Cheng Siong Chin This workflow corresponds to n8n.io template #14441 — we link there as the canonical source.
This workflow follows the Agent → Agenttool recipe pattern — see all workflows that pair these two integrations.
The workflow JSON
Copy or download the full n8n JSON below. Paste it into a new n8n workflow, add your credentials, activate. Full import guide →
{
"id": "0p3tX5bhog6hsbUX",
"name": "Intelligent data privacy governance with risk detection and approval",
"tags": [],
"nodes": [
{
"id": "be240d97-62a3-4ece-a1a0-87633a027045",
"name": "Data Usage Event Trigger",
"type": "n8n-nodes-base.webhook",
"position": [
256,
352
],
"parameters": {
"path": "privacy-event",
"options": {},
"httpMethod": "POST"
},
"typeVersion": 2.1
},
{
"id": "ffe51626-f2a0-4648-b7de-af9951a0fc89",
"name": "Scheduled Compliance Audit",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
256,
544
],
"parameters": {
"rule": {
"interval": [
{
"triggerAtHour": 9
}
]
}
},
"typeVersion": 1.3
},
{
"id": "020a340f-81df-4f71-a7fc-b4bc0c8a8c06",
"name": "Privacy Governance Agent",
"type": "@n8n/n8n-nodes-langchain.agent",
"position": [
736,
432
],
"parameters": {
"text": "={{ $json.eventType === 'scheduled_audit' ? 'Perform a comprehensive privacy compliance audit of all data handling practices. Review recent data usage, assess compliance with GDPR and PDPA, identify any privacy risks, and generate an audit-ready compliance report.' : 'Evaluate the following data usage event for privacy compliance: ' + JSON.stringify($json) }}",
"options": {
"systemMessage": "You are a Privacy Governance Agent responsible for orchestrating privacy compliance workflows. You coordinate with the Data Privacy Agent to evaluate data handling practices against GDPR, PDPA, and other regulations, and the Risk Detection Agent to identify privacy risks. Your role is to: 1) Analyze incoming data usage events or audit requests, 2) Delegate privacy law evaluation to the Data Privacy Agent, 3) Delegate risk assessment to the Risk Detection Agent, 4) Make governance decisions on approvals and access control, 5) Determine if human approval is required for high-risk actions, 6) Generate comprehensive compliance reports. Always provide structured output with compliance status, risk level, violations found, approval requirements, and actionable recommendations."
},
"hasOutputParser": true
},
"typeVersion": 3.1
},
{
"id": "1794c4c5-0d29-4d64-ab5b-77045cce9c64",
"name": "Governance Agent Model",
"type": "@n8n/n8n-nodes-langchain.lmChatOpenAi",
"position": [
544,
544
],
"parameters": {
"model": {
"__rl": true,
"mode": "id",
"value": "gpt-4o"
},
"options": {
"temperature": 0.2
},
"builtInTools": {}
},
"credentials": {
"openAiApi": {
"name": "<your credential>"
}
},
"typeVersion": 1.3
},
{
"id": "934331d7-cb46-4b3f-a63f-8177ad6dc118",
"name": "Compliance Output Parser",
"type": "@n8n/n8n-nodes-langchain.outputParserStructured",
"position": [
2432,
928
],
"parameters": {
"schemaType": "manual",
"inputSchema": "{\n\t\"type\": \"object\",\n\t\"properties\": {\n\t\t\"complianceStatus\": {\n\t\t\t\"type\": \"string\",\n\t\t\t\"description\": \"Overall compliance status\"\n\t\t},\n\t\t\"riskLevel\": {\n\t\t\t\"type\": \"string\",\n\t\t\t\"description\": \"Risk level assessment\"\n\t\t},\n\t\t\"regulationViolations\": {\n\t\t\t\"type\": \"array\",\n\t\t\t\"items\": {\n\t\t\t\t\"type\": \"string\"\n\t\t\t},\n\t\t\t\"description\": \"List of regulation violations\"\n\t\t},\n\t\t\"approvalRequired\": {\n\t\t\t\"type\": \"boolean\",\n\t\t\t\"description\": \"Whether approval is required\"\n\t\t},\n\t\t\"findings\": {\n\t\t\t\"type\": \"string\",\n\t\t\t\"description\": \"Detailed findings from the compliance audit\"\n\t\t},\n\t\t\"recommendations\": {\n\t\t\t\"type\": \"array\",\n\t\t\t\"items\": {\n\t\t\t\t\"type\": \"string\"\n\t\t\t},\n\t\t\t\"description\": \"List of recommendations\"\n\t\t},\n\t\t\"auditTrail\": {\n\t\t\t\"type\": \"object\",\n\t\t\t\"description\": \"Audit trail information\"\n\t\t}\n\t}\n}"
