Dastra MCP. Automate compliance workflows via chat.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
Dastra manages full data privacy and GDPR compliance workflows for your AI client. It lets you handle Data Subject Requests (DSR), track security breaches, map sensitive datasets, and manage records of processing activities all from a single chat interface.
What your AI agents can do
Archive dsr
Marks a completed Data Subject Request as archived in the system.
Create breach
Registers an entirely new data breach incident record for tracking purposes.
Create dsr
Initiates a brand new Data Subject Request within the compliance system.
Create, retrieve details for, update the status of, or archive a specific data subject request.
Document and maintain records for new security breaches or incidents that require regulatory reporting.
List all documented datasets, processing activities (ROPA), and tags across your organization's workspaces.
Retrieve complete directories of actors—like controllers and processors—to maintain an accurate privacy registry.
List and coordinate compliance operations across multiple distinct workspaces or business units.
Ask AI about this MCP
Supported MCP Clients
OAuth 2.0 Compatible Gemini Waiting for input…
Dastra: 12 Tools for Compliance Management
These tools let you programmatically manage every aspect of data privacy, from creating a new Data Subject Request to documenting a major security breach.
Make your AI actually useful.
Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.
Start using Dastra on Vinkius019dd0dcarchive dsr
Marks a completed Data Subject Request as archived in the system.
019dd0dccreate breach
Registers an entirely new data breach incident record for tracking purposes.
019dd0dccreate dsr
Initiates a brand new Data Subject Request within the compliance system.
019dd0dcget dsr
Fetches all current details for one specific, existing DSR by its ID.
019dd0dclist actors
Retrieves a list of every actor defined in your compliance registry (controllers, processors).
019dd0dclist breaches
Returns a summary listing of all historical and active data breach records.
019dd0dclist datasets
Provides an overview list of datasets that are currently mapped in your environment.
019dd0dclist dsr
Lists all Data Subject Requests, showing status and creation dates.
019dd0dclist processings
Generates a list of recorded processing activities (ROPA) for auditing purposes.
019dd0dclist tags
Retrieves the full directory of tags used to classify data across your workspaces.
019dd0dclist workspaces
Lists all distinct, isolated operational workspaces available in your account.
019dd0dcupdate dsr
Modifies the status or details of an existing Data Subject Request record.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Dastra, then connect any of our 5,000+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 5,000+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Dastra. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 12 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Manually tracking compliance tasks is a nightmare of clicks and copy-pasting.
Today, managing data privacy means jumping between the Dastra portal, your internal ticketing system, and three separate spreadsheet tabs. You have to manually check dataset classifications, log every security incident, and then cross-reference who is a controller versus who is a processor just to build one simple audit report.
With this MCP, you simply talk to your agent. It coordinates the complex web of data flow—checking everything from `list_datasets` to `list_workspaces`. You get an immediate, consolidated view of your entire compliance posture without ever leaving your chat window.
Dastra MCP: Automated DSR and Incident Management
The manual steps that disappear are the tedious processes of creating a new record, checking its status across different systems, updating it when resolved, and finally archiving it. It used to be a multi-stage workflow requiring multiple user inputs.
Now, you issue one command: 'Update DSR ID X.' The MCP handles the entire lifecycle. It's not just easier; it makes compliance instantaneous.
What you can do with this MCP connector
Connect this MCP to any compatible agent to take control of your enterprise compliance tasks without logging into the Dastra portal. You can run full data governance workflows—from tracking every security incident to archiving finished Data Subject Requests—using natural conversation alone. Instead of manually digging through complex tables, you simply ask your AI client for a list of all active workspaces or a summary of records of processing activities (ROPA).
The system coordinates the entire compliance registry and privacy requests, acting as your dedicated DPO coordinator. Once connected via Vinkius, your agent handles everything: managing data flow across different business units, checking dataset classifications, and generating comprehensive directories of actors and tags instantly.
019dd0dc-9612-71ef-a097-ecb9d51a262c 
How Dastra MCP Works
- 1 Subscribe to this MCP and grab your API Access Token from Dastra's user profile.
- 2 Connect the token to your preferred AI client (Claude, Cursor, etc.) via Vinkius.
- 3 Ask a natural language question—for example, 'List all active workspaces'—and let your agent execute the required compliance tool calls.
The bottom line is: you use conversation to automate complex data governance processes that used to require multiple manual logins and reports.
Who Is Dastra MCP For?
This MCP is for Data Protection Officers (DPOs) who hate manually compiling audit logs, or Compliance Teams drowning in security incident documentation. If your job involves proving data governance compliance under GDPR/LGPD, you need this.
Checks DSR statuses and retrieves ROPA summaries instantly without leaving the chat window.
Automates the documentation of security incidents and monitors dataset classifications across various business units.
Integrates automated privacy right handling or data mapping into custom internal tools using simple AI queries.
