Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3aff80fb0cdcb5fd55e8d4f090f57f9739dac513
breakpilot-compliance/admin-compliance/lib/sdk/company-profile-presets.ts
T
Benjamin Admin 3aff80fb0c fix: Complete recommended docs for all 10 industry presets 
Every preset now includes DSGVO-mandatory docs (TOM, VVT, Löschkonzept)
plus Cookie-Banner/Policy, Mitarbeiter-DSI, Bewerber-DSI, and
industry-specific extras (DSFA, Whistleblower, ISMS, TIA, etc.).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-03 10:07:30 +02:00

351 lines
10 KiB
TypeScript
Raw Blame History

/**
* Company Profile Presets — Branchenvorlagen fuer typische Kundenszenarien
*
* Jeder Preset enthaelt ein vorbefuelltes CompanyProfile + typische Scope-Antworten.
* Der Kunde waehlt beim Onboarding ein Profil und passt es dann an.
*/
export interface CompanyProfilePreset {
id: string
label: string
description: string
icon: string
/** Vorbefuellte CompanyProfile-Felder */
profile: {
legalForm: string
industry: string[]
businessModel: string
companySize: string
employeeCount: string
headquartersCountry: string
targetMarkets: string[]
isDataController: boolean
isDataProcessor: boolean
}
/** Typische Scope-Antworten fuer diese Branche */
scopeHints: Record<string, string>
/** Typische Dokumente die diese Branche braucht */
recommendedDocs: string[]
}
export const COMPANY_PROFILE_PRESETS: CompanyProfilePreset[] = [
{
id: 'saas_startup',
label: 'SaaS Startup',
description: 'B2B Software-Startup, 1-5 Mitarbeiter, Cloud-basiert, remote-first',
icon: '🚀',
profile: {
legalForm: 'GmbH',
industry: ['tech'],
businessModel: 'b2b',
companySize: 'micro',
employeeCount: '1-9',
headquartersCountry: 'DE',
targetMarkets: ['DE', 'EU'],
isDataController: true,
isDataProcessor: true,
},
scopeHints: {
org_employee_count: '1-9',
org_industry: 'tech',
org_business_model: 'b2b',
proc_ai_usage: 'yes',
tech_hosting_location: 'eu',
tech_encryption_transit: 'yes',
tech_encryption_rest: 'yes',
comp_documentation_level: 'basic',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'agb', 'cookie_policy', 'cookie_banner',
'dpa', 'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi', 'applicant_dsi',
],
},
{
id: 'consumer_app',
label: 'App Startup (Consumer)',
description: 'B2C Mobile App, 1-5 Mitarbeiter, App Store, Nutzerdaten',
icon: '📱',
profile: {
legalForm: 'GmbH',
industry: ['tech'],
businessModel: 'b2c',
companySize: 'micro',
employeeCount: '1-9',
headquartersCountry: 'DE',
targetMarkets: ['DE', 'EU'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '1-9',
org_industry: 'tech',
org_business_model: 'b2c',
data_volume: '1000-10000',
proc_tracking: 'yes',
prod_consent_management: 'yes',
tech_hosting_location: 'eu',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'terms_of_use', 'cookie_policy', 'cookie_banner',
'community_guidelines', 'acceptable_use', 'widerruf',
'dpa', 'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi', 'applicant_dsi', 'social_media_dsi',
],
},
{
id: 'ecommerce',
label: 'E-Commerce / Online-Shop',
description: 'Online-Handel B2C, 5-20 Mitarbeiter, Webshop, Zahlungsabwicklung',
icon: '🛒',
profile: {
legalForm: 'GmbH',
industry: ['retail'],
businessModel: 'b2c',
companySize: 'small',
employeeCount: '10-49',
headquartersCountry: 'DE',
targetMarkets: ['DE', 'EU'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '10-49',
org_industry: 'retail',
org_business_model: 'b2c',
prod_webshop: 'yes',
data_volume: '10000-100000',
tech_hosting_location: 'eu',
prod_consent_management: 'yes',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'agb', 'widerruf', 'cookie_policy', 'cookie_banner',
'dpa', 'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi', 'applicant_dsi',
],
},
{
id: 'it_agency',
label: 'IT-Dienstleister / Agentur',
description: 'IT-Beratung oder Agentur, 10-50 Mitarbeiter, Kundenprojekte',
icon: '💻',
profile: {
legalForm: 'GmbH',
industry: ['tech'],
businessModel: 'b2b',
companySize: 'small',
employeeCount: '10-49',
headquartersCountry: 'DE',
targetMarkets: ['DE', 'EU'],
isDataController: true,
isDataProcessor: true,
},
scopeHints: {
org_employee_count: '10-49',
org_industry: 'tech',
org_business_model: 'b2b',
proc_ai_usage: 'yes',
tech_hosting_location: 'eu',
comp_vendor_management: 'yes',
comp_training: 'yes',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'agb', 'cookie_policy', 'cookie_banner',
'dpa', 'nda', 'sla', 'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi', 'applicant_dsi',
],
},
{
id: 'maschinenbau',
label: 'Maschinenbau KMU',
description: 'Maschinenbau B2B, 50-200 Mitarbeiter, Produktion, CE-Kennzeichnung',
icon: '🏭',
profile: {