},
"typeVersion": 1.3
},
{
"id": "1d30b32e-feb9-403b-9649-bcb5ef60dda0",
"name": "Data Privacy Agent Tool",
"type": "@n8n/n8n-nodes-langchain.agentTool",
"position": [
672,
704
],
"parameters": {
"text": "={{ $fromAI('privacy_evaluation_task', 'The data handling practice or event to evaluate for privacy law compliance') }}",
"options": {
"systemMessage": "You are a Data Privacy Agent specialized in evaluating data handling practices against privacy regulations including GDPR (General Data Protection Regulation), PDPA (Personal Data Protection Act), CCPA (California Consumer Privacy Act), and other global privacy laws. Your expertise includes: 1) Analyzing data collection, storage, processing, and sharing practices, 2) Identifying violations of consent requirements, data minimization principles, purpose limitation, and retention policies, 3) Assessing compliance with data subject rights (access, rectification, erasure, portability), 4) Evaluating cross-border data transfer compliance, 5) Checking breach notification requirements, 6) Reviewing privacy notices and transparency obligations. Provide detailed legal analysis citing specific regulation articles when violations are found."
},
"toolDescription": "Evaluates data handling practices against privacy laws including GDPR, PDPA, CCPA, and other regulations. Identifies legal violations, assesses compliance status, and provides detailed legal analysis."
},
"typeVersion": 3
},
{
"id": "3c539d18-cfda-4874-bcc1-ef9485a6162a",
"name": "Privacy Agent Model",
"type": "@n8n/n8n-nodes-langchain.lmChatOpenAi",
"position": [
672,
880
],
"parameters": {
"model": {
"__rl": true,
"mode": "id",
"value": "gpt-4o"
},
"options": {
"temperature": 0.1
},
"builtInTools": {}
},
"credentials": {
"openAiApi": {
"name": "<your credential>"
}
},
"typeVersion": 1.3
},
{
"id": "ce9d6a2d-c3e7-43c8-8e80-bcfc5513bc5d",
"name": "Risk Detection Agent Tool",
"type": "@n8n/n8n-nodes-langchain.agentTool",
"position": [
1488,
848
],
"parameters": {
"text": "={{ $fromAI('risk_assessment_task', 'The data handling activity or event to assess for privacy risks') }}",
"options": {
"systemMessage": "You are a Risk Detection Agent specialized in identifying privacy and security risks in data handling practices. Your capabilities include: 1) Detecting potential data breach risks and security vulnerabilities, 2) Identifying unauthorized or excessive data access patterns, 3) Assessing data retention and deletion risks, 4) Evaluating third-party data sharing risks, 5) Analyzing consent and authorization gaps, 6) Detecting sensitive data exposure risks (PII, health data, financial data), 7) Scoring risks as LOW, MEDIUM, HIGH, or CRITICAL based on likelihood and impact. Provide actionable risk mitigation recommendations for each identified risk."
},
"toolDescription": "Detects and assesses privacy risks in data handling activities. Identifies potential data breaches, unauthorized access, excessive data collection, inadequate security measures, and other privacy threats. Provides risk scoring and mitigation recommendations."
