"""Loeschfristen template generator — creates retention policies per data category.""" # Standard DSGVO retention periods _STANDARD_PERIODS = { "Bankdaten": {"duration": "10 Jahre", "legal_basis": "§ 257 HGB, § 147 AO"}, "Steuer-ID": {"duration": "10 Jahre", "legal_basis": "§ 147 AO"}, "Bewerbungsunterlagen": {"duration": "6 Monate", "legal_basis": "§ 15 AGG"}, "Lohnabrechnungen": {"duration": "6 Jahre", "legal_basis": "§ 257 HGB"}, "Gesundheitsdaten": {"duration": "10 Jahre", "legal_basis": "§ 630f BGB"}, "Kundendaten": {"duration": "3 Jahre", "legal_basis": "§ 195 BGB (Verjährung)"}, "Vertragsdaten": {"duration": "10 Jahre", "legal_basis": "§ 257 HGB"}, "Kommunikationsdaten": {"duration": "6 Monate", "legal_basis": "Art. 5 Abs. 1e DSGVO"}, "Zugriffsprotokolle": {"duration": "12 Monate", "legal_basis": "Art. 5 Abs. 1e DSGVO"}, "Mitarbeiterdaten": {"duration": "3 Jahre nach Austritt", "legal_basis": "§ 195 BGB"}, } def generate_loeschfristen_drafts(ctx: dict) -> list[dict]: """Generate retention policy drafts based on processing systems. Args: ctx: Flat dict from company-profile/template-context Returns: List of Loeschfristen dicts ready for creation """ # Collect all data categories from processing systems all_categories = set() for system in ctx.get("processing_systems", []): for cat in system.get("personal_data_categories", []): all_categories.add(cat) policies = [] for i, category in enumerate(sorted(all_categories), 1): standard = _STANDARD_PERIODS.get(category, {}) policy = { "policy_id": f"LF-AUTO-{i:03d}", "data_category": category, "retention_period": standard.get("duration", "Noch festzulegen"), "legal_basis": standard.get("legal_basis", "Zu prüfen"), "deletion_method": "Automatische Löschung nach Ablauf", "responsible": ctx.get("dpo_name", "DSB"), "status": "draft", "review_cycle_months": ctx.get("review_cycle_months", 12), "notes": "Automatisch generiert aus Stammdaten. Bitte prüfen und anpassen.", } policies.append(policy) return policies