Initial commit: breakpilot-compliance - Compliance SDK Platform

Services: Admin-Compliance, Backend-Compliance,
AI-Compliance-SDK, Consent-SDK, Developer-Portal,
PCA-Platform, DSMS

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

consent-sdk/README.md

@@ -0,0 +1,243 @@
+# @breakpilot/consent-sdk
+
+DSGVO/TTDSG-konformes Consent Management SDK fuer Web, PWA und Mobile Apps.
+
+## Features
+
+- DSGVO, TTDSG und ePrivacy-Richtlinie konform
+- IAB TCF 2.2 Unterstuetzung
+- Google Consent Mode v2 Integration
+- Plattformuebergreifend (Web, PWA, iOS, Android, Flutter, React Native)
+- Typsicher (TypeScript)
+- Barrierefreundlich (WCAG 2.1 AA)
+- Open Source (Apache 2.0)
+
+## Installation
+
+```bash
+npm install @breakpilot/consent-sdk
+```
+
+## Quick Start
+
+### Vanilla JavaScript
+
+```javascript
+import { ConsentManager } from '@breakpilot/consent-sdk';
+
+const consent = new ConsentManager({
+  apiEndpoint: 'https://consent.example.com/api/v1',
+  siteId: 'site_abc123',
+  language: 'de',
+});
+
+await consent.init();
+
+// Consent pruefen
+if (consent.hasConsent('analytics')) {
+  // Analytics laden
+}
+
+// Events
+consent.on('change', (newConsent) => {
+  console.log('Consent changed:', newConsent);
+});
+```
+
+### React
+
+```tsx
+import { ConsentProvider, useConsent, ConsentBanner, ConsentGate } from '@breakpilot/consent-sdk/react';
+
+const config = {
+  apiEndpoint: 'https://consent.example.com/api/v1',
+  siteId: 'site_abc123',
+};
+
+function App() {
+  return (
+    <ConsentProvider config={config}>
+      <ConsentBanner />
+      <MainContent />
+    </ConsentProvider>
+  );
+}
+
+function AnalyticsSection() {
+  return (
+    <ConsentGate
+      category="analytics"
+      placeholder={<p>Analytics erfordert Ihre Zustimmung.</p>}
+    >
+      <GoogleAnalytics />
+    </ConsentGate>
+  );
+}
+
+function SettingsButton() {
+  const { showSettings } = useConsent();
+  return <button onClick={showSettings}>Cookie-Einstellungen</button>;
+}
+```
+
+## Script Blocking
+
+Verwenden Sie `data-consent` um Skripte zu blockieren:
+
+```html
+<!-- Externes Script -->
+<script
+  data-consent="analytics"
+  data-src="https://www.googletagmanager.com/gtag/js?id=GA-XXXXX"
+  type="text/plain">
+</script>
+
+<!-- Inline Script -->
+<script data-consent="marketing" type="text/plain">
+  fbq('init', 'XXXXX');
+</script>
+
+<!-- iFrame -->
+<iframe
+  data-consent="social"
+  data-src="https://www.youtube.com/embed/XXXXX"
+  title="YouTube Video">
+</iframe>
+```
+
+## Consent-Kategorien
+
+| Kategorie | Beschreibung | Einwilligung |
+|-----------|--------------|--------------|
+| `essential` | Technisch notwendig | Nicht erforderlich |
+| `functional` | Personalisierung | Erforderlich |
+| `analytics` | Nutzungsanalyse | Erforderlich |
+| `marketing` | Werbung | Erforderlich |
+| `social` | Social Media | Erforderlich |
+
+## Konfiguration
+
+```typescript
+const config: ConsentConfig = {
+  // Pflicht
+  apiEndpoint: 'https://consent.example.com/api/v1',
+  siteId: 'site_abc123',
+
+  // Sprache
+  language: 'de',
+  fallbackLanguage: 'en',
+
+  // UI
+  ui: {
+    position: 'bottom',      // 'bottom' | 'top' | 'center'
+    layout: 'modal',         // 'bar' | 'modal' | 'floating'
+    theme: 'auto',           // 'light' | 'dark' | 'auto'
+    zIndex: 999999,
+  },
+
+  // Verhalten
+  consent: {
+    required: true,
+    rejectAllVisible: true,  // "Alle ablehnen" Button
+    acceptAllVisible: true,  // "Alle akzeptieren" Button
+    granularControl: true,   // Kategorien einzeln waehlbar
+    rememberDays: 365,       // Speicherdauer
+    recheckAfterDays: 180,   // Erneut fragen nach X Tagen
+  },
+
+  // Callbacks
+  onConsentChange: (consent) => {
+    console.log('Consent:', consent);
+  },
+
+  // Debug
+  debug: process.env.NODE_ENV === 'development',
+};
+```
+
+## API
+
+### ConsentManager
+
+```typescript
+// Initialisieren
+await consent.init();
+
+// Consent pruefen
+consent.hasConsent('analytics');        // boolean
+consent.hasVendorConsent('google');     // boolean
+
+// Consent abrufen
+consent.getConsent();                   // ConsentState | null
+
+// Consent setzen
+await consent.setConsent({
+  essential: true,
+  analytics: true,
+  marketing: false,
+});
+
+// Aktionen
+await consent.acceptAll();
+await consent.rejectAll();
+await consent.revokeAll();
+
+// Banner
+consent.showBanner();
+consent.hideBanner();
+consent.showSettings();
+consent.needsConsent();                 // boolean
+
+// Events
+consent.on('change', callback);
+consent.on('banner_show', callback);
+consent.on('banner_hide', callback);
+consent.off('change', callback);
+
+// Export (DSGVO Art. 20)
+const data = await consent.exportConsent();
+```
+
+### React Hooks
+
+```typescript
+// Basis-Hook
+const {
+  consent,
+  isLoading,
+  isBannerVisible,
+  needsConsent,
+  hasConsent,
+  acceptAll,
+  rejectAll,
+  showBanner,
+  showSettings,
+} = useConsent();
+
+// Mit Kategorie
+const { allowed } = useConsent('analytics');
+
+// Manager-Zugriff
+const manager = useConsentManager();
+```
+
+## Rechtliche Compliance
+
+Dieses SDK erfuellt:
+
+- **DSGVO** (EU 2016/679) - Art. 4, 6, 7, 12, 13, 17, 20
+- **TTDSG** (Deutschland) - § 25
+- **ePrivacy-Richtlinie** (2002/58/EG) - Art. 5
+- **Planet49-Urteil** (EuGH C-673/17)
+- **BGH Cookie-Einwilligung II** (2023)
+- **DSK Orientierungshilfe Telemedien**
+
+## Lizenz
+
+Apache 2.0 - Open Source, kommerziell nutzbar.
+
+```
+Copyright 2026 BreakPilot GmbH
+
+Licensed under the Apache License, Version 2.0
+```