Compliance

Work product from Carina. Proof from Scout.

Carina can run GDPR readiness and contract-review skills from the legal-uk pack. Immutable audit trails, SAR/erase APIs, and enterprise PDF exports are Scout capabilities, not Carina Core.

Who it is for

Ops, legal, and compliance contacts at companies deploying agents that handle personal data or need an audit trail for regulators and customers.

Problem it solves

After an agent runs, you must show what it did, respond to data subject requests, and document control gaps before production sign-off.

Outputs you get

  • Carina: GDPR gap memos, contract review notes (legal-uk pack); task files on disk
  • Scout: append-only audit log, GDPR SAR/erase API endpoints, compliance PDF exports (enterprise)
  • Public: live risk score at carinaai.uk/trust (read-only Scout data)

Config and integrations

  • Carina: legal-uk pack for gdpr-readiness-check and UK contract skills
  • Scout: required for production audit log and GDPR APIs; pair via carina setup
  • On-chain ERC-8004/8126 links: only when attestation wallet is configured (optional)
  • SOC2 Type II attestation: enterprise Scout sales engagement, not standard Scout

Example workflow

  1. Carina runs a GDPR readiness check skill and saves a gap memo for your DPO.
  2. Scout records every tool call during the session in the audit log.
  3. Compliance lead exports a GDPR readiness PDF from the Scout console for internal records.

"Run a GDPR readiness check for our UK SaaS handling customer emails and save the gap list to ./compliance/gdpr-gaps.md"

Scout pricing legal-uk pack

Scout compliance PDFs are not a substitute for legal advice. Carina outputs are drafts for human review.