},
"typeVersion": 3
},
{
"id": "2f679c51-977a-448d-a50f-fe5413fa9f5f",
"name": "Risk Agent Model",
"type": "@n8n/n8n-nodes-langchain.lmChatOpenAi",
"position": [
1568,
1056
],
"parameters": {
"model": {
"__rl": true,
"mode": "id",
"value": "gpt-4o"
},
"options": {
"temperature": 0.15
},
"builtInTools": {}
},
"credentials": {
"openAiApi": {
"name": "<your credential>"
}
},
"typeVersion": 1.3
},
{
"id": "3987ee62-90c7-42f1-97aa-0cfa7749afb1",
"name": "Legal Database API Tool",
"type": "n8n-nodes-base.httpRequestTool",
"position": [
832,
912
],
"parameters": {
"url": "={{ $fromAI('api_endpoint', 'The legal database API endpoint to query (e.g., /api/regulations/gdpr or /api/compliance/pdpa)') }}",
"options": {},
"toolDescription": "Queries external legal databases and regulatory APIs to retrieve current privacy law requirements, regulation updates, and compliance guidelines for GDPR, PDPA, CCPA, and other privacy regulations."
},
"typeVersion": 4.4
},
{
"id": "740f444b-5caf-4345-904c-4cf8b7370ef5",
"name": "Audit Log Tool",
"type": "n8n-nodes-base.dataTableTool",
"position": [
1776,
848
],
"parameters": {
"columns": {
"value": null,
"mappingMode": "autoMapInputData"
},
"options": {},
"dataTableId": {
"__rl": true,
"mode": "list",
"value": "<__PLACEHOLDER_VALUE__audit_logs table__>"
},
"descriptionType": "manual",
"toolDescription": "Records compliance evaluations, privacy assessments, and governance decisions to the audit log data table for compliance tracking and reporting."
},
"typeVersion": 1.1
},
{
"id": "5ad61831-00ed-4498-bcfd-620c6f676b0c",
"name": "Approval Request Tool",
"type": "n8n-nodes-base.slackHitlTool",
"position": [
2016,
928
],
"parameters": {
"user": {
"__rl": true,
"mode": "list",
"value": ""
},
"options": {},
"authentication": "oAuth2"
},
"credentials": {
"slackOAuth2Api": {
"name": "<your credential>"
}
},
"typeVersion": 2.4
},
{
"id": "6bcc8f5a-2a4e-4fb4-9cb8-f688e035afc0",
"name": "Slack Notification Tool",
"type": "n8n-nodes-base.slackTool",
"position": [
2096,
1136
],
"parameters": {
"text": "={{ $fromAI('notification_message', 'The compliance notification or alert message to send') }}",
"select": "channel",
"channelId": {
"__rl": true,
"mode": "id",
"value": "={{ $fromAI('channel', 'The Slack channel to send the notification to') }}"
},
"otherOptions": {},
"authentication": "oAuth2",
"descriptionType": "manual",
"toolDescription": "Sends privacy compliance alerts, risk notifications, and governance updates to designated Slack channels."
},
"credentials": {
"slackOAuth2Api": {
"name": "<your credential>"
}
},
"typeVersion": 2.4
},
{
"id": "40ce2a2a-a394-4a58-bce3-d059bb477646",
"name": "Route by Risk Level",
"type": "n8n-nodes-base.switch",
"position": [
1936,
416
],
"parameters": {
"rules": {
"values": [
{
"conditions": {
"string": [
{
"value1": "={{ $json.riskLevel }}",
"value2": "CRITICAL",
"operation": "equals"
}
]
}
},
{
"conditions": {
"string": [
{
"value1": "={{ $json.riskLevel }}",
"value2": "HIGH",
"operation": "equals"
}
]
}
},
{
"conditions": {
"string": [
{
"value1": "={{ $json.riskLevel }}",
"value2": "MEDIUM",
"operation": "equals"
}
]
}
},
{
"conditions": {
"string": [
{
"value1": "={{ $json.riskLevel }}",
"value2": "LOW",
"operation": "equals"
}
]
}
}
]
},
"options": {}
},
"typeVersion": 3.4
},
{
"id": "fa5a37a3-267e-4b48-8fa8-d1d57a9af833",
"name": "Prepare Critical Alert",
"type": "n8n-nodes-base.set",
"position": [
2160,
304
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "id-1",
