B2B GDPR compliance toolkit for consent management, audit logging, and data subject request automation.

PRIV Compliance SDK

Enterprise-grade GDPR compliance toolkit for B2B applications. Manage consent, maintain audit trails, and automate data subject access requests.

Features

Feature	Description
Consent Manager	Store and manage user consent preferences across categories
Consent Banner	Customizable, accessible cookie consent banner
Audit Log	Immutable log of all consent-related actions
DSAR Handler	Automate data subject access requests (access, erasure, portability)
Script Embed	Single-line embed script for easy integration

Installation

npm install @priv/compliance-sdk

Quick Start

Option 1: Full SDK Initialization

Initialize the complete SDK with all features:

import { init } from '@priv/compliance-sdk';

const priv = init({
  siteId: 'your-site-id',
  api: {
    endpoint: 'https://api.priv.io/v1',
    apiKey: 'your-api-key',
  },
  banner: {
    position: 'bottom-right',
    theme: {
      primaryColor: '#2563eb',
    },
  },
});

// Check consent status
if (priv.consent.hasCategory('analytics')) {
  // Load analytics scripts
}

// Listen for consent changes
priv.consent.onConsentChange((preferences) => {
  console.log('Consent updated:', preferences);
});

// Show preferences modal programmatically
document.getElementById('privacy-settings')?.addEventListener('click', () => {
  priv.showPreferences();
});

Option 2: Individual Components

Use individual components for more control:

import {
  ConsentManager,
  ConsentBanner,
  AuditLog,
  DSARHandler,
} from '@priv/compliance-sdk';

// Initialize consent manager
const consent = new ConsentManager({
  siteId: 'your-site-id',
  api: {
    endpoint: 'https://api.priv.io/v1',
    apiKey: 'your-api-key',
  },
});

// Initialize audit log
const audit = new AuditLog({
  siteId: 'your-site-id',
  api: {
    endpoint: 'https://api.priv.io/v1',
    apiKey: 'your-api-key',
  },
});

// Initialize banner
const banner = new ConsentBanner(consent, {
  position: 'bottom-right',
}, audit);

// Show banner
banner.init();

The SDK uses standard GDPR consent categories:

Category	Description	Default
`necessary`	Essential cookies for site functionality	Always `true`
`analytics`	Usage analytics and performance monitoring	`false`
`marketing`	Advertising and remarketing	`false`
`personalization`	User experience customization	`false`
`social`	Social media integration	`false`

// Check specific category
if (priv.consent.hasCategory('analytics')) {
  // Load Google Analytics
}

// Get all categories
const preferences = priv.consent.getConsent();
console.log(preferences?.categories);
// { necessary: true, analytics: true, marketing: false, ... }

Architecture

+-------------------+     +------------------+
|  Consent Banner   |---->|  Consent Manager |
+-------------------+     +------------------+
         |                         |
         v                         v
+-------------------+     +------------------+
|    Audit Log      |     |   PRIV API       |
+-------------------+     +------------------+
         |
         v
+-------------------+
|   DSAR Handler    |
+-------------------+

Flow:

Banner displays consent options to user
Consent Manager stores preferences locally and syncs to API
Audit Log records all consent actions
DSAR Handler processes data access/deletion requests

TypeScript Support

Full type definitions included:

import type {
  // Consent
  ConsentCategory,
  ConsentState,
  ConsentPreferences,
  ConsentManagerConfig,
  IConsentManager,
  // Banner
  BannerPosition,
  BannerTheme,
  BannerLabels,
  BannerConfig,
  // Audit
  AuditAction,
  AuditLogEntry,
  AuditLogConfig,
  IAuditLog,
  // DSAR
  DSARRequestType,
  DSARStatus,
  DSARRequest,
  DSARExportData,
  DSARHandlerConfig,
  IDSARHandler,
  // Main
  PrivComplianceConfig,
  IPrivCompliance,
} from '@priv/compliance-sdk';

Configuration

PrivComplianceConfig

interface PrivComplianceConfig {
  /** Unique site identifier */
  siteId: string;

  /** API configuration */
  api?: {
    endpoint: string;
    apiKey: string;
    timeout?: number;
  };

  /** Banner configuration */
  banner?: {
    position?: 'bottom' | 'top' | 'bottom-left' | 'bottom-right' | 'center';
    theme?: BannerTheme;
    labels?: BannerLabels;
    showCloseButton?: boolean;
    respectDoNotTrack?: boolean;
    autoShow?: boolean;
  };

  /** Consent manager options */
  consent?: {
    storage?: 'localStorage' | 'sessionStorage';
    storageKey?: string;
    version?: string;
    defaultCategories?: Partial<ConsentState>;
  };

  /** Audit log options */
  audit?: {
    maxLocalEntries?: number;
    batchSize?: number;
    flushInterval?: number;
    captureUserAgent?: boolean;
  };

  /** DSAR handler options */
  dsar?: {
    requestExpiryDays?: number;
    dataCollectors?: DataCollector[];
  };
}

Browser Support

Browser	Minimum Version
Chrome	90+
Firefox	88+
Safari	14+
Edge	90+

Required Web APIs:

localStorage / sessionStorage
fetch
crypto.subtle (for hashing)

Next Steps

Consent Manager - Manage user consent preferences
Consent Banner - Customizable cookie banner
Audit Log - Track all consent events
DSAR Handler - Automate data requests
Script Embed - Single-line integration

Compliance SDK Overview