legalForm: 'GmbH',
industry: ['manufacturing'],
businessModel: 'b2b',
companySize: 'medium',
employeeCount: '50-249',
headquartersCountry: 'DE',
targetMarkets: ['DE', 'EU'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '50-249',
org_industry: 'manufacturing',
org_business_model: 'b2b',
proc_employee_monitoring: 'no',
tech_hosting_location: 'eu',
comp_vendor_management: 'yes',
comp_documentation_level: 'structured',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'agb', 'cookie_policy', 'cookie_banner',
'dpa', 'nda', 'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi', 'applicant_dsi', 'whistleblower_policy',
'dsfa', 'pflichtenregister',
],
},
{
id: 'law_firm',
label: 'Rechtsanwaltskanzlei',
description: 'Kanzlei, 5-20 Mitarbeiter, Mandantendaten, besondere Vertraulichkeit',
icon: '⚖️',
profile: {
legalForm: 'PartG',
industry: ['legal'],
businessModel: 'b2b',
companySize: 'small',
employeeCount: '1-9',
headquartersCountry: 'DE',
targetMarkets: ['DE'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '1-9',
org_industry: 'legal',
org_business_model: 'b2b',
data_art9: 'no',
tech_encryption_transit: 'yes',
tech_encryption_rest: 'yes',
comp_documentation_level: 'basic',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner',
'dpa', 'nda', 'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi', 'applicant_dsi',
],
},
{
id: 'healthcare',
label: 'Arztpraxis / Gesundheit',
description: 'Gesundheitswesen, 5-50 Mitarbeiter, Patientendaten (Art. 9), hoher Schutzbedarf',
icon: '🏥',
profile: {
legalForm: 'GbR',
industry: ['healthcare'],
businessModel: 'b2c',
companySize: 'small',
employeeCount: '1-9',
headquartersCountry: 'DE',
targetMarkets: ['DE'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '1-9',
org_industry: 'healthcare',
org_business_model: 'b2c',
data_art9: 'yes',
tech_encryption_transit: 'yes',
tech_encryption_rest: 'yes',
comp_documentation_level: 'basic',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner',
'dpa', 'tom_documentation', 'vvt_register', 'loeschkonzept', 'dsfa',
'employee_dsi', 'applicant_dsi', 'pflichtenregister',
],
},
{
id: 'handwerk',
label: 'Handwerksbetrieb',
description: 'Handwerk, 5-20 Mitarbeiter, Kundendaten, einfache IT',
icon: '🔧',
profile: {
legalForm: 'GmbH',
industry: ['crafts'],
businessModel: 'b2c',
companySize: 'small',
employeeCount: '1-9',
headquartersCountry: 'DE',
targetMarkets: ['DE'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '1-9',
org_industry: 'other',
org_business_model: 'b2c',
data_art9: 'no',
tech_hosting_location: 'eu',
comp_documentation_level: 'none',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'agb', 'cookie_policy', 'cookie_banner',
'tom_documentation', 'vvt_register', 'loeschkonzept',
'employee_dsi',
],
},
{
id: 'education',
label: 'Bildungseinrichtung',
description: 'Schule, Hochschule oder Weiterbildung, 20-100 Mitarbeiter, Schuelerdaten',
icon: '🎓',
profile: {
legalForm: 'gGmbH',
industry: ['education'],
businessModel: 'b2c',
companySize: 'medium',
employeeCount: '10-49',
headquartersCountry: 'DE',
targetMarkets: ['DE'],
isDataController: true,
isDataProcessor: false,
},
scopeHints: {
org_employee_count: '10-49',
org_industry: 'education',
org_business_model: 'b2c',
data_minors: 'yes',
tech_hosting_location: 'eu',
comp_training: 'yes',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner',
'dpa', 'tom_documentation', 'vvt_register', 'loeschkonzept', 'dsfa',
'employee_dsi', 'applicant_dsi', 'pflichtenregister',
],
},
{
id: 'enterprise',
label: 'Konzern / Enterprise',
description: 'Grossunternehmen, 500+ Mitarbeiter, international, reguliert, ISO 27001',
icon: '🏢',
profile: {
legalForm: 'AG',
industry: ['finance'],
businessModel: 'b2b',
companySize: 'enterprise',
employeeCount: '1000+',
headquartersCountry: 'DE',
targetMarkets: ['DE', 'EU', 'US'],
isDataController: true,
isDataProcessor: true,
},
scopeHints: {
org_employee_count: '1000+',
org_industry: 'finance',
org_business_model: 'b2b',
org_cert_target: 'iso27001',
data_art9: 'yes',
data_volume: '>1000000',
proc_ai_usage: 'yes',
tech_third_country: 'yes',
tech_hosting_location: 'eu_us_adequacy',
comp_vendor_management: 'yes',
comp_training: 'yes',
comp_documentation_level: 'comprehensive',
},
recommendedDocs: [
'privacy_policy', 'impressum', 'agb', 'cookie_policy', 'cookie_banner',
'dpa', 'nda', 'sla', 'cloud_service_agreement',
'tom_documentation', 'vvt_register', 'loeschkonzept', 'dsfa', 'pflichtenregister',
'isms_manual', 'transfer_impact_assessment',
'employee_dsi', 'applicant_dsi', 'whistleblower_policy', 'social_media_dsi',
],
},
]
Reference in New Issue View Git Blame Copy Permalink