"name": "alertType",
"type": "string",
"value": "CRITICAL PRIVACY RISK"
},
{
"id": "id-2",
"name": "priority",
"type": "string",
"value": "URGENT"
},
{
"id": "id-3",
"name": "message",
"type": "string",
"value": "={{ 'CRITICAL: ' + $json.output.findings }}"
},
{
"id": "id-4",
"name": "violations",
"type": "array",
"value": "={{ $json.output.regulationViolations }}"
},
{
"id": "id-5",
"name": "recommendations",
"type": "array",
"value": "={{ $json.output.recommendations }}"
},
{
"id": "id-6",
"name": "timestamp",
"type": "string",
"value": "={{ $now.toISO() }}"
}
]
},
"includeOtherFields": true
},
"typeVersion": 3.4
},
{
"id": "8b3fc8db-f2db-4438-94d0-48661ad0d714",
"name": "Prepare High Risk Alert",
"type": "n8n-nodes-base.set",
"position": [
2160,
592
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "id-1",
"name": "alertType",
"type": "string",
"value": "HIGH PRIVACY RISK"
},
{
"id": "id-2",
"name": "priority",
"type": "string",
"value": "HIGH"
},
{
"id": "id-3",
"name": "message",
"type": "string",
"value": "={{ 'High Risk Detected: ' + $json.output.findings }}"
},
{
"id": "id-4",
"name": "violations",
"type": "array",
"value": "={{ $json.output.regulationViolations }}"
},
{
"id": "id-5",
"name": "recommendations",
"type": "array",
"value": "={{ $json.output.recommendations }}"
},
{
"id": "id-6",
"name": "timestamp",
"type": "string",
"value": "={{ $now.toISO() }}"
}
]
},
"includeOtherFields": true
},
"typeVersion": 3.4
},
{
"id": "b33a6020-b749-45f4-8304-b6e6e61cf03b",
"name": "Send Critical Alert",
"type": "n8n-nodes-base.slack",
"position": [
2384,
304
],
"parameters": {
"text": "={{ '\ud83d\udea8 CRITICAL PRIVACY RISK DETECTED \ud83d\udea8\n\n' + $json.message + '\n\nViolations: ' + JSON.stringify($json.violations) + '\n\nRecommendations: ' + JSON.stringify($json.recommendations) + '\n\nTimestamp: ' + $json.timestamp }}",
"select": "channel",
"channelId": {
"__rl": true,
"mode": "id",
"value": "<__PLACEHOLDER_VALUE__critical_alerts_channel__>"
},
"otherOptions": {},
"authentication": "oAuth2"
},
"credentials": {
"slackOAuth2Api": {
"name": "<your credential>"
}
},
"typeVersion": 2.4
},
{
"id": "3440a176-4deb-4475-a47e-4436a313a627",
"name": "Send High Risk Alert",
"type": "n8n-nodes-base.slack",
"position": [
2384,
592
],
"parameters": {
"text": "={{ '\u26a0\ufe0f HIGH PRIVACY RISK DETECTED\n\n' + $json.message + '\n\nViolations: ' + JSON.stringify($json.violations) + '\n\nRecommendations: ' + JSON.stringify($json.recommendations) + '\n\nTimestamp: ' + $json.timestamp }}",
"select": "channel",
"channelId": {
"__rl": true,
"mode": "id",
"value": "<__PLACEHOLDER_VALUE__privacy_alerts_channel__>"
},
"otherOptions": {},
"authentication": "oAuth2"
},
"credentials": {
"slackOAuth2Api": {
"name": "<your credential>"
}
},
"typeVersion": 2.4
},
{
"id": "fd0b67e4-37e4-42b4-86a9-48428767d02d",
"name": "Prepare Audit Record",
"type": "n8n-nodes-base.set",
"position": [
2656,
448
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "id-1",
"name": "eventId",
"type": "string",
"value": "={{ $('Data Usage Event Trigger').item.json.eventId || 'AUDIT_' + $now.toMillis() }}"
},
{
"id": "id-2",
"name": "timestamp",
"type": "string",
"value": "={{ $now.toISO() }}"
},
{
"id": "id-3",
"name": "complianceStatus",
"type": "string",
"value": "={{ $json.complianceStatus }}"
},
{
"id": "id-4",
"name": "riskLevel",
"type": "string",
"value": "={{ $json.riskLevel }}"
},
{
"id": "id-5",
"name": "findings",
"type": "string",
