Data Privacy Audit
Scan your website and find out which cookies
and tracking technologies are collecting data
Scan your website and find out which cookies
and tracking technologies are collecting data
Host Name of the host domain for the request. Name of the host domain for the request. | Region Region of origin for the request. | URLs All third-party requests from the host domain. |
URL
Host
Date
Name Name of the cookie. | Domain The domain on which the cookie was found. | Expiry date The expiration date indicates the period of validity of the cookie. The cookie remains stored on the website visitor's computer until that date. | HTTP A cookie with the "HTTP only" attribute is only accessible by the server and not by JavaScript in the web browser. This attribute helps reduce cross-site scripting (XSS) attacks. | Secure A cookie with the "Secure" attribute is sent to the server only through a secure HTTPS connection, not through any unsecured HTTP connection. | SameSite A cookie with "SameSite" attribute is sent to the server to indicate that it can only send the cookie if the request comes from the same website. This attribute helps prevent certain cross-site request forgery attacks (CSRF). |
Name Name of the cookie. | Domain The domain on which the cookie was found. | Expiry date The expiration date indicates the period of validity of the cookie. The cookie remains stored on the website visitor's computer until that date. | HTTP A cookie with the "HTTP only" attribute is only accessible by the server and not by JavaScript in the web browser. This attribute helps reduce cross-site scripting (XSS) attacks. | Secure A cookie with the "Secure" attribute is sent to the server only through a secure HTTPS connection, not through any unsecured HTTP connection. | SameSite A cookie with "SameSite" attribute is sent to the server to indicate that it can only send the cookie if the request comes from the same website. This attribute helps prevent certain cross-site request forgery attacks (CSRF). |
Host Name of the host domain for the request. | IP-Address IP address for the request. | Region Geographic region the request is coming from. | URLs All third-party requests from the host domain. |
The data privacy audit checks your website to determine current data privacy compliance risk level. This is based on requirements of privacy laws like the GDPR, CCPA, LGPD and POPIA. Compliance depends on the user consent for the website’s use of first-party cookies, third-party cookies and third-party requests to collect and share data.
A data privacy audit checks the use of first-party cookies, third-party cookies and third-party requests on your website. This determines if it collects and shares data in accordance with privacy regulations at a resulting low, medium or high risk level for privacy noncompliance.
Once you have identified which cookies and requests are being used by your website for data collection, you can begin to ask your website visitors for consent. A consent management platform (CMP) manages the gathering and storing of consents to help you achieve privacy compliance.
We can’t provide specific legal advice, but there are some best practices. Appoint representatives for data privacy and protection initiatives. Know what data you collect and how it’s managed. Have a provable legal basis for data processing. Set up data processing agreements with third parties. Provide clear information to enable users’ consent choices. Download our GDPR Compliance Checklist for more information.
A low risk level means that the data privacy audit found that your website sets first-party cookies without explicitly asking users for consent. No third-party cookies or third-party requests were found.
A medium risk level means that the data privacy audit found that your website is definitely not privacy compliant. Your website sets either an above average number of first-party cookies OR third-party cookies and/or third-party requests, without explicitly asking users for consent. You may be at risk of noncompliance penalties.
A high risk level means that the data privacy audit found that your website has substantial privacy compliance failures. Your website sets a large number of third-party cookies and third-party requests without explicitly asking users for consent. You may be at risk of noncompliance penalties.
Cookies are small files set in web browsers that enable user identification tracking, personalized marketing and other functions. Some types of cookies share user data with third parties. Website operators should know which cookies they use and what data they collect. Valid consent can’t be requested from users without accurately communicating about cookie usage.
First-party cookies are set by websites while the user is on-site. They enable website providers to collect customer activity and analytics data, remember language and other preference settings, and carry out other useful user experience functions.
The riskiest type of cookies for privacy compliance, these are usually set for tracking and retargeting marketing campaigns. They are set by third-party servers, such as ad servers on publishers’ websites, and user data is shared.
Third-party requests are files that are loaded from a website other than the one that the user is currently visiting. They usually are from vendors whose technology is implemented on the website where the user is active, or who use that website for advertising and tracking purposes.
Disclaimer: The Data Privacy Website Audit is intended to serve as a starting point for website operators to improve their data protection compliance. The results presented might not be 100% complete and should not be considered as an extensive compliance check. The results have no right to accuracy. Usercentrics does not assume any liability for the accuracy and completeness of the results.