@tantainnovative/ndpr-toolkit 3.4.1 → 3.5.0

package/dist/lawful-basis-BEyI0kGg.d.ts

@@ -1,57 +0,0 @@
-import { P as ProcessingActivity, a as LawfulBasisSummary, L as LawfulBasis } from './lawful-basis-Cv1VmDLn.js';
-
-/**
- * Validation result for a processing activity
- */
-interface LawfulBasisValidationResult {
-    isValid: boolean;
-    errors: string[];
-    warnings: string[];
-}
-/**
- * Compliance gap identified across processing activities
- */
-interface LawfulBasisComplianceGap {
-    activityId: string;
-    activityName: string;
-    type: 'missing_approval' | 'overdue_review' | 'missing_justification' | 'missing_lia' | 'missing_sensitive_condition' | 'missing_retention' | 'missing_data_categories' | 'missing_purposes';
-    severity: 'high' | 'medium' | 'low';
-    description: string;
-}
-/**
- * Validates that all required fields are present on a processing activity
- * and that the lawful basis is properly documented.
- *
- * If lawfulBasis is 'legitimate_interests', ensures a LIA justification exists.
- * If involvesSensitiveData is true, ensures sensitiveDataCondition is set.
- *
- * @param activity The processing activity to validate
- * @returns Validation result with errors and warnings
- */
-declare function validateProcessingActivity(activity: ProcessingActivity): LawfulBasisValidationResult;
-/**
- * Returns a human-readable description of a lawful basis with the relevant
- * NDPA section reference.
- *
- * @param basis The lawful basis to describe
- * @returns Description string including NDPA section reference
- */
-declare function getLawfulBasisDescription(basis: LawfulBasis): string;
-/**
- * Analyzes all processing activities and returns compliance gaps including
- * missing DPO approval, overdue reviews, undocumented justifications,
- * missing LIA for legitimate interests, and other documentation issues.
- *
- * @param activities Array of processing activities to analyze
- * @returns Array of identified compliance gaps
- */
-declare function assessComplianceGaps(activities: ProcessingActivity[]): LawfulBasisComplianceGap[];
-/**
- * Generates a summary of all lawful basis documentation across processing activities.
- *
- * @param activities Array of processing activities to summarize
- * @returns LawfulBasisSummary with counts, breakdowns, and flagged activities
- */
-declare function generateLawfulBasisSummary(activities: ProcessingActivity[]): LawfulBasisSummary;
-
-export { type LawfulBasisComplianceGap as L, type LawfulBasisValidationResult as a, assessComplianceGaps as b, getLawfulBasisDescription as c, generateLawfulBasisSummary as g, validateProcessingActivity as v };

package/dist/lawful-basis-C2eGaoHM.d.mts

@@ -1,57 +0,0 @@
-import { P as ProcessingActivity, a as LawfulBasisSummary, L as LawfulBasis } from './lawful-basis-Cv1VmDLn.mjs';
-
-/**
- * Validation result for a processing activity
- */
-interface LawfulBasisValidationResult {
-    isValid: boolean;
-    errors: string[];
-    warnings: string[];
-}
-/**
- * Compliance gap identified across processing activities
- */
-interface LawfulBasisComplianceGap {
-    activityId: string;
-    activityName: string;
-    type: 'missing_approval' | 'overdue_review' | 'missing_justification' | 'missing_lia' | 'missing_sensitive_condition' | 'missing_retention' | 'missing_data_categories' | 'missing_purposes';
-    severity: 'high' | 'medium' | 'low';
-    description: string;
-}
-/**
- * Validates that all required fields are present on a processing activity
- * and that the lawful basis is properly documented.
- *
- * If lawfulBasis is 'legitimate_interests', ensures a LIA justification exists.
- * If involvesSensitiveData is true, ensures sensitiveDataCondition is set.
- *
- * @param activity The processing activity to validate
- * @returns Validation result with errors and warnings
- */
-declare function validateProcessingActivity(activity: ProcessingActivity): LawfulBasisValidationResult;
-/**
- * Returns a human-readable description of a lawful basis with the relevant
- * NDPA section reference.
- *
- * @param basis The lawful basis to describe
- * @returns Description string including NDPA section reference
- */
-declare function getLawfulBasisDescription(basis: LawfulBasis): string;
-/**
- * Analyzes all processing activities and returns compliance gaps including
- * missing DPO approval, overdue reviews, undocumented justifications,
- * missing LIA for legitimate interests, and other documentation issues.
- *
- * @param activities Array of processing activities to analyze
- * @returns Array of identified compliance gaps
- */
-declare function assessComplianceGaps(activities: ProcessingActivity[]): LawfulBasisComplianceGap[];
-/**
- * Generates a summary of all lawful basis documentation across processing activities.
- *
- * @param activities Array of processing activities to summarize
- * @returns LawfulBasisSummary with counts, breakdowns, and flagged activities
- */
-declare function generateLawfulBasisSummary(activities: ProcessingActivity[]): LawfulBasisSummary;
-
-export { type LawfulBasisComplianceGap as L, type LawfulBasisValidationResult as a, assessComplianceGaps as b, getLawfulBasisDescription as c, generateLawfulBasisSummary as g, validateProcessingActivity as v };