"value": "={{ $json.findings }}"
},
{
"id": "id-6",
"name": "violations",
"type": "string",
"value": "={{ JSON.stringify($json.regulationViolations) }}"
},
{
"id": "id-7",
"name": "recommendations",
"type": "string",
"value": "={{ JSON.stringify($json.recommendations) }}"
},
{
"id": "id-8",
"name": "approvalRequired",
"type": "boolean",
"value": "={{ $json.approvalRequired }}"
},
{
"id": "id-9",
"name": "auditTrail",
"type": "string",
"value": "={{ JSON.stringify($json.auditTrail) }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "eb3a95ea-5cc6-48a0-adc6-1af61c8469cc",
"name": "Store Compliance Record",
"type": "n8n-nodes-base.dataTable",
"position": [
2832,
448
],
"parameters": {
"columns": {
"value": {
"eventId": "={{ $('Data Usage Event Trigger').item.json.eventId || 'AUDIT_' + $now.toMillis() }}",
"findings": "={{ $json.findings }}",
"riskLevel": "={{ $json.riskLevel }}",
"timestamp": "={{ $now.toISO() }}",
"auditTrail": "={{ JSON.stringify($json.auditTrail) }}",
"violations": "={{ JSON.stringify($json.regulationViolations) }}",
"recommendations": "={{ JSON.stringify($json.recommendations) }}",
"approvalRequired": "={{ $json.approvalRequired }}",
"complianceStatus": "={{ $json.complianceStatus }}"
},
"mappingMode": "defineBelow"
},
"options": {},
"dataTableId": {
"__rl": true,
"mode": "list",
"value": "<__PLACEHOLDER_VALUE__compliance_records table__>"
}
},
"typeVersion": 1.1
},
{
"id": "302fa176-ecf9-4d66-af4f-203f46d8111d",
"name": "Prepare Compliance Report",
"type": "n8n-nodes-base.set",
"position": [
3056,
448
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "id-1",
"name": "reportTitle",
"type": "string",
"value": "={{ 'Privacy Compliance Report - ' + $now.toFormat('yyyy-MM-dd') }}"
},
{
"id": "id-2",
"name": "executiveSummary",
"type": "string",
"value": "={{ 'Compliance Status: ' + $json.complianceStatus + ' | Risk Level: ' + $json.riskLevel }}"
},
{
"id": "id-3",
"name": "detailedFindings",
"type": "string",
"value": "={{ $json.findings }}"
},
{
"id": "id-4",
"name": "regulationViolations",
"type": "string",
"value": "={{ JSON.stringify($json.regulationViolations, null, 2) }}"
},
{
"id": "id-5",
"name": "recommendations",
"type": "string",
"value": "={{ JSON.stringify($json.recommendations, null, 2) }}"
},
{
"id": "id-6",
"name": "auditTrail",
"type": "string",
"value": "={{ JSON.stringify($json.auditTrail, null, 2) }}"
},
{
"id": "id-7",
"name": "generatedAt",
"type": "string",
"value": "={{ $now.toISO() }}"
},
{
"id": "id-8",
"name": "approvalStatus",
"type": "string",
"value": "={{ $json.approvalRequired ? 'PENDING APPROVAL' : 'AUTO-APPROVED' }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "6a9d4fe0-38f5-4184-b809-fe70385135d2",
"name": "Send Compliance Report",
"type": "n8n-nodes-base.gmail",
"position": [
3280,
448
],
"parameters": {
"sendTo": "<__PLACEHOLDER_VALUE__dpo_email__>",
"message": "={{ 'PRIVACY COMPLIANCE REPORT\\n\\n' + $json.executiveSummary + '\\n\\nDETAILED FINDINGS:\\n' + $json.detailedFindings + '\\n\\nREGULATION VIOLATIONS:\\n' + $json.regulationViolations + '\\n\\nRECOMMENDATIONS:\\n' + $json.recommendations + '\\n\\nAUDIT TRAIL:\\n' + $json.auditTrail + '\\n\\nGenerated: ' + $json.generatedAt + '\\nApproval Status: ' + $json.approvalStatus }}",
"options": {},
"subject": "={{ $json.reportTitle }}"
},
"credentials": {
"gmailOAuth2": {
"name": "<your credential>"
}
},
"typeVersion": 2.2
},
{
"id": "6fbd070a-b0d5-4e0d-96f6-91df8b6358b1",
"name": "Approval History Tool",
"type": "n8n-nodes-base.dataTableTool",
