This workflow follows the Google Drive → Google Drive Trigger recipe pattern — see all workflows that pair these two integrations.
The workflow JSON
Copy or download the full n8n JSON below. Paste it into a new n8n workflow, add your credentials, activate. Full import guide →
{
"name": "GDPR & Privacy Policy Compliance Scanner",
"nodes": [
{
"parameters": {
"content": "## \ud83d\udd12 GDPR Compliance Scanner\n\n### How it works\n1. Watches Google Drive folder for privacy policy uploads\n2. Downloads and analyzes document for GDPR compliance\n3. Extracts data controller, DPO, legal bases, user rights\n4. Calculates compliance score based on required elements\n5. Identifies gaps and missing GDPR requirements\n6. Logs results to Google Sheets compliance tracker\n7. Sends Slack alert if compliance issues found\n\n### Setup steps\n1. Create Google Drive folder for privacy policy documents\n2. Get PDF Vector API key from pdfvector.com/api-keys\n3. Create Google Sheet with columns: Company, Last Updated, Compliance Score, Status, User Rights Score, Missing Rights, Gaps Found, Third Parties, Has DPO, International Transfers, Scanned Date\n4. Connect Google Drive, Sheets, and Slack credentials\n5. Update folder ID and spreadsheet ID in nodes\n\n### Perfect for\n- Legal teams reviewing vendor policies\n- Compliance officers auditing data practices\n- Data protection officers (DPOs)\n- Business owners ensuring GDPR compliance",
"height": 580,
"width": 380,
"color": 5
},
"id": "sticky-main",
"name": "Sticky Note",
"type": "n8n-nodes-base.stickyNote",
"typeVersion": 1,
"position": [
-140,
40
]
},
{
"parameters": {
"content": "## \u26a0\ufe0f Compliance Checks\n\n- Lawful basis for processing\n- DPO contact information\n- Right to access\n- Right to rectification\n- Right to erasure\n- Right to portability\n- Right to object\n- Breach notification policy\n- International transfer safeguards",
"height": 260,
"width": 220
},
"id": "sticky-flags",
"name": "Sticky Note1",
"type": "n8n-nodes-base.stickyNote",
"typeVersion": 1,
"position": [
500,
-60
]
},
{
"parameters": {
"pollTimes": {
"item": [
{
"mode": "everyMinute"
}
]
},
"triggerOn": "specificFolder",
"folderToWatch": {
"__rl": true,
"value": "YOUR_FOLDER_ID",
"mode": "list",
"cachedResultName": "Privacy Policies"
},
"event": "fileCreated",
"options": {}
},
"id": "gdrive-trigger",
"name": "Google Drive Trigger",
"type": "n8n-nodes-base.googleDriveTrigger",
"typeVersion": 1,
"position": [
280,
260
],
"credentials": {
"googleDriveOAuth2Api": {
"name": "<your credential>"
}
}
},
{
"parameters": {
"operation": "download",
"fileId": "={{ $json.id }}",
"options": {}
},
"id": "gdrive-download",
"name": "Download Document",
"type": "n8n-nodes-base.googleDrive",
"typeVersion": 3,
"position": [
480,
260
],
"credentials": {
"googleDriveOAuth2Api": {
"name": "<your credential>"
}
}
},
{
"parameters": {
"operation": "extract",
"inputType": "file",
"prompt": "Analyze this privacy policy or data protection document for GDPR compliance as flat fields. companyName, documentTitle, lastUpdated (YYYY-MM-DD), dataControllerName, dataControllerAddress, dpoName, dpoEmail, dpoPhone, hasDpo (true/false), dataCollectedList (semicolon-separated types of personal data collected), legalBasesList (semicolon-separated legal bases: consent/contract/legal obligation/vital interests/public task/legitimate interests), retentionSummary (semicolon-separated formatted as: dataType retentionPeriod), thirdPartiesList (semicolon-separated third parties data is shared with), internationalTransfers (true/false), transferCountries (semicolon-separated), safeguardMechanisms, userRightsList (semicolon-separated rights mentioned: access/rectification/erasure/portability/restriction/objection/withdraw-consent), missingRightsList (semicolon-separated GDPR rights NOT mentioned), complianceGapsList (semicolon-separated compliance issues found), complianceScore (number 0-100), complianceStatus (one of: Compliant, Partially Compliant, Non-Compliant).",
"schema": "{\"type\": \"object\", \"properties\": {\"companyName\": {\"type\": \"string\"}, \"documentTitle\": {\"type\": \"string\"}, \"lastUpdated\": {\"type\": \"string\"}, \"dataControllerName\": {\"type\": \"string\"}, \"dataControllerAddress\": {\"type\": \"string\"}, \"dpoName\": {\"type\": \"string\"}, \"dpoEmail\": {\"type\": \"string\"}, \"dpoPhone\": {\"type\": \"string\"}, \"hasDpo\": {\"type\": \"boolean\"}, \"dataCollectedList\": {\"type\": \"string\"}, \"legalBasesList\": {\"type\": \"string\"}, \"retentionSummary\": {\"type\": \"string\"}, \"thirdPartiesList\": {\"type\": \"string\"}, \"internationalTransfers\": {\"type\": \"boolean\"}, \"transferCountries\": {\"type\": \"string\"}, \"safeguardMechanisms\": {\"type\": \"string\"}, \"userRightsList\": {\"type\": \"string\"}, \"missingRightsList\": {\"type\": \"string\"}, \"complianceGapsList\": {\"type\": \"string\"}, \"complianceScore\": {\"type\": \"number\"}, \"complianceStatus\": {\"type\": \"string\"}}, \"additionalProperties\": false}"
},
"id": "pdfvector-extract",
"name": "PDF Vector - Analyze Policy",
"type": "n8n-nodes-pdfvector.pdfVector",
"typeVersion": 2,
"position": [
680,
260
],
"credentials": {
"pdfVectorApi": {
"name": "<your credential>"
}
}
},
{
"parameters": {
"jsCode": "const data = ($input.first().json?.data || $input.first().json) || {};\nconst fileName = $('Google Drive Trigger').item.json.name;\nconst fileId = $('Google Drive Trigger').item.json.id;\n\nconst gaps = (data.complianceGapsList || '').split(';').filter(g => g.trim());\nconst rights = (data.userRightsList || '').split(';').filter(r => r.trim());\nconst missing = (data.missingRightsList || '').split(';').filter(r => r.trim());\nconst thirdParties = (data.thirdPartiesList || '').split(';').filter(t => t.trim());\n\nreturn [{ json: {\n companyName: data.companyName || 'Unknown',\n documentTitle: data.documentTitle || 'N/A',\n lastUpdated: data.lastUpdated || 'N/A',\n complianceScore: parseFloat(data.complianceScore) || 0,\n complianceStatus: data.complianceStatus || 'Unknown',\n status: data.complianceStatus || 'Unknown',\n hasDpo: data.hasDpo || false,\n hasDPO: data.hasDpo || false,\n dpoName: data.dpoName || 'N/A',\n dpoEmail: data.dpoEmail || 'N/A',\n userRightsList: data.userRightsList || 'None',\n coveredRights: rights.join('; ') || 'None',\n missingRightsList: data.missingRightsList || 'None',\n missingRights: missing.join('; ') || 'None',\n complianceGapsList: data.complianceGapsList || 'None',\n gapsList: gaps.join('\\n') || 'None',\n thirdPartiesList: data.thirdPartiesList || 'None',\n thirdPartyCount: thirdParties.length,\n internationalTransfers: data.internationalTransfers || false,\n hasInternationalTransfers: data.internationalTransfers || false,\n transferCountries: data.transferCountries || 'N/A',\n dataCollectedList: data.dataCollectedList || 'N/A',\n legalBasesList: data.legalBasesList || 'N/A',\n gapCount: gaps.length,\n rightsScore: rights.length,\n missingCount: missing.length,\n fileName, fileId,\n processedAt: new Date().toISOString()\n}}];"
},
"id": "analyze-compliance",
"name": "Analyze Compliance",
"type": "n8n-nodes-base.code",
"typeVersion": 2,
"position": [
880,
260
]
},
{
"parameters": {
"operation": "append",
"documentId": {
"__rl": true,
"value": "YOUR_SPREADSHEET_ID",
"mode": "list",
"cachedResultName": "Compliance Tracker"
},
"sheetName": {
"__rl": true,
"value": "gid=0",
"mode": "list",
"cachedResultName": "Scans"
},
"columns": {
"mappingMode": "defineBelow",
"value": {
"Company": "={{ $json.companyName }}",
"Last Updated": "={{ $json.lastUpdated }}",
"Compliance Score": "={{ $json.complianceScore }}",
"Status": "={{ $json.complianceStatus }}",
"User Rights Score": "={{ $json.rightsScore }}",
"Missing Rights": "={{ $json.missingRightsList }}",
"Gaps Found": "={{ $json.gapCount }}",
"Third Parties": "={{ $json.thirdPartiesList }}",
"Has DPO": "={{ $json.hasDpo ? 'Yes' : 'No' }}",
"International Transfers": "={{ $json.internationalTransfers ? 'Yes' : 'No' }}",
"Scanned Date": "={{ $json.processedAt.split('T')[0] }}"
},
"matchingColumns": [],
"schema": [
{
"id": "Company",
"displayName": "Company",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Last Updated",
"displayName": "Last Updated",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Compliance Score",
"displayName": "Compliance Score",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Status",
"displayName": "Status",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "User Rights Score",
"displayName": "User Rights Score",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Missing Rights",
"displayName": "Missing Rights",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Gaps Found",
"displayName": "Gaps Found",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Third Parties",
"displayName": "Third Parties",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Has DPO",
"displayName": "Has DPO",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "International Transfers",
"displayName": "International Transfers",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
},
{
"id": "Scanned Date",
"displayName": "Scanned Date",
"required": false,
"defaultMatch": false,
"display": true,
"type": "string",
"canBeUsedToMatch": true
}
],
"attemptToConvertTypes": false,
"convertFieldsToString": false
},
"options": {}
},
"id": "sheets-log",
"name": "Log Compliance Scan",
"type": "n8n-nodes-base.googleSheets",
"typeVersion": 4.4,
"position": [
1080,
260
],
"credentials": {
"googleSheetsOAuth2Api": {
"name": "<your credential>"
}
}
},
{
"parameters": {
"conditions": {
"options": {
"caseSensitive": true,
"leftValue": "",
"typeValidation": "strict"
},
"conditions": [
{
"id": "condition-compliance",
"leftValue": "={{ $json.Status }}",
"rightValue": "Compliant",
"operator": {
"type": "string",
"operation": "notEquals"
}
}
],
"combinator": "and"
},
"options": {}
},
"id": "if-issues",
"name": "Has Issues?",
"type": "n8n-nodes-base.if",
"typeVersion": 2,
"position": [
1280,
260
]
},
{
"parameters": {
"authentication": "oAuth2",
"select": "channel",
"channelId": {
"__rl": true,
"value": "YOUR_SLACK_CHANNEL_ID",
"mode": "list",
"cachedResultName": "compliance-alerts"
},
"text": "=\ud83d\udd12 *GDPR Compliance Scan Complete*\n\n*Company:* {{ $('Analyze Compliance').item.json.companyName }}\n*Policy Updated:* {{ $('Analyze Compliance').item.json.lastUpdated || 'Not specified' }}\n\n\ud83d\udcca *Compliance Score:* {{ $('Analyze Compliance').item.json.complianceScore }}%\n\u26a0\ufe0f *Status:* {{ $('Analyze Compliance').item.json.status }}\n\n\ud83d\udc64 *User Rights Score:* {{ $('Analyze Compliance').item.json.rightsScore }}/7 rights\n\u2705 *Covered:* {{ $('Analyze Compliance').item.json.coveredRights || 'None' }}\n\u274c *Missing:* {{ $('Analyze Compliance').item.json.missingRights || 'None' }}\n\n\ud83d\udd0d *Compliance Gaps ({{ $('Analyze Compliance').item.json.gapCount }}):*\n{{ $('Analyze Compliance').item.json.gapsList }}\n\n\ud83c\udfe2 *Third Parties:* {{ $('Analyze Compliance').item.json.thirdPartyCount }}\n\ud83d\udc68\u200d\ud83d\udcbc *Has DPO:* {{ $('Analyze Compliance').item.json.hasDPO ? 'Yes' : 'No' }}\n\ud83c\udf0d *International Transfers:* {{ $('Analyze Compliance').item.json.hasInternationalTransfers ? 'Yes' : 'No' }}\n\n<https://drive.google.com/file/d/{{ $('Analyze Compliance').item.json.fileId }}/view|\ud83d\udcc4 View Policy Document>",
"otherOptions": {}
},
"id": "slack-alert",
"name": "Alert Compliance Team",
"type": "n8n-nodes-base.slack",
"typeVersion": 2.2,
"position": [
1480,
160
],
"credentials": {
"slackOAuth2Api": {
"name": "<your credential>"
}
}
}
],
"connections": {
"Google Drive Trigger": {
"main": [
[
{
"node": "Download Document",
"type": "main",
"index": 0
}
]
]
},
"Download Document": {
"main": [
[
{
"node": "PDF Vector - Analyze Policy",
"type": "main",
"index": 0
}
]
]
},
"PDF Vector - Analyze Policy": {
"main": [
[
{
"node": "Analyze Compliance",
"type": "main",
"index": 0
}
]
]
},
"Analyze Compliance": {
"main": [
[
{
"node": "Log Compliance Scan",
"type": "main",
"index": 0
}
]
]
},
"Log Compliance Scan": {
"main": [
[
{
"node": "Has Issues?",
"type": "main",
"index": 0
}
]
]
},
"Has Issues?": {
"main": [
[
{
"node": "Alert Compliance Team",
"type": "main",
"index": 0
}
],
[]
]
}
},
"active": false,
"settings": {
"executionOrder": "v1"
},
"meta": {
"templateCredsSetupCompleted": false
},
"tags": []
}
Credentials you'll need
Each integration node will prompt for credentials when you import. We strip credential IDs before publishing — you'll add your own.
googleDriveOAuth2ApigoogleSheetsOAuth2ApipdfVectorApislackOAuth2Api
Pro
For the full experience including quality scoring and batch install features for each workflow upgrade to Pro
About this workflow
GDPR & Privacy Policy Compliance Scanner. Uses googleDriveTrigger, googleDrive, n8n-nodes-pdfvector, googleSheets. Event-driven trigger; 9 nodes.
Source: https://github.com/khanhduyvt0101/workflows/blob/0153ee2efc0f692c931b9bb4c2a04abf11756822/n8n-workflows/gdpr-compliance-scanner.json — original creator credit. Request a take-down →
Related workflows
Workflows that share integrations, category, or trigger type with this one. All free to copy and import.
Lease Agreement Analyzer for Renters. Uses googleDriveTrigger, googleDrive, n8n-nodes-pdfvector, googleSheets. Event-driven trigger; 12 nodes.
Google Drive Trigger, Google Drive, N8N Nodes Pdfvector +2
Expense Report Processor with AI Categorization. Uses googleDriveTrigger, googleDrive, n8n-nodes-pdfvector, googleSheets. Event-driven trigger; 12 nodes.
Google Drive Trigger, Google Drive, N8N Nodes Pdfvector +2
Financial Report Analyzer (10-K, 10-Q). Uses googleDriveTrigger, googleDrive, n8n-nodes-pdfvector, googleSheets. Event-driven trigger; 11 nodes.
Google Drive Trigger, Google Drive, N8N Nodes Pdfvector +2
AI Contract Review & Risk Analysis. Uses googleDriveTrigger, googleDrive, n8n-nodes-pdfvector, googleSheets. Event-driven trigger; 10 nodes.
Google Drive Trigger, Google Drive, N8N Nodes Pdfvector +2
Patient Intake Form Processor for Healthcare. Uses googleDriveTrigger, googleDrive, n8n-nodes-pdfvector, googleSheets. Event-driven trigger; 10 nodes.
Google Drive Trigger, Google Drive, N8N Nodes Pdfvector +2