package/dist/lawful-basis-Cv1VmDLn.d.mts

@@ -1,112 +0,0 @@
-/**
- * Lawful Basis types aligned with NDPA 2023 Part III (Sections 24-28)
- * Every processing activity must have a documented lawful basis
- */
-/**
- * The six lawful bases for processing personal data per NDPA Section 25(1)
- */
-type LawfulBasis = 'consent' | 'contract' | 'legal_obligation' | 'vital_interests' | 'public_interest' | 'legitimate_interests';
-/**
- * Additional conditions required for processing sensitive personal data
- * per NDPA Section 27
- */
-type SensitiveDataCondition = 'explicit_consent' | 'employment_law' | 'vital_interests_incapable' | 'nonprofit_legitimate' | 'publicly_available' | 'legal_claims' | 'substantial_public_interest' | 'health_purposes' | 'public_health' | 'archiving_research';
-/**
- * Represents a processing activity and its lawful basis
- */
-interface ProcessingActivity {
-    /** Unique identifier */
-    id: string;
-    /** Name of the processing activity */
-    name: string;
-    /** Description of what processing is performed */
-    description: string;
-    /** The lawful basis for this processing activity */
-    lawfulBasis: LawfulBasis;
-    /** Justification for why this lawful basis applies */
-    lawfulBasisJustification: string;
-    /** Categories of personal data being processed */
-    dataCategories: string[];
-    /** Whether sensitive personal data is involved */
-    involvesSensitiveData: boolean;
-    /** Condition for processing sensitive data (required if involvesSensitiveData is true) */
-    sensitiveDataCondition?: SensitiveDataCondition;
-    /** Categories of data subjects */
-    dataSubjectCategories: string[];
-    /** Purposes of the processing */
-    purposes: string[];
-    /** Data retention period */
-    retentionPeriod: string;
-    /** Justification for the retention period */
-    retentionJustification?: string;
-    /** Recipients or categories of recipients */
-    recipients?: string[];
-    /** Whether data is transferred outside Nigeria */
-    crossBorderTransfer: boolean;
-    /** Timestamp when the record was created */
-    createdAt: number;
-    /** Timestamp when the record was last updated */
-    updatedAt: number;
-    /** Next review date */
-    reviewDate?: number;
-    /** Status of the processing activity */
-    status: 'active' | 'inactive' | 'under_review' | 'archived';
-    /** DPO approval details */
-    dpoApproval?: {
-        approved: boolean;
-        approvedBy: string;
-        approvedAt: number;
-        notes?: string;
-    };
-}
-/**
- * Represents a Legitimate Interest Assessment (LIA)
- * Required when the lawful basis is 'legitimate_interests'
- */
-interface LegitimateInterestAssessment {
-    /** Unique identifier */
-    id: string;
-    /** ID of the associated processing activity */
-    processingActivityId: string;
-    /** Date the assessment was conducted */
-    assessmentDate: number;
-    /** Person who conducted the assessment */
-    assessor: {
-        name: string;
-        role: string;
-        email: string;
-    };
-    /** Description of the legitimate interest being pursued */
-    purposeTest: string;
-    /** Why the processing is necessary for this purpose */
-    necessityTest: string;
-    /** Balancing test: rights of data subject vs. legitimate interest */
-    balancingTest: string;
-    /** Safeguards applied to protect data subject rights */
-    safeguards: string[];
-    /** Overall conclusion */
-    conclusion: string;
-    /** Whether the assessment concluded the processing is justified */
-    approved: boolean;
-}
-/**
- * Summary of all lawful basis documentation for compliance reporting
- */
-interface LawfulBasisSummary {
-    /** Total number of processing activities */
-    totalActivities: number;
-    /** Breakdown by lawful basis */
-    byBasis: Record<LawfulBasis, number>;
-    /** Number of activities involving sensitive data */
-    sensitiveDataActivities: number;
-    /** Number of activities involving cross-border transfers */
-    crossBorderActivities: number;
-    /** Activities due for review */
-    activitiesDueForReview: ProcessingActivity[];
-    /** Activities without DPO approval */
-    activitiesWithoutApproval: ProcessingActivity[];
-    /** Last updated timestamp */
-    lastUpdated: number;
-}
-
-export type { LawfulBasis as L, ProcessingActivity as P, SensitiveDataCondition as S, LawfulBasisSummary as a, LegitimateInterestAssessment as b };

