Dastra MCP for AI. Automate compliance workflows via chat.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Connect to your AI in seconds.
Dastra manages full data privacy and GDPR compliance workflows for your AI client. It lets you handle Data Subject Requests (DSR), track security breaches, map sensitive datasets, and manage records of processing activities all from a single chat interface.
What your AI can do
Archive dsr
Marks a completed Data Subject Request as archived in the system.
Create breach
Registers an entirely new data breach incident record for tracking purposes.
Create dsr
Initiates a brand new Data Subject Request within the compliance system.
Create, retrieve details for, update the status of, or archive a specific data subject request.
Document and maintain records for new security breaches or incidents that require regulatory reporting.
List all documented datasets, processing activities (ROPA), and tags across your organization's workspaces.
Retrieve complete directories of actors—like controllers and processors—to maintain an accurate privacy registry.
List and coordinate compliance operations across multiple distinct workspaces or business units.
Ask an AI about this
Waiting for input…
Dastra: 12 Tools for Compliance Management
These tools let you programmatically manage every aspect of data privacy, from creating a new Data Subject Request to documenting a major security breach.
Make your AI actually useful.
Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.
Start using Dastra on VinkiusArchive Dsr
Marks a completed Data Subject Request as archived in the system.
Create Breach
Registers an entirely new data breach incident record for tracking purposes.
Create Dsr
Initiates a brand new Data Subject Request within the compliance system.
Get Dsr
Fetches all current details for one specific, existing DSR by its ID.
List Actors
Retrieves a list of every actor defined in your compliance registry (controllers...
List Breaches
Returns a summary listing of all historical and active data breach records.
List Datasets
Provides an overview list of datasets that are currently mapped in your environment.
List Dsr
Lists all Data Subject Requests, showing status and creation dates.
List Processings
Generates a list of recorded processing activities (ROPA) for auditing purposes.
List Tags
Retrieves the full directory of tags used to classify data across your workspaces.
List Workspaces
Lists all distinct, isolated operational workspaces available in your account.
Update Dsr
Modifies the status or details of an existing Data Subject Request record.
Security and governance baked right in.
Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.
Claude AI
Open Claude Settings
Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.
Add Custom Connector
Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:
https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp
Replace [YOUR_TOKEN_HERE] with your token
from cloud.vinkius.com. For OAuth-protected servers, expand
Advanced settings to add credentials.
Start a conversation
Open a new chat. The Dastra integration is available immediately — no restart needed.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Dastra, then connect any of our 5,100+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 5,100+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Dastra. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This connection provides 12 powerful capabilities that interface natively with Claude, ChatGPT, Cursor, and other compatible AI platforms. No middleware. No custom integration required.
Manually tracking compliance tasks is a nightmare of clicks and copy-pasting.
Today, managing data privacy means jumping between the Dastra portal, your internal ticketing system, and three separate spreadsheet tabs. You have to manually check dataset classifications, log every security incident, and then cross-reference who is a controller versus who is a processor just to build one simple audit report.
With this MCP, you simply talk to your agent. It coordinates the complex web of data flow—checking everything from `list_datasets` to `list_workspaces`. You get an immediate, consolidated view of your entire compliance posture without ever leaving your chat window.
Dastra MCP: Automated DSR and Incident Management
The manual steps that disappear are the tedious processes of creating a new record, checking its status across different systems, updating it when resolved, and finally archiving it. It used to be a multi-stage workflow requiring multiple user inputs.
Now, you issue one command: 'Update DSR ID X.' The MCP handles the entire lifecycle. It's not just easier; it makes compliance instantaneous.
What your AI can actually do with this
Connect this MCP to any compatible agent to take control of your enterprise compliance tasks without logging into the Dastra portal. You can run full data governance workflows—from tracking every security incident to archiving finished Data Subject Requests—using natural conversation alone. Instead of manually digging through complex tables, you simply ask your AI client for a list of all active workspaces or a summary of records of processing activities (ROPA).
The system coordinates the entire compliance registry and privacy requests, acting as your dedicated DPO coordinator. Once connected via Vinkius, your agent handles everything: managing data flow across different business units, checking dataset classifications, and generating comprehensive directories of actors and tags instantly.
019dd0dc-9612-71ef-a097-ecb9d51a262c 
Here's how it actually works
The bottom line is: you use conversation to automate complex data governance processes that used to require multiple manual logins and reports.
Subscribe to this MCP and grab your API Access Token from Dastra's user profile.
Connect the token to your preferred AI client (Claude, Cursor, etc.) via Vinkius.
Ask a natural language question—for example, 'List all active workspaces'—and let your agent execute the required compliance tool calls.
Who is this actually for?
This MCP is for Data Protection Officers (DPOs) who hate manually compiling audit logs, or Compliance Teams drowning in security incident documentation. If your job involves proving data governance compliance under GDPR/LGPD, you need this.
Checks DSR statuses and retrieves ROPA summaries instantly without leaving the chat window.
Automates the documentation of security incidents and monitors dataset classifications across various business units.
Integrates automated privacy right handling or data mapping into custom internal tools using simple AI queries.
What Changes When You Connect
Instead of manually logging into the Dastra portal, your agent handles state changes. You can programmatically archive a request using archive_dsr or update its status using update_dsr. This keeps everything centralized and auditable.
