Dastra MCP. Automate compliance workflows via chat.

Q: How do I check my data flow using listprocessings?

Calling listprocessings shows you all documented processing activities (ROPA). This is the primary way to audit and understand exactly how your organization uses specific datasets.

Q: Can I use createdsr if someone asks for data right now?

Yes, createdsr immediately generates a new Data Subject Request record in the system. You'll get an ID that you can then track using getdsr.

Q: Do I need to use listactors before creating a breach?

No, calling listactors and calling createbreach are separate functions. You run them independently based on what metadata you need or what event occurred.

Q: What is the difference between listworkspaces and listdatasets?

listworkspaces shows you isolated business environments (like 'HR' or 'Marketing'). listdatasets shows specific types of data that exist within those workspaces.

Q: How do I use listtags to determine which datasets are affected by compliance changes?

You first run the listtags tool to get available tag IDs. Then, pass those specific IDs into your dataset queries. This two-step process lets your agent check for exact matches before retrieving any sensitive data scope.

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

See Vinkius in Action

Works with every AI agent you already use

…and any MCP-compatible client

Just plug in your AI agents and start using Vinkius.

Dastra manages full data privacy and GDPR compliance workflows for your AI client. It lets you handle Data Subject Requests (DSR), track security breaches, map sensitive datasets, and manage records of processing activities all from a single chat interface.

What your AI agents can do

Archive dsr

Marks a completed Data Subject Request as archived in the system.

Create breach

Registers an entirely new data breach incident record for tracking purposes.

Create dsr

Initiates a brand new Data Subject Request within the compliance system.

+ 9 more capabilities included

Manage Data Subject Requests (DSR)

Create, retrieve details for, update the status of, or archive a specific data subject request.

Track Security Incidents

Document and maintain records for new security breaches or incidents that require regulatory reporting.

Analyze Data Flow

List all documented datasets, processing activities (ROPA), and tags across your organization's workspaces.

Audit Privacy Actors

Retrieve complete directories of actors—like controllers and processors—to maintain an accurate privacy registry.

Scope Operations

List and coordinate compliance operations across multiple distinct workspaces or business units.

Ask AI about this MCP

Supported MCP Clients

OAuth 2.0 Compatible

Claude

ChatGPT

Cursor

Gemini

VS Code

JetBrains

Vercel

Zendesk

+ other MCP clients

Included with Plan

Waiting for input…

AI Agent

Dastra: 12 Tools for Compliance Management

These tools let you programmatically manage every aspect of data privacy, from creating a new Data Subject Request to documenting a major security breach.

Make your AI actually useful.

Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.

Start using Dastra on Vinkius

archive019dd0dc

archive dsr

Marks a completed Data Subject Request as archived in the system.

create019dd0dc

create breach

Registers an entirely new data breach incident record for tracking purposes.

create019dd0dc

create dsr

Initiates a brand new Data Subject Request within the compliance system.

get019dd0dc

get dsr

Fetches all current details for one specific, existing DSR by its ID.

list019dd0dc

list actors

Retrieves a list of every actor defined in your compliance registry (controllers, processors).

list019dd0dc

list breaches

Returns a summary listing of all historical and active data breach records.

list019dd0dc

list datasets

Provides an overview list of datasets that are currently mapped in your environment.

list019dd0dc

list dsr

Lists all Data Subject Requests, showing status and creation dates.

list019dd0dc

list processings

Generates a list of recorded processing activities (ROPA) for auditing purposes.

list019dd0dc

list tags

Retrieves the full directory of tags used to classify data across your workspaces.

list019dd0dc

list workspaces

Lists all distinct, isolated operational workspaces available in your account.

update019dd0dc

update dsr

Modifies the status or details of an existing Data Subject Request record.

Choose How to Get Started

Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.

Build Your Own

Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.