What Changes When You Connect
- Instead of manually logging into the Dastra portal, your agent handles state changes. You can programmatically archive a request using
archive_dsror update its status usingupdate_dsr. This keeps everything centralized and auditable. - You gain full visibility over your data structure without needing to run complex queries. Just ask for it: the system will generate records of processing activities by calling
list_processings, giving you a clean ROPA summary immediately. - Never miss an incident report again. Your agent allows you to document and track security events using
create_breachor review past incidents withlist_breaches. This keeps your regulatory response perfectly coordinated. - The MCP lets you manage data flow across different departments simultaneously. You can run checks against multiple business units by listing all workspaces with a single query, calling
list_workspacesfirst. - Building the compliance picture is simple: ask for it. The system gathers necessary metadata from tools like
list_actors, allowing you to maintain an accurate and complete privacy registry instantly.
Real-World Use Cases
Handling a data deletion request.
A DPO receives a Right to Erasure notice. Instead of manually finding the record, they ask their agent to 'Create a new Data Subject Request' and then use get_dsr to track its progress until it can be archived with archive_dsr.
Responding to an audit query on data usage.
A Compliance Manager needs proof of how customer data is used. They ask the agent to list all processing activities using list_processings, which provides a clear ROPA summary for auditors.
Coordinating cross-departmental compliance.
A developer needs to check privacy status across three separate business units. They first use list_workspaces and then direct the agent to run checks on each environment individually, coordinating operations quickly.
Documenting a security lapse after hours.
An Ops engineer finds unauthorized access logs. Instead of filling out a paper form, they simply tell their agent to 'Create a new data breach record,' calling create_breach and getting an immediate incident ID.
The Tradeoffs
Treating the compliance dashboard like a database.
Trying to track down if 'Marketing' uses data from 'HR' by clicking through 10 different tabs and manually cross-referencing datasets. It takes hours and is error-prone.
→
Ask your agent directly for visibility into all current dataset classifications using list_datasets or running a process activity check via list_processings. The MCP does the heavy lifting.
Confusing listing with actioning.
Just seeing 'DSR pending' in one place, but having no idea who owns it or what step is next. You see a list, but you can't move anything forward.
→
Use list_dsr to get the full list, then ask your agent to use get_dsr on a specific ID. This gives you status and ownership details in one chat response.
Assuming compliance is passive.
Waiting for an audit or incident report to happen before doing anything about it, leaving the system vulnerable to unlogged activity.
→
Proactively list all actors using list_actors and periodically review your tag structure with list_tags. You keep the registry current even when nothing breaks.
When It Fits, When It Doesn't
Use this MCP if governance and auditability are mandatory parts of your daily job. If you need to manage data flow, record processing activities, or handle privacy rights requests (DSRs) programmatically across multiple systems, this is for you. Don't use it if your only goal is simple reporting on one static dataset; in that case, a basic catalog search tool would suffice. However, never rely solely on reading the list_datasets output because that doesn't tell you how the data moves or who controls it. Always follow up with tools like list_actors to ensure you have complete control context.
Common Questions About Dastra MCP
How do I check my data flow using list_processings? +
Calling list_processings shows you all documented processing activities (ROPA). This is the primary way to audit and understand exactly how your organization uses specific datasets.
Can I use create_dsr if someone asks for data right now? +
Yes, create_dsr immediately generates a new Data Subject Request record in the system. You'll get an ID that you can then track using get_dsr.
Do I need to use list_actors before creating a breach? +
No, calling list_actors and calling create_breach are separate functions. You run them independently based on what metadata you need or what event occurred.
What is the difference between list_workspaces and list_datasets? +
list_workspaces shows you isolated business environments (like 'HR' or 'Marketing'). list_datasets shows specific types of data that exist within those workspaces.
When I use get_dsr, what authentication details do I need to ensure it works? +
You must provide a valid API Access Token from your Dastra user profile. This token authorizes your agent to read specific data records, keeping the connection secure and ensuring you only access authorized PII.
If I need to adjust an existing request's status, how do I use update_dsr? +
You call the tool with the unique DSR ID and all necessary fields. The MCP validates your input against Dastra’s schema first. This prevents data corruption by ensuring you provide every required compliance field.
Are there rate limits when I use list_dsr to check a large volume of requests? +
The MCP handles standard API rate limiting for you. If your agent hits a usage ceiling, it will return an error code and pause execution immediately. The response tells you exactly when you can safely try again.
How do I use list_tags to determine which datasets are affected by compliance changes? +
You first run the list_tags tool to get available tag IDs. Then, pass those specific IDs into your dataset queries. This two-step process lets your agent check for exact matches before retrieving any sensitive data scope.
How do I find my Dastra Access Token? +
Log in to Dastra, click your profile icon, navigate to API Access, and generate a new Access Token for your account.
What is a DSR request? +
Data Subject Requests are exercises of privacy rights (Access, Erasure, etc.) submitted by individuals under data protection laws.
Can I manage multiple workspaces? +
Yes! Use the list_workspaces tool to identify your workspace IDs, then use them as parameters in other tools like list_dsr or list_breaches.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.