company_name) {
|
||||
dpaBase.AN_NAME = profile.company_name
|
||||
scopeSet.add('DPA.AN_NAME')
|
||||
}
|
||||
if (profile.address) {
|
||||
dpaBase.AN_STRASSE = profile.address
|
||||
scopeSet.add('DPA.AN_STRASSE')
|
||||
}
|
||||
if (profile.city && profile.postal_code) {
|
||||
dpaBase.AN_PLZ_ORT = `${profile.postal_code} ${profile.city}`
|
||||
scopeSet.add('DPA.AN_PLZ_ORT')
|
||||
}
|
||||
if (profile.dpo_name) {
|
||||
tomBase.ISB_NAME = tomBase.ISB_NAME || ''
|
||||
dpaBase.AN_DSB_NAME = profile.dpo_name
|
||||
scopeSet.add('DPA.AN_DSB_NAME')
|
||||
}
|
||||
if (profile.dpo_email) {
|
||||
dpaBase.AN_DSB_EMAIL = profile.dpo_email
|
||||
scopeSet.add('DPA.AN_DSB_EMAIL')
|
||||
}
|
||||
if (profile.ceo_name) {
|
||||
dpaBase.AN_UNTERZEICHNER_NAME = profile.ceo_name
|
||||
tomBase.GF_NAME = profile.ceo_name
|
||||
scopeSet.add('DPA.AN_UNTERZEICHNER_NAME')
|
||||
scopeSet.add('TOM.GF_NAME')
|
||||
}
|
||||
}
|
||||
|
||||
// Alle gesetzten TOM/DPA Felder als scope-set markieren
|
||||
for (const key of Object.keys(tomBase)) {
|
||||
scopeSet.add(`TOM.${key}`)
|
||||
}
|
||||
for (const key of Object.keys(dpaBase)) {
|
||||
scopeSet.add(`DPA.${key}`)
|
||||
}
|
||||
|
||||
return { tom: tomBase, dpa: dpaBase, scopeSet }
|
||||
}
|
||||
|
||||
/**
|
||||
* Gibt das empfohlene Profil-Label zurueck (fuer UI-Anzeige).
|
||||
*/
|
||||
export function getProfileLabel(level: ComplianceDepthLevel): string {
|
||||
const labels: Record<ComplianceDepthLevel, string> = {
|
||||
L1: 'Startup / Kleinstunternehmen',
|
||||
L2: 'KMU Standard',
|
||||
L3: 'Erweiterte Compliance',
|
||||
L4: 'Zertifizierungsbereit / Enterprise',
|
||||
}
|
||||
return labels[level]
|
||||
}
|
||||
|
||||
/**
|
||||
* Empfiehlt relevante Dokumenttypen basierend auf dem Compliance-Level.
|
||||
* Hilft dem Kunden zu verstehen, welche Dokumente er braucht.
|
||||
*/
|
||||
export function getRecommendedDocuments(level: ComplianceDepthLevel): {
|
||||
required: string[]
|
||||
recommended: string[]
|
||||
optional: string[]
|
||||
} {
|
||||
const always = [
|
||||
'privacy_policy', 'impressum', 'agb', 'cookie_banner', 'cookie_policy',
|
||||
]
|
||||
const l2plus = [
|
||||
'dpa', 'tom_documentation', 'vvt_register', 'loeschkonzept',
|
||||
'community_guidelines', 'terms_of_use',
|
||||
]
|
||||
const l3plus = [
|
||||
'it_security_concept', 'data_protection_concept', 'incident_response_plan',
|
||||
'access_control_concept', 'backup_recovery_concept', 'logging_concept',
|
||||
'risk_management_concept', 'pflichtenregister',
|
||||
'password_policy', 'encryption_policy', 'information_security_policy',
|
||||
'access_control_policy', 'whistleblower_policy',
|
||||
'employee_dsi', 'applicant_dsi', 'ai_usage_policy',
|
||||
]
|
||||
const l4only = [
|
||||
'isms_manual', 'cybersecurity_policy', 'byod_policy',
|
||||
'dsfa', 'social_media_dsi', 'media_content_policy',
|
||||
'video_conference_dsi', 'consent_texts',
|
||||
'data_protection_policy', 'data_classification_policy',
|
||||
'data_retention_policy', 'data_transfer_policy',
|
||||
'privacy_incident_policy', 'employee_security_policy',
|
||||
'security_awareness_policy', 'remote_work_policy',
|
||||
'offboarding_policy', 'vendor_risk_management_policy',
|
||||
'third_party_security_policy', 'supplier_security_policy',
|
||||
'business_continuity_policy', 'disaster_recovery_policy',
|
||||
'crisis_management_policy',
|
||||
]
|
||||
|
||||
switch (level) {
|
||||
case 'L1':
|
||||
return { required: always, recommended: [], optional: l2plus }
|
||||
case 'L2':
|
||||
return { required: always, recommended: l2plus, optional: l3plus }
|
||||
case 'L3':
|
||||
return { required: [...always, ...l2plus], recommended: l3plus, optional: l4only }
|
||||
case 'L4':
|
||||
return { required: [...always, ...l2plus, ...l3plus], recommended: l4only, optional: [] }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,326 @@
|
||||
/**
|
||||
* Template Recommendations — Maps scope answers to document templates
|
||||
*
|
||||
* Bridges the gap between the Compliance Scope Engine (23 ScopeDocumentTypes)
|
||||
* and the Document Generator (70+ database templates).
