Skip to content

Privacy — Multi-Regulation Data Subject Rights

Privacy regulations give every user the right to request a full export of their personal data and the right to be forgotten. In a modular application, personal data is scattered across multiple modules — patient records, uploaded documents, notification logs, audit trails. Implementing these rights manually means every module needs custom export/deletion logic, and missing one module means a compliance violation.

Granit.Privacy turns this into a framework concern: modules register as data providers, and a saga orchestrates collection or deletion across all of them. Legal agreement tracking (privacy policy versions, consent records) is built in.

With Granit.Privacy.Regulations, the module supports 14 jurisdictions out of the box — from EU GDPR to Brazil LGPD, USA CCPA, China PIPL, and more. Each tenant can operate under a different regulation, resolved at runtime.

  • DirectoryGranit.Privacy Data export saga, deletion with cooling-off, legal agreements
    • Granit.Privacy.EntityFrameworkCore EF Core persistence for legal document version management
    • Granit.Privacy.BlobStorage Streaming export pipeline — PrivacyFragmentUploader + PrivacyExportAssemblyService (sharded ZIP64 + signed manifest)
    • Granit.Privacy.Regulations Regulation registry, 14 built-in profiles, per-tenant resolver
    • Granit.Privacy.Regulations.Cookies Bridge — regulation-aware cookie consent model
    • Granit.Privacy.Endpoints Minimal API endpoints for export, deletion, consent, regulation
    • Granit.Privacy.BackgroundJobs Deletion deadline enforcer + export-assembly job
    • Granit.Privacy.BackgroundJobs.Wolverine Export-assembly retry policy (1m/5m/15m → DLQ) + crash-resume
    • Granit.Privacy.Auditing Bridge — records the export lifecycle to Granit.Auditing for Art. 30 ROPA
    • Granit.Privacy.Notifications Deletion reminder, confirmation, and re-consent emails (8 types, 13 base languages, pt-BR LGPD-specific variants, regulation-aware deadlines)
    • Granit.Privacy.AI AI-powered PII detection in free-text fields
PackageRoleDepends on
Granit.PrivacyData export/deletion orchestration, legal agreements, opt-outGranit, Granit.Workflow
Granit.Privacy.EntityFrameworkCoreEF Core persistence for LegalDocument version managementGranit.Privacy, Granit.Persistence.EntityFrameworkCore
Granit.Privacy.BlobStorageStreaming export pipeline: PrivacyFragmentUploader (staging + HMAC) + PrivacyExportAssemblyService (sharded ZIP64 + signed manifest sidecar)Granit.Privacy, Granit.BlobStorage
Granit.Privacy.RegulationsRegulation registry, 14 built-in profiles, per-tenant resolverGranit
Granit.Privacy.Regulations.CookiesBridge: regulation-aware cookie consent modelGranit.Http.Cookies, Granit.Privacy.Regulations
Granit.Privacy.EndpointsHTTP endpoints for data subject rights + regulation profileGranit.Privacy, Granit.Privacy.Regulations, Granit.Http.Cookies, Granit.Authorization, Granit.Validation
Granit.Privacy.BackgroundJobsDeletion deadline enforcer + export-assembly jobGranit.Privacy, Granit.BackgroundJobs
Granit.Privacy.BackgroundJobs.WolverineExport-assembly retry-with-cooldown (1m/5m/15m → DLQ) + per-shard crash-resumeGranit.Privacy.BackgroundJobs, Granit.Wolverine
Granit.Privacy.AuditingRecords the export lifecycle to the audit trail for Art. 30 ROPAGranit.Privacy, Granit.Auditing
Granit.Privacy.NotificationsDeletion reminder and confirmation notification bridge + {{ privacy }} template global context (controller / DPO contact)Granit.Privacy, Granit.Notifications, Granit.Templating
Granit.Privacy.AILLM-powered PII detection (IAIPiiDetector)Granit.Privacy, Granit.AI
[DependsOn(typeof(GranitPrivacyModule))]
public class AppModule : GranitModule
{
public override void ConfigureServices(ServiceConfigurationContext context)
{
context.Services.AddGranitPrivacy(privacy =>
{
privacy.RegisterDataProvider("PatientModule");
privacy.RegisterDataProvider("BlobStorageModule");
privacy.RegisterDocument(
"privacy-policy", "2.1", "Privacy Policy");
privacy.RegisterProcessingPurpose(
"marketing-emails", "Marketing Communications",
"Sending promotional emails", "CONSENT",
requiresExplicitConsent: true);
});
// Register the multi-regulation engine
context.Services.AddGranitPrivacyRegulations(
context.Configuration);
}
}

Modules register themselves as data providers to participate in data export and deletion workflows:

privacy.RegisterDataProvider("PatientModule");

When a data subject requests export or deletion, the saga queries all registered providers and waits for each to complete.

PermissionScope
Privacy.Exports.ExecuteRequest a personal data export for one’s own data (self-service)
Privacy.Exports.ExecuteOnBehalfOfRequest an export on behalf of another data subject (admin DSR)
Privacy.Deletions.ExecuteRequest and cancel personal data deletion
Privacy.Purposes.ReadRead registered processing purposes
Privacy.Agreements.ReadView legal documents and consent status
Privacy.Agreements.CreateAccept a legal agreement
CategoryKey typesPackage
ModuleGranitPrivacyModule, GranitPrivacyRegulationsModule, GranitPrivacyEndpointsModule
RegulationPrivacyRegulation, LegalBasis, ConsentModel, PrivacyRegulationProfileGranit.Privacy.Regulations
ResolutionIPrivacyRegulationResolver, IRegulationProfileProvider, IRegulationProfileRegistryGranit.Privacy.Regulations
DeadlinesIResponseDeadlineTracker, PrivacyRequestType, UpcomingDeadlineGranit.Privacy.Regulations
RegistryIDataProviderRegistry, ILegalDocumentRegistry, ILegalAgreementCheckerGranit.Privacy
PurposesIProcessingPurposeRegistry, ProcessingPurposeDefinitionGranit.Privacy
Opt-outIOptOutRecordReader, IOptOutRecordWriter, OptOutRecordGranit.Privacy
BuilderGranitPrivacyBuilder, GranitPrivacyOptions, PrivacyRegulationOverridesGranit.Privacy
EventsPersonalDataRequestedEto, PersonalDataDeletionRequestedEto, DeletionDeferredEto, OptOutRequestedEtoGranit.Privacy
EndpointsMapGranitPrivacy(), PrivacyEndpointsOptions, PrivacyPermissionsGranit.Privacy.Endpoints