You gain full visibility over your data structure without needing to run complex queries. Just ask for it: the system will generate records of processing activities by calling list_processings, giving you a clean ROPA summary immediately.
Never miss an incident report again. Your agent allows you to document and track security events using create_breach or review past incidents with list_breaches. This keeps your regulatory response perfectly coordinated.
The MCP lets you manage data flow across different departments simultaneously. You can run checks against multiple business units by listing all workspaces with a single query, calling list_workspaces first.
Building the compliance picture is simple: ask for it. The system gathers necessary metadata from tools like list_actors, allowing you to maintain an accurate and complete privacy registry instantly.
See it in action
Handling a data deletion request.
A DPO receives a Right to Erasure notice. Instead of manually finding the record, they ask their agent to 'Create a new Data Subject Request' and then use get_dsr to track its progress until it can be archived with archive_dsr.
Responding to an audit query on data usage.
A Compliance Manager needs proof of how customer data is used. They ask the agent to list all processing activities using list_processings, which provides a clear ROPA summary for auditors.
Coordinating cross-departmental compliance.
A developer needs to check privacy status across three separate business units. They first use list_workspaces and then direct the agent to run checks on each environment individually, coordinating operations quickly.
Documenting a security lapse after hours.
An Ops engineer finds unauthorized access logs. Instead of filling out a paper form, they simply tell their agent to 'Create a new data breach record,' calling create_breach and getting an immediate incident ID.
The honest tradeoffs
Treating the compliance dashboard like a database.
Trying to track down if 'Marketing' uses data from 'HR' by clicking through 10 different tabs and manually cross-referencing datasets. It takes hours and is error-prone.
Ask your agent directly for visibility into all current dataset classifications using list_datasets or running a process activity check via list_processings. The MCP does the heavy lifting.
Confusing listing with actioning.
Just seeing 'DSR pending' in one place, but having no idea who owns it or what step is next. You see a list, but you can't move anything forward.
Use list_dsr to get the full list, then ask your agent to use get_dsr on a specific ID. This gives you status and ownership details in one chat response.
Assuming compliance is passive.
Waiting for an audit or incident report to happen before doing anything about it, leaving the system vulnerable to unlogged activity.
Proactively list all actors using list_actors and periodically review your tag structure with list_tags. You keep the registry current even when nothing breaks.
When It Fits, When It Doesn't
Use this MCP if governance and auditability are mandatory parts of your daily job. If you need to manage data flow, record processing activities, or handle privacy rights requests (DSRs) programmatically across multiple systems, this is for you. Don't use it if your only goal is simple reporting on one static dataset; in that case, a basic catalog search tool would suffice. However, never rely solely on reading the list_datasets output because that doesn't tell you how the data moves or who controls it. Always follow up with tools like list_actors to ensure you have complete control context.
Questions you might have
How do I check my data flow using list_processings? +
Calling list_processings shows you all documented processing activities (ROPA). This is the primary way to audit and understand exactly how your organization uses specific datasets.
Can I use create_dsr if someone asks for data right now? +
Yes, create_dsr immediately generates a new Data Subject Request record in the system. You'll get an ID that you can then track using get_dsr.
Do I need to use list_actors before creating a breach? +
No, calling list_actors and calling create_breach are separate functions. You run them independently based on what metadata you need or what event occurred.
What is the difference between list_workspaces and list_datasets? +
list_workspaces shows you isolated business environments (like 'HR' or 'Marketing'). list_datasets shows specific types of data that exist within those workspaces.
When I use get_dsr, what authentication details do I need to ensure it works? +
You must provide a valid API Access Token from your Dastra user profile. This token authorizes your agent to read specific data records, keeping the connection secure and ensuring you only access authorized PII.
If I need to adjust an existing request's status, how do I use update_dsr? +
You call the tool with the unique DSR ID and all necessary fields. The MCP validates your input against Dastra’s schema first. This prevents data corruption by ensuring you provide every required compliance field.
Are there rate limits when I use list_dsr to check a large volume of requests? +
The MCP handles standard API rate limiting for you. If your agent hits a usage ceiling, it will return an error code and pause execution immediately. The response tells you exactly when you can safely try again.
How do I use list_tags to determine which datasets are affected by compliance changes? +
You first run the list_tags tool to get available tag IDs. Then, pass those specific IDs into your dataset queries. This two-step process lets your agent check for exact matches before retrieving any sensitive data scope.
How do I find my Dastra Access Token? +
Log in to Dastra, click your profile icon, navigate to API Access, and generate a new Access Token for your account.
What is a DSR request? +
Data Subject Requests are exercises of privacy rights (Access, Erasure, etc.) submitted by individuals under data protection laws.
Can I manage multiple workspaces? +
Yes! Use the list_workspaces tool to identify your workspace IDs, then use them as parameters in other tools like list_dsr or list_breaches.
We've already built the connector for Dastra. Just plug in your AI agents and start using Vinkius.
No hosting. No infrastructure. No complex setup.
All 12 tools are live and waiting.
You're up and running in seconds.
Gemini Vinkius gives your AI agents access to the full catalog of app connectors, all fully managed, secure, and enterprise-ready. One subscription, every tool you need.
Built, hosted, and secured by Vinkius. You just connect and go.