package/dist/lawful-basis-Cv1VmDLn.d.ts

@@ -1,112 +0,0 @@
-/**
- * Lawful Basis types aligned with NDPA 2023 Part III (Sections 24-28)
- * Every processing activity must have a documented lawful basis
- */
-/**
- * The six lawful bases for processing personal data per NDPA Section 25(1)
- */
-type LawfulBasis = 'consent' | 'contract' | 'legal_obligation' | 'vital_interests' | 'public_interest' | 'legitimate_interests';
-/**
- * Additional conditions required for processing sensitive personal data
- * per NDPA Section 27
- */
-type SensitiveDataCondition = 'explicit_consent' | 'employment_law' | 'vital_interests_incapable' | 'nonprofit_legitimate' | 'publicly_available' | 'legal_claims' | 'substantial_public_interest' | 'health_purposes' | 'public_health' | 'archiving_research';
-/**
- * Represents a processing activity and its lawful basis
- */
-interface ProcessingActivity {
-    /** Unique identifier */
-    id: string;
-    /** Name of the processing activity */
-    name: string;
-    /** Description of what processing is performed */
-    description: string;
-    /** The lawful basis for this processing activity */
-    lawfulBasis: LawfulBasis;
-    /** Justification for why this lawful basis applies */
-    lawfulBasisJustification: string;
-    /** Categories of personal data being processed */
-    dataCategories: string[];
-    /** Whether sensitive personal data is involved */
-    involvesSensitiveData: boolean;
-    /** Condition for processing sensitive data (required if involvesSensitiveData is true) */
-    sensitiveDataCondition?: SensitiveDataCondition;
-    /** Categories of data subjects */
-    dataSubjectCategories: string[];
-    /** Purposes of the processing */
-    purposes: string[];
-    /** Data retention period */
-    retentionPeriod: string;
-    /** Justification for the retention period */
-    retentionJustification?: string;
-    /** Recipients or categories of recipients */
-    recipients?: string[];
-    /** Whether data is transferred outside Nigeria */
-    crossBorderTransfer: boolean;
-    /** Timestamp when the record was created */
-    createdAt: number;
-    /** Timestamp when the record was last updated */
-    updatedAt: number;
-    /** Next review date */
-    reviewDate?: number;
-    /** Status of the processing activity */
-    status: 'active' | 'inactive' | 'under_review' | 'archived';
-    /** DPO approval details */
-    dpoApproval?: {
-        approved: boolean;
-        approvedBy: string;
-        approvedAt: number;
-        notes?: string;
-    };
-}
-/**
- * Represents a Legitimate Interest Assessment (LIA)
- * Required when the lawful basis is 'legitimate_interests'
- */
-interface LegitimateInterestAssessment {
-    /** Unique identifier */
-    id: string;
-    /** ID of the associated processing activity */
-    processingActivityId: string;
-    /** Date the assessment was conducted */
-    assessmentDate: number;
-    /** Person who conducted the assessment */
-    assessor: {
-        name: string;
-        role: string;
-        email: string;
-    };
-    /** Description of the legitimate interest being pursued */
-    purposeTest: string;
-    /** Why the processing is necessary for this purpose */
-    necessityTest: string;
-    /** Balancing test: rights of data subject vs. legitimate interest */
-    balancingTest: string;
-    /** Safeguards applied to protect data subject rights */
-    safeguards: string[];
-    /** Overall conclusion */
-    conclusion: string;
-    /** Whether the assessment concluded the processing is justified */
-    approved: boolean;
-}
-/**
- * Summary of all lawful basis documentation for compliance reporting
- */
-interface LawfulBasisSummary {
-    /** Total number of processing activities */
-    totalActivities: number;
-    /** Breakdown by lawful basis */
-    byBasis: Record<LawfulBasis, number>;
-    /** Number of activities involving sensitive data */
-    sensitiveDataActivities: number;
-    /** Number of activities involving cross-border transfers */
-    crossBorderActivities: number;
-    /** Activities due for review */
-    activitiesDueForReview: ProcessingActivity[];
-    /** Activities without DPO approval */
-    activitiesWithoutApproval: ProcessingActivity[];
-    /** Last updated timestamp */
-    lastUpdated: number;
-}
-
-export type { LawfulBasis as L, ProcessingActivity as P, SensitiveDataCondition as S, LawfulBasisSummary as a, LegitimateInterestAssessment as b };