"position": [
2304,
928
],
"parameters": {
"operation": "rowExists",
"dataTableId": {
"__rl": true,
"mode": "list",
"value": "<__PLACEHOLDER_VALUE__approval_history table__>"
},
"descriptionType": "manual",
"toolDescription": "Queries the approval history data table to retrieve past governance decisions, approval patterns, and compliance actions for reference during current evaluations."
},
"typeVersion": 1.1
},
{
"id": "2686d0a7-5674-4894-96a0-ee54fee62573",
"name": "Sticky Note",
"type": "n8n-nodes-base.stickyNote",
"position": [
272,
-128
],
"parameters": {
"width": 656,
"height": 368,
"content": "## How It Works\nThis workflow automates data privacy compliance governance for privacy officers, legal operations teams, and data protection leads. It eliminates the manual effort of monitoring data usage events, classifying privacy risks, routing approval requests, and generating audit-ready compliance reports. Data usage events arrive via a webhook trigger while a scheduled audit runs in parallel, ensuring continuous and periodic coverage. Both feeds pass to the Privacy Governance Agent, backed by a governance model and shared memory \u2014 which coordinates three specialist tools: a Data Privacy Agent Tool (privacy policy assessment using a privacy model and Legal Database API), a Risk Detection Agent Tool (risk classification using a dedicated risk model), and an Audit Log Tool. Approval requests are routed via an Approval Request Tool with Slack notifications, and outputs are structured via a Compliance Output Parser and Approval History Tool. Results are routed by risk level, critical alerts trigger Slack notifications immediately, high-risk alerts follow a parallel Slack path, before all cases converge to prepare an audit record, store a compliance record in Google Sheets, prepare a compliance report, and distribute it via Gmail."
},
"typeVersion": 1
},
{
"id": "aa1f8291-6b7e-46ae-b660-648ccd8f41e0",
"name": "Sticky Note1",
"type": "n8n-nodes-base.stickyNote",
"position": [
1504,
-224
],
"parameters": {
"color": 6,
"width": 624,
"height": 416,
"content": "## Prerequisites\n- OpenAI API key (or compatible LLM)\n- Slack workspace with bot credentials\n- Gmail account with OAuth credentials\n- Google Sheets with compliance and audit tabs pre-created\n## Use Cases\n- Privacy officers automating GDPR and PDPA data usage event monitoring and risk classification\n## Customisation\n- Swap the Legal Database API to target jurisdiction-specific frameworks (GDPR, CCPA, PDPA, HIPAA)\n## Benefits\n- Dual-trigger ingestion ensures continuous and scheduled privacy coverage with no monitoring gaps"
},
"typeVersion": 1
},
{
"id": "98e35ad8-00ac-49cb-9101-b57042b60906",
"name": "Sticky Note2",
"type": "n8n-nodes-base.stickyNote",
"position": [
992,
-112
],
"parameters": {
"width": 448,
"height": 304,
"content": "## Setup Steps\n1. Import workflow; configure the Data Usage Event Trigger webhook URL and Scheduled Compliance Audit interval.\n2. Add AI model credentials to the Privacy Governance Agent, Data Privacy Agent Tool, and Risk Detection Agent Tool.\n3. Connect the Legal Database API Tool with your privacy regulatory database endpoint and credentials.\n4. Link Slack credentials to the Slack Notification Tool, Send Critical Alert, and Send High Risk Alert nodes.\n5. Link Gmail credentials to the Send Compliance Report node.\n6. Connect Google Sheets credentials; set sheet IDs for Compliance Record and Audit Log tabs."
},
"typeVersion": 1
},
{
"id": "9fa41519-3085-4b69-ae92-56e8cdaa800e",
"name": "Sticky Note3",
"type": "n8n-nodes-base.stickyNote",
"position": [
1888,
752
],
"parameters": {
"color": 7,
"width": 784,
"height": 528,
"content": "## Approval Request & Slack Notification Tool\n**Why** \u2014 Routes privacy approval requests via Slack, enabling rapid human-in-the-loop governance without email bottlenecks.\n"
},
"typeVersion": 1
},
{
"id": "4bb3e34d-a158-4c81-9ba4-653cecef6b57",
"name": "Sticky Note4",
"type": "n8n-nodes-base.stickyNote",
"position": [
1120,
736
],
"parameters": {
"color": 7,
"width": 752,
"height": 592,
"content": "\n## Risk Detection Agent & Audit Log Tool\n**Why** \u2014 Classifies each event by risk level and logs it\n immediately, creating an unbroken audit trail before any routing decision is made."
},
"typeVersion": 1
},
{
"id": "13bc44e7-d9eb-43dd-9441-ab2b29834f0a",
"name": "Sticky Note5",
"type": "n8n-nodes-base.stickyNote",
"position": [
112,
256
],
"parameters": {
"color": 7,
"width": 976,
"height": 800,
"content": "## Data Privacy Agent & Legal Database API Tool\n**Why** \u2014 Evaluates data usage against legal privacy frameworks, ensuring policy assessments are grounded in current regulatory references."
},
"typeVersion": 1
},
{
"id": "9a7aee51-a463-4c61-97e4-b0a5395b2c9b",
"name": "Sticky Note6",
"type": "n8n-nodes-base.stickyNote",
"position": [
1760,
224
],
"parameters": {
"color": 7,
"width": 848,
"height": 512,
"content": "## Route by Risk Level\n**Why** \u2014 Rules-based routing separates critical and high-risk events for proportionate, parallel alert handling without manual triage."
},
"typeVersion": 1
},
{
"id": "08fa10c0-ce3f-48d3-aa99-88612753952a",
"name": "Sticky Note7",
"type": "n8n-nodes-base.stickyNote",
"position": [
2640,
224
],
"parameters": {
"color": 7,
"width": 880,
"height": 528,
"content": "## Audit Record, Compliance Storage & Report Distribution\n**Why** \u2014 Every event generates an audit record stored in Google Sheets; a compliance report is prepared and distributed via Gmail to maintain a complete, stakeholder-ready governance trail."
},
"typeVersion": 1
}
],
"active": false,
"settings": {
"binaryMode": "separate",
"executionOrder": "v1"
},
"versionId": "35c62432-e5ff-48eb-adda-0afe0673ba56",
"connections": {
"Audit Log Tool": {
"ai_tool": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_tool",
"index": 0
}
]
]
},
"Risk Agent Model": {
"ai_languageModel": [
[
{
"node": "Risk Detection Agent Tool",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"Privacy Agent Model": {
"ai_languageModel": [
[
{
"node": "Data Privacy Agent Tool",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"Route by Risk Level": {
"main": [
[
{
"node": "Prepare Critical Alert",
"type": "main",
"index": 0
}
],
[
{
"node": "Prepare High Risk Alert",
"type": "main",
"index": 0
}
],
[
{
"node": "Prepare Audit Record",
"type": "main",
"index": 0
}
],
[
{
"node": "Prepare Audit Record",
"type": "main",
"index": 0
}
]
]
},
"Send Critical Alert": {
"main": [
[
{
"node": "Prepare Audit Record",
"type": "main",
"index": 0
}
]
]
},
"Prepare Audit Record": {
"main": [
[
{
"node": "Store Compliance Record",
"type": "main",
"index": 0
}
]
]
},
"Send High Risk Alert": {
"main": [
[
{
"node": "Prepare Audit Record",
"type": "main",
"index": 0
}
]
]
},
"Approval History Tool": {
"ai_tool": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_tool",
"index": 0
}
]
]
},
"Approval Request Tool": {
"ai_tool": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_tool",
"index": 0
}
]
]
},
"Governance Agent Model": {
"ai_languageModel": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_languageModel",
"index": 0
}
]
]
},
"Prepare Critical Alert": {
"main": [
[
{
"node": "Send Critical Alert",
"type": "main",
"index": 0
}
]
]
},
"Data Privacy Agent Tool": {
"ai_tool": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_tool",
"index": 0
}
]
]
},
"Legal Database API Tool": {
"ai_tool": [
[
{
"node": "Data Privacy Agent Tool",
"type": "ai_tool",
"index": 0
}
]
]
},
"Prepare High Risk Alert": {
"main": [
[
{
"node": "Send High Risk Alert",
"type": "main",
"index": 0
}
]
]
},
"Slack Notification Tool": {
"ai_tool": [
[
{
"node": "Approval Request Tool",
"type": "ai_tool",
"index": 0
}
]
]
},
"Store Compliance Record": {
"main": [
[
{
"node": "Prepare Compliance Report",
"type": "main",
"index": 0
}
]
]
},
"Compliance Output Parser": {
"ai_outputParser": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_outputParser",
"index": 0
}
]
]
},
"Data Usage Event Trigger": {
"main": [
[
{
"node": "Privacy Governance Agent",
"type": "main",
"index": 0
}
]
]
},
"Privacy Governance Agent": {
"main": [
[
{
"node": "Route by Risk Level",
"type": "main",
"index": 0
}
]
]
},
"Prepare Compliance Report": {
"main": [
[
{
"node": "Send Compliance Report",
"type": "main",
"index": 0
}
]
]
},
"Risk Detection Agent Tool": {
"ai_tool": [
[
{
"node": "Privacy Governance Agent",
"type": "ai_tool",
"index": 0
}
]
]
},
"Scheduled Compliance Audit": {
"main": [
[
{
"node": "Privacy Governance Agent",
"type": "main",
"index": 0
}
]
]
}
}
}
Credentials you'll need
Each integration node will prompt for credentials when you import. We strip credential IDs before publishing — you'll add your own.
gmailOAuth2openAiApislackOAuth2Api
Pro
For the full experience including quality scoring and batch install features for each workflow upgrade to Pro
About this workflow
This workflow automates data privacy compliance governance for privacy officers, legal operations teams, and data protection leads. It eliminates the manual effort of monitoring data usage events, classifying privacy risks, routing approval requests, and generating audit-ready…
Source: https://n8n.io/workflows/14441/ — original creator credit. Request a take-down →
Related workflows
Workflows that share integrations, category, or trigger type with this one. All free to copy and import.
This workflow automates enterprise resource planning (ERP) operations across Engineering, Finance, HR, and Admin departments for operations managers, ERP administrators, and business process owners wh
Agent, Gmail, Slack +6
This workflow automates enterprise compliance governance using a multi-agent AI architecture. It targets compliance officers, legal teams, and risk managers who need continuous, jurisdiction-aware mon
Agent, OpenAI Chat, Memory Buffer Window +8
This workflow automates end-to-end AI-driven content moderation for platforms managing user-generated content, including marketplaces, communities, and enterprise systems. It is designed for product,
Agent, OpenAI Chat, Output Parser Structured +4
This workflow automates credit operations onboarding by running KYC verification, credit bureau checks, identity validation, and sanctions screening through a single AI-powered agent. Built for credit
Agent, OpenAI Chat, Output Parser Structured +8
This workflow automates credit operations onboarding by running KYC verification, credit bureau checks, identity validation, and sanctions screening through a single AI-powered agent. Built for credit
Agent, OpenAI Chat, Output Parser Structured +8