|
||||
*
|
||||
* The scope engine recommends high-level document categories (vvt, tom, dsfa...).
|
||||
* This module recommends SPECIFIC templates based on additional context from
|
||||
* the CompanyProfile and scope answers.
|
||||
*/
|
||||
|
||||
import type { ComplianceDepthLevel } from '../../lib/sdk/compliance-scope-types/core-levels'
|
||||
import type { ScopeProfilingAnswer } from '../../lib/sdk/compliance-scope-types/state'
|
||||
|
||||
// ============================================================================
|
||||
// Template recommendation rules
|
||||
// ============================================================================
|
||||
|
||||
interface TemplateRule {
|
||||
/** Database document_type */
|
||||
templateType: string
|
||||
/** Human-readable label */
|
||||
label: string
|
||||
/** When to recommend this template */
|
||||
condition: (answers: Map<string, string>, level: ComplianceDepthLevel, profile: Record<string, unknown>) => 'required' | 'recommended' | 'optional' | null
|
||||
}
|
||||
|
||||
/**
|
||||
* Rules that map scope answers + profile to specific template recommendations.
|
||||
* These cover templates NOT directly output by the scope engine.
|
||||
*/
|
||||
const TEMPLATE_RULES: TemplateRule[] = [
|
||||
// ── HR-DSI ──────────────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'employee_dsi',
|
||||
label: 'Mitarbeiter-Datenschutzinformation',
|
||||
condition: (answers, level) => {
|
||||
const hasEmployees = answers.get('org_has_employees')
|
||||
const empCount = answers.get('org_employee_count')
|
||||
if (hasEmployees === 'yes' || (empCount && empCount !== 'none' && empCount !== '0')) {
|
||||
return level >= 'L2' ? 'required' : 'recommended'
|
||||
}
|
||||
return null
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'applicant_dsi',
|
||||
label: 'Bewerber-Datenschutzinformation',
|
||||
condition: (answers, level) => {
|
||||
const hasEmployees = answers.get('org_has_employees')
|
||||
const empCount = answers.get('org_employee_count')
|
||||
if (hasEmployees === 'yes' || (empCount && empCount !== 'none' && empCount !== '0')) {
|
||||
return level >= 'L2' ? 'recommended' : 'optional'
|
||||
}
|
||||
return null
|
||||
},
|
||||
},
|
||||
|
||||
// ── Whistleblower ───────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'whistleblower_policy',
|
||||
label: 'Hinweisgeberrichtlinie (HinSchG)',
|
||||
condition: (answers) => {
|
||||
const empCount = answers.get('org_employee_count')
|
||||
// HinSchG Pflicht ab 50 MA
|
||||
if (empCount === '50_249' || empCount === '250_999' || empCount === '1000_plus') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
|
||||
// ── KI ──────────────────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'ai_usage_policy',
|
||||
label: 'KI-Nutzungsrichtlinie',
|
||||
condition: (answers) => {
|
||||
const aiUsage = answers.get('proc_ai_usage') || answers.get('proc_uses_ai_tools')
|
||||
if (aiUsage && aiUsage !== 'none' && aiUsage !== 'no') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
|
||||
// ── BYOD ────────────────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'byod_policy',
|
||||
label: 'BYOD-Richtlinie',
|
||||
condition: (answers, level) => {
|
||||
const byod = answers.get('proc_byod_allowed')
|
||||
if (byod === 'yes') return 'required'
|
||||
if (level >= 'L3') return 'recommended'
|
||||
return 'optional'
|
||||
},
|
||||
},
|
||||
|
||||
// ── Social Media ────────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'social_media_dsi',
|
||||
label: 'Social-Media-Datenschutzinformation',
|
||||
condition: (answers, level) => {
|
||||
const sm = answers.get('org_has_social_media')
|
||||
if (sm === 'yes') return 'required'
|
||||
return level >= 'L2' ? 'recommended' : 'optional'
|
||||
},
|
||||
},
|
||||
|
||||
// ── Videokonferenzen ────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'video_conference_dsi',
|
||||
