Data Privacy Audit
Scan your website and find out which cookies
and tracking technologies are collecting data
Risk level
third-party requests
Please switch to desktop version for advanced audit report view.
first-party cookies
| Name Name of the cookie. | Domain The domain on which the cookie was found. | Expiry date The expiration date indicates the period of validity of the cookie. The cookie remains stored on the website visