Documentation Index
Fetch the complete documentation index at: https://docs.responsibleailabs.ai/llms.txt
Use this file to discover all available pages before exploring further.
Endpoint: POST /railscore/v1/compliance/check | Framework code: gdpr | Credits: 5.0 per call
Supported checks
| Area | Articles | What’s checked |
|---|
| Lawful basis | Art. 6, 9 | Whether a valid legal basis for processing is stated |
| Transparency | Art. 12-14 | Information provided to data subjects |
| Data subject rights | Art. 15-22 | Right of access, rectification, erasure, portability |
| Data minimization | Art. 5(1)(c) | Whether processing is limited to what’s necessary |
| Purpose limitation | Art. 5(1)(b) | Whether data is collected for specified, explicit purposes |
| Cross-border transfers | Art. 44-49 | Adequacy decisions, SCCs, BCRs |
| DPO requirements | Art. 37-39 | Data Protection Officer obligations |
| DPIA | Art. 35 | Data Protection Impact Assessment requirements |
Request
curl -X POST https://api.responsibleailabs.ai/railscore/v1/compliance/check \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_RAIL_API_KEY" \
-d '{
"content": "We collect user browsing behavior to personalize product recommendations.",
"frameworks": ["gdpr"],
"context": "E-commerce chatbot serving EU customers"
}'
Response
{
"result": {
"overall_compliant": false,
"frameworks": {
"gdpr": {
"compliant": false,
"issues": [
{
"clause": "Article 6 — Lawful basis for processing",
"description": "No legal basis stated for behavioral data collection. Consent or legitimate interest must be identified.",
"severity": "high",
"remediation": "Explicitly state the legal basis (e.g., Art. 6(1)(a) consent or Art. 6(1)(f) legitimate interest) and document the basis in your records of processing."
},
{
"clause": "Article 13 — Information to be provided",
"description": "No mention of data retention period or data subject rights.",
"severity": "medium",
"remediation": "Disclose the retention period, data subject rights (access, erasure, portability), and contact details for the DPO."
}
]
}
}
},
"credits_consumed": 5.0
}
Combine with other frameworks
Check GDPR alongside EU AI Act in a single call:
curl -X POST https://api.responsibleailabs.ai/railscore/v1/compliance/check \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_RAIL_API_KEY" \
-d '{
"content": "Our AI system classifies loan applicants by credit risk.",
"frameworks": ["gdpr", "eu_ai_act"],
"context": "Automated lending platform in the EU"
}'
Dedicated GDPR endpoints for consent lifecycle management, DPIA automation, DPO dashboard, and cross-border transfer assessment are under development.