label: 'Videokonferenz-Datenschutzinformation',
|
||||
condition: (answers, level) => {
|
||||
const video = answers.get('org_has_video_conferencing')
|
||||
if (video === 'yes') return 'recommended'
|
||||
if (level >= 'L3') return 'recommended'
|
||||
return 'optional'
|
||||
},
|
||||
},
|
||||
|
||||
// ── Security Policies (nur ab L3/L4) ───────────────────────────────────
|
||||
{
|
||||
templateType: 'information_security_policy',
|
||||
label: 'Informationssicherheitsrichtlinie',
|
||||
condition: (_answers, level) => {
|
||||
if (level >= 'L3') return 'required'
|
||||
if (level === 'L2') return 'recommended'
|
||||
return null
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'password_policy',
|
||||
label: 'Passwortrichtlinie',
|
||||
condition: (_answers, level) => level >= 'L2' ? 'recommended' : 'optional',
|
||||
},
|
||||
{
|
||||
templateType: 'encryption_policy',
|
||||
label: 'Verschluesselungsrichtlinie',
|
||||
condition: (_answers, level) => level >= 'L3' ? 'recommended' : 'optional',
|
||||
},
|
||||
{
|
||||
templateType: 'access_control_policy',
|
||||
label: 'Zugriffskontrollrichtlinie',
|
||||
condition: (_answers, level) => level >= 'L3' ? 'recommended' : 'optional',
|
||||
},
|
||||
|
||||
// ── Security Concepts (nur ab L3) ──────────────────────────────────────
|
||||
{
|
||||
templateType: 'it_security_concept',
|
||||
label: 'IT-Sicherheitskonzept',
|
||||
condition: (_answers, level) => level >= 'L3' ? 'required' : 'optional',
|
||||
},
|
||||
{
|
||||
templateType: 'backup_recovery_concept',
|
||||
label: 'Backup-Recovery-Konzept',
|
||||
condition: (_answers, level) => level >= 'L3' ? 'recommended' : 'optional',
|
||||
},
|
||||
{
|
||||
templateType: 'logging_concept',
|
||||
label: 'Logging-Konzept',
|
||||
condition: (_answers, level) => level >= 'L3' ? 'recommended' : 'optional',
|
||||
},
|
||||
{
|
||||
templateType: 'access_control_concept',
|
||||
label: 'Zugriffskonzept',
|
||||
condition: (_answers, level) => level >= 'L3' ? 'recommended' : 'optional',
|
||||
},
|
||||
|
||||
// ── Plattform/UGC ──────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'community_guidelines',
|
||||
label: 'Gemeinschaftsrichtlinien',
|
||||
condition: (answers) => {
|
||||
const model = answers.get('org_business_model')
|
||||
const ugc = answers.get('prod_ugc_platform')
|
||||
if (ugc === 'yes' || model === 'platform' || model === 'marketplace' || model === 'social') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'terms_of_use',
|
||||
label: 'Nutzungsbedingungen',
|
||||
condition: (answers) => {
|
||||
const model = answers.get('org_business_model')
|
||||
const ugc = answers.get('prod_ugc_platform')
|
||||
if (ugc === 'yes' || model === 'platform' || model === 'marketplace' || model === 'social' || model === 'saas') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'media_content_policy',
|
||||
label: 'Medien- und Inhalte-Richtlinie',
|
||||
condition: (answers) => {
|
||||
const model = answers.get('org_business_model')
|
||||
if (model === 'platform' || model === 'media') return 'recommended'
|
||||
return null
|
||||
},
|
||||
},
|
||||
|
||||
// ── E-Commerce ─────────────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'widerruf',
|
||||
label: 'Widerrufsbelehrung',
|
||||
condition: (answers) => {
|
||||
const shop = answers.get('prod_webshop')
|
||||
if (shop && shop !== 'no') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'consent_texts',
|
||||
label: 'Einwilligungstexte (Double-Opt-In)',
|
||||
condition: (answers) => {
|
||||
const consent = answers.get('prod_consent_management')
|
||||
if (consent && consent !== 'no') return 'recommended'
|
||||
return 'optional'
|
||||
},
|
||||
},
|
||||
|
||||
// ── Impressum + Cookie ─────────────────────────────────────────────────
|
||||
{
|
||||
templateType: 'impressum',
|
||||
label: 'Impressum',
|
||||
condition: () => 'required', // Immer Pflicht
|