Import from OpenAPI, Swagger, or YAML specs
Create Agent Skills with progressive disclosure
Deploy to edge with MCPFusion framework
Built in DLP, auth, and compliance on every call
Real time usage dashboard and cost metering
Publish to catalog or keep private

Start building

Make Your AI Do More

Start with Dastra, then connect any of our 5,000+ other servers whenever your AI needs more. One click, no limits.

Use this MCP plus 5,000+ others, all in one place
Add new capabilities to your AI anytime you want
Every connection is secured and compliant automatically
Track usage and costs across all your servers
Works with Claude, ChatGPT, Cursor, and more
New servers added to the catalog every week

Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Dastra. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.

VINKIUS INFRASTRUCTURE

Cloud Hosted

Managed infra

V8 Isolated

Sandboxed per request

Zero-Trust Proxy

No stored credentials

DLP Enforced

Policy on every call

GDPR Compliant

EU data residency

Token Compression

~60% cost reduction

Your data is protected. See how we built it.

Works with Claude, ChatGPT, Cursor, and more

The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.

This server provides 12 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.

Manually tracking compliance tasks is a nightmare of clicks and copy-pasting.

Today, managing data privacy means jumping between the Dastra portal, your internal ticketing system, and three separate spreadsheet tabs. You have to manually check dataset classifications, log every security incident, and then cross-reference who is a controller versus who is a processor just to build one simple audit report.

With this MCP, you simply talk to your agent. It coordinates the complex web of data flow—checking everything from `list_datasets` to `list_workspaces`. You get an immediate, consolidated view of your entire compliance posture without ever leaving your chat window.

Dastra MCP: Automated DSR and Incident Management

The manual steps that disappear are the tedious processes of creating a new record, checking its status across different systems, updating it when resolved, and finally archiving it. It used to be a multi-stage workflow requiring multiple user inputs.

Now, you issue one command: 'Update DSR ID X.' The MCP handles the entire lifecycle. It's not just easier; it makes compliance instantaneous.

Support 24/7 support@vinkius.com ↗

Security Vinkius Trust Center ↗

SLA Service Level Agreement ↗

Report Listing Send Report ↗

What you can do with this MCP connector

Connect this MCP to any compatible agent to take control of your enterprise compliance tasks without logging into the Dastra portal. You can run full data governance workflows—from tracking every security incident to archiving finished Data Subject Requests—using natural conversation alone. Instead of manually digging through complex tables, you simply ask your AI client for a list of all active workspaces or a summary of records of processing activities (ROPA).

The system coordinates the entire compliance registry and privacy requests, acting as your dedicated DPO coordinator. Once connected via Vinkius, your agent handles everything: managing data flow across different business units, checking dataset classifications, and generating comprehensive directories of actors and tags instantly.

Built · Hosted · Managed by Vinkius Dastra MCP - GDPR & Data Compliance Automation Server ID 019dd0dc-9612-71ef-a097-ecb9d51a262c

Vinkius Inspector

Compliance Grade A+

Score 100/100

Report View Report ↗

What Changes When You Connect

Instead of manually logging into the Dastra portal, your agent handles state changes. You can programmatically archive a request using archive_dsr or update its status using update_dsr. This keeps everything centralized and auditable.
You gain full visibility over your data structure without needing to run complex queries. Just ask for it: the system will generate records of processing activities by calling list_processings, giving you a clean ROPA summary immediately.
Never miss an incident report again. Your agent allows you to document and track security events using create_breach or review past incidents with list_breaches. This keeps your regulatory response perfectly coordinated.
The MCP lets you manage data flow across different departments simultaneously. You can run checks against multiple business units by listing all workspaces with a single query, calling list_workspaces first.
Building the compliance picture is simple: ask for it. The system gathers necessary metadata from tools like list_actors, allowing you to maintain an accurate and complete privacy registry instantly.

Real-World Use Cases

Handling a data deletion request.

A DPO receives a Right to Erasure notice. Instead of manually finding the record, they ask their agent to 'Create a new Data Subject Request' and then use get_dsr to track its progress until it can be archived with archive_dsr.

Responding to an audit query on data usage.