package/dist/locale-CxJx2tzn.d.mts

@@ -1,25 +0,0 @@
-import { N as NDPRLocale, d as defaultLocale } from './sanitize-CxxwKxAx.mjs';
-
-declare const yorubaLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-declare const igboLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-declare const hausaLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-declare const pidginLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-/**
- * Deep merges a partial locale with the default English locale.
- * Any missing keys fall back to English.
- */
-declare function mergeLocale(partial?: NDPRLocale): typeof defaultLocale;
-
-export { hausaLocale as h, igboLocale as i, mergeLocale as m, pidginLocale as p, yorubaLocale as y };

package/dist/locale-DSkrtf-c.d.ts

@@ -1,25 +0,0 @@
-import { N as NDPRLocale, d as defaultLocale } from './sanitize-CxxwKxAx.js';
-
-declare const yorubaLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-declare const igboLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-declare const hausaLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-declare const pidginLocale: Required<{
-    [K in keyof NDPRLocale]: Required<NonNullable<NDPRLocale[K]>>;
-}>;
-
-/**
- * Deep merges a partial locale with the default English locale.
- * Any missing keys fall back to English.
- */
-declare function mergeLocale(partial?: NDPRLocale): typeof defaultLocale;
-
-export { hausaLocale as h, igboLocale as i, mergeLocale as m, pidginLocale as p, yorubaLocale as y };