||||
},
|
||||
{
|
||||
templateType: 'cookie_policy',
|
||||
label: 'Cookie-Richtlinie',
|
||||
condition: () => 'required', // Immer Pflicht bei Websites
|
||||
},
|
||||
|
||||
// ── Drittlandtransfer (SCC + TIA) ───────────────────────────────────────
|
||||
// SCC+TIA nur erforderlich wenn Drittlandtransfer OHNE Angemessenheitsbeschluss/DPF
|
||||
{
|
||||
templateType: 'transfer_impact_assessment',
|
||||
label: 'Transfer Impact Assessment (TIA)',
|
||||
condition: (answers) => {
|
||||
const thirdCountry = answers.get('tech_third_country')
|
||||
if (!thirdCountry || thirdCountry === 'no') return null
|
||||
// Wenn nur DPF-zertifizierte US-Anbieter: empfohlen statt pflicht
|
||||
if (thirdCountry === 'us_dpf_only') return 'optional'
|
||||
// Wenn nur Laender mit Angemessenheitsbeschluss: nicht noetig
|
||||
if (thirdCountry === 'adequate_only') return null
|
||||
return 'required'
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'scc_companion',
|
||||
label: 'Standardvertragsklauseln (SCC) — Anhaenge',
|
||||
condition: (answers) => {
|
||||
const thirdCountry = answers.get('tech_third_country')
|
||||
if (!thirdCountry || thirdCountry === 'no') return null
|
||||
if (thirdCountry === 'us_dpf_only') return 'optional'
|
||||
if (thirdCountry === 'adequate_only') return null
|
||||
return 'required'
|
||||
},
|
||||
},
|
||||
|
||||
// ── ISMS (nur bei Zertifizierungsziel) ─────────────────────────────────
|
||||
{
|
||||
templateType: 'isms_manual',
|
||||
label: 'ISMS-Handbuch',
|
||||
condition: (answers) => {
|
||||
const cert = answers.get('org_cert_target')
|
||||
if (cert === 'iso27001' || cert === 'iso27701' || cert === 'tisax') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
|
||||
// ── Vendor/BCM (nur ab L4 oder bei Vendor-Management) ─────────────────
|
||||
{
|
||||
templateType: 'vendor_risk_management_policy',
|
||||
label: 'Vendor-Risikomanagement',
|
||||
condition: (answers, level) => {
|
||||
const vendor = answers.get('comp_vendor_management')
|
||||
if (vendor && vendor !== 'no') return 'recommended'
|
||||
if (level === 'L4') return 'required'
|
||||
return null
|
||||
},
|
||||
},
|
||||
{
|
||||
templateType: 'business_continuity_policy',
|
||||
label: 'Business-Continuity-Richtlinie',
|
||||
condition: (_answers, level) => level === 'L4' ? 'required' : 'optional',
|
||||
},
|
||||
]
|
||||
|
||||
// ============================================================================
|
||||
// Public API
|
||||
// ============================================================================
|
||||
|
||||
export interface TemplateRecommendation {
|
||||
templateType: string
|
||||
label: string
|
||||
requirement: 'required' | 'recommended' | 'optional'
|
||||
}
|
||||
|
||||
/**
|
||||
* Evaluates all template rules against the user's scope answers and profile.
|
||||
* Returns a prioritized list of template recommendations.
|
||||
*/
|
||||
export function evaluateTemplateRecommendations(
|
||||
scopeAnswers: ScopeProfilingAnswer[],
|
||||
level: ComplianceDepthLevel,
|
||||
profile: Record<string, unknown> = {},
|
||||
): TemplateRecommendation[] {
|
||||
const answerMap = new Map<string, string>()
|
||||
for (const a of scopeAnswers) {
|
||||
answerMap.set(a.questionId, String(a.value))
|
||||
}
|
||||
|
||||
const results: TemplateRecommendation[] = []
|
||||
|
||||
for (const rule of TEMPLATE_RULES) {
|
||||
const requirement = rule.condition(answerMap, level, profile)
|
||||
if (requirement) {
|
||||
results.push({
|
||||
templateType: rule.templateType,
|
||||
label: rule.label,
|
||||
requirement,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// Sort: required first, then recommended, then optional
|
||||
const order = { required: 0, recommended: 1, optional: 2 }
|
||||
results.sort((a, b) => order[a.requirement] - order[b.requirement])
|
||||
|
||||
return results
|
||||
}
|
||||
Reference in New Issue
Block a user