A Compliance Manager needs proof of how customer data is used. They ask the agent to list all processing activities using list_processings, which provides a clear ROPA summary for auditors.

Coordinating cross-departmental compliance.

A developer needs to check privacy status across three separate business units. They first use list_workspaces and then direct the agent to run checks on each environment individually, coordinating operations quickly.

Documenting a security lapse after hours.

An Ops engineer finds unauthorized access logs. Instead of filling out a paper form, they simply tell their agent to 'Create a new data breach record,' calling create_breach and getting an immediate incident ID.

The Tradeoffs

Treating the compliance dashboard like a database.

Trying to track down if 'Marketing' uses data from 'HR' by clicking through 10 different tabs and manually cross-referencing datasets. It takes hours and is error-prone.

→ Ask your agent directly for visibility into all current dataset classifications using list_datasets or running a process activity check via list_processings. The MCP does the heavy lifting.

Confusing listing with actioning.

Just seeing 'DSR pending' in one place, but having no idea who owns it or what step is next. You see a list, but you can't move anything forward.

→ Use list_dsr to get the full list, then ask your agent to use get_dsr on a specific ID. This gives you status and ownership details in one chat response.

Assuming compliance is passive.

Waiting for an audit or incident report to happen before doing anything about it, leaving the system vulnerable to unlogged activity.

→ Proactively list all actors using list_actors and periodically review your tag structure with list_tags. You keep the registry current even when nothing breaks.

When It Fits, When It Doesn't

Use this MCP if governance and auditability are mandatory parts of your daily job. If you need to manage data flow, record processing activities, or handle privacy rights requests (DSRs) programmatically across multiple systems, this is for you. Don't use it if your only goal is simple reporting on one static dataset; in that case, a basic catalog search tool would suffice. However, never rely solely on reading the list_datasets output because that doesn't tell you how the data moves or who controls it. Always follow up with tools like list_actors to ensure you have complete control context.

Common Questions About Dastra MCP

How do I check my data flow using list_processings? +

Calling list_processings shows you all documented processing activities (ROPA). This is the primary way to audit and understand exactly how your organization uses specific datasets.

Can I use create_dsr if someone asks for data right now? +

Yes, create_dsr immediately generates a new Data Subject Request record in the system. You'll get an ID that you can then track using get_dsr.

Do I need to use list_actors before creating a breach? +

No, calling list_actors and calling create_breach are separate functions. You run them independently based on what metadata you need or what event occurred.

What is the difference between list_workspaces and list_datasets? +

list_workspaces shows you isolated business environments (like 'HR' or 'Marketing'). list_datasets shows specific types of data that exist within those workspaces.

When I use get_dsr, what authentication details do I need to ensure it works? +

You must provide a valid API Access Token from your Dastra user profile. This token authorizes your agent to read specific data records, keeping the connection secure and ensuring you only access authorized PII.

If I need to adjust an existing request's status, how do I use update_dsr? +

You call the tool with the unique DSR ID and all necessary fields. The MCP validates your input against Dastra’s schema first. This prevents data corruption by ensuring you provide every required compliance field.

Are there rate limits when I use list_dsr to check a large volume of requests? +

The MCP handles standard API rate limiting for you. If your agent hits a usage ceiling, it will return an error code and pause execution immediately. The response tells you exactly when you can safely try again.

How do I use list_tags to determine which datasets are affected by compliance changes? +

You first run the list_tags tool to get available tag IDs. Then, pass those specific IDs into your dataset queries. This two-step process lets your agent check for exact matches before retrieving any sensitive data scope.

How do I find my Dastra Access Token? +

What is a DSR request? +

Data Subject Requests are exercises of privacy rights (Access, Erasure, etc.) submitted by individuals under data protection laws.

Can I manage multiple workspaces? +

Yes! Use the list_workspaces tool to identify your workspace IDs, then use them as parameters in other tools like list_dsr or list_breaches.

Use it with your favorite AI tools

Connect this server to Cursor, Claude, VS Code, and more.