package/dist/policy-engine-5qTfp2z4.d.mts

@@ -1,174 +0,0 @@
-import { O as OrganizationInfo } from './privacy-Ca6te9Ir.mjs';
-
-/**
- * Policy engine types for the adaptive privacy policy generator.
- * These types power the wizard-driven policy builder, compliance checker,
- * and export functionality — all aligned with the NDPA 2023.
- */
-
-/** Industry verticals with sector-specific compliance requirements. */
-type Industry = 'fintech' | 'healthcare' | 'ecommerce' | 'saas' | 'education' | 'government' | 'other';
-/** Organisation size tiers — affects complexity of generated language. */
-type OrgSize = 'startup' | 'midsize' | 'enterprise';
-/** Lawful processing purposes recognised under the NDPA. */
-type ProcessingPurpose = 'service_delivery' | 'marketing' | 'analytics' | 'research' | 'legal_compliance' | 'fraud_prevention';
-/** A logical category of personal data the organisation may collect. */
-interface DataCategory {
-    /** Machine-readable identifier. */
-    id: string;
-    /** Human-readable label shown in the wizard. */
-    label: string;
-    /** Grouping for display and compliance checks. */
-    group: 'identity' | 'financial' | 'behavioral' | 'sensitive' | 'children';
-    /** Specific data points within this category. */
-    dataPoints: string[];
-    /** Whether this category is currently selected by the user. */
-    selected: boolean;
-}
-/** A third-party entity that processes data on behalf of the organisation. */
-interface ThirdPartyProcessor {
-    /** Name of the third party. */
-    name: string;
-    /** Purpose of sharing data with this processor. */
-    purpose: string;
-    /** Country where the processor is located. */
-    country: string;
-}
-/** Full context used to generate an adaptive privacy policy. */
-interface TemplateContext {
-    /** Organisation details, extended with industry and size. */
-    org: OrganizationInfo & {
-        industry: Industry;
-        orgSize: OrgSize;
-        country: string;
-    };
-    /** Data categories the organisation collects. */
-    dataCategories: DataCategory[];
-    /** Processing purposes relevant to the organisation. */
-    purposes: ProcessingPurpose[];
-    /** Whether the organisation processes children's data. */
-    hasChildrenData: boolean;
-    /** Whether the organisation processes sensitive/special-category data. */
-    hasSensitiveData: boolean;
-    /** Whether the organisation processes financial data. */
-    hasFinancialData: boolean;
-    /** Whether data is transferred outside Nigeria. */
-    hasCrossBorderTransfer: boolean;
-    /** Whether automated decision-making or profiling is used. */
-    hasAutomatedDecisions: boolean;
-    /** Third-party processors that receive personal data. */
-    thirdPartyProcessors: ThirdPartyProcessor[];
-}
-/** A user-defined section added to the policy outside the generated ones. */
-interface CustomSection {
-    id: string;
-    title: string;
-    content: string;
-    order: number;
-    required: false;
-}
-/** Represents an in-progress policy being built in the wizard. */
-interface PolicyDraft {
-    /** Unique identifier for the draft. */
-    id: string;
-    /** The template context driving section generation. */
-    templateContext: TemplateContext;
-    /** Custom sections added by the user. */
-    customSections: CustomSection[];
-    /** Per-section content overrides keyed by section id. */
-    sectionOverrides: Record<string, string>;
-    /** Ordered list of section ids defining the final order. */
-    sectionOrder: string[];
-    /** Current wizard step (0-indexed). */
-    currentStep: number;
-    /** Timestamp of the last save. */
-    lastSavedAt: number;
-    /** The draft is always in "draft" status until finalised. */
-    status: 'draft';
-}
-/** A single gap found during NDPA compliance evaluation. */
-interface ComplianceGap {
-    /** Machine-readable requirement identifier. */
-    requirementId: string;
-    /** Human-readable name of the requirement. */
-    requirement: string;
-    /** Reference to the relevant NDPA section. */
-    ndpaSection: string;
-    /** How severe the gap is. */
-    severity: 'critical' | 'important' | 'recommended';
-    /** Explanation of what is missing. */
-    message: string;
-    /** Suggested fix type for the UI. */
-    fixType: 'add_section' | 'add_content' | 'fill_field';
-    /** Label for the fix action button. */
-    fixLabel: string;
-    /** Pre-written content the user can insert to close the gap. */
-    suggestedContent?: string;
-}
-/** Result of evaluating a policy against NDPA requirements. */
-interface ComplianceResult {
-    /** Points earned. */
-    score: number;
-    /** Maximum achievable points (115). */
-    maxScore: number;
-    /** Percentage score (0-100). */
-    percentage: number;
-    /** Overall compliance rating. */
-    rating: 'compliant' | 'nearly_compliant' | 'not_compliant';
-    /** List of identified compliance gaps. */
-    gaps: ComplianceGap[];
-    /** List of requirement ids that passed. */
-    passed: string[];
-}
-/** Options for PDF export of the finalised policy. */
-interface PDFExportOptions {
-    includeCoverPage?: boolean;
-    includeTOC?: boolean;
-    includeComplianceBadge?: boolean;
-    logoUrl?: string;
-    filename?: string;
-}
-/** Options for DOCX export of the finalised policy. */
-interface DOCXExportOptions {
-    includeTOC?: boolean;
-    filename?: string;
-}
-/** Options for HTML export of the finalised policy. */
-interface HTMLExportOptions {
-    includeStyles?: boolean;
-    includePrintCSS?: boolean;
-    customCSS?: string;
-    /**
-     * Theme controlling the embedded design tokens.
-     *
-     * - `'light'` (default): emits the light token palette only. No
-     *   `prefers-color-scheme: dark` block is included, so a visitor's OS
-     *   dark-mode setting will NOT recolour the policy. This is the right
-     *   default for an embedded compliance widget — most consumer host sites
-     *   are single-theme and Shadow DOM does not isolate `prefers-color-scheme`.
-     * - `'dark'`: emits the dark token palette as the primary style.
-     * - `'auto'`: emits light tokens plus a `@media (prefers-color-scheme: dark)`
-     *   block that swaps to dark on the user's OS preference. Use this when
-     *   your host site genuinely follows OS dark mode and you want the policy
-     *   to match.
-     *
-     * Pre-3.4.1 the export effectively behaved like `'auto'` unconditionally,
-     * which leaked dark colours into light-only host sites via Shadow DOM.
-     *
-     * @default 'light'
-     */
-    theme?: 'light' | 'dark' | 'auto';
-}
-/**
- * Comprehensive set of 16 data categories spanning identity, financial,
- * behavioral, sensitive, and children groups. Used to populate the wizard
- * and drive adaptive section generation.
- */
-declare const DEFAULT_DATA_CATEGORIES: DataCategory[];
-/**
- * Creates a default TemplateContext with sensible empty/initial values.
- * Useful for initialising the wizard state before the user begins editing.
- */
-declare function createDefaultContext(): TemplateContext;
-
-export { type ComplianceGap as C, type DataCategory as D, type HTMLExportOptions as H, type Industry as I, type OrgSize as O, type PolicyDraft as P, type TemplateContext as T, type ComplianceResult as a, type CustomSection as b, type ThirdPartyProcessor as c, createDefaultContext as d, DEFAULT_DATA_CATEGORIES as e, type DOCXExportOptions as f, type PDFExportOptions as g, type ProcessingPurpose as h };