
Sauna maintains your data-processing inventory, drafts the privacy impact assessment, tracks subject access requests against the statutory clock, and assembles the breach-response timeline.
What it does
Maintains the record of processing activities in Airtable, drafting new entries from system intake forms and flagging gaps in lawful-basis documentation.
Drafts a privacy impact assessment in Google Docs from the project description, mapping data flows and proposed safeguards for your review.
Logs each data subject access request, searches connected systems for the individual's records, and tracks the response against the statutory deadline.
Assembles a breach-response timeline in Notion pulling the relevant Slack and email threads, and drafts the regulator notification for your approval.
Put Sauna to work on this.
Get started for freeIn context
Sauna shows up where you already work — the web app, Slack, email, iMessage, and Superhuman. It reads what it needs, does the task, and comes back with the draft for your approval.
Try it
The literal prompt for this job. Open it in Sauna and it picks up from there.
“Log the new data subject access request, search our connected systems for this person's records, and track the 30-day clock with a Slack reminder at day 25.”
Plugs into the tools you already run — and thousands more, or any MCP server.
Good to know
No. It locates records and drafts the response, but you review what's disclosed before anything is released to a data subject.
It drafts the breach notification and timeline; the decision to notify and the actual filing stay with you.
Sauna reads only what you connect, and acts only after you approve. Your workspace and its memory are yours, not training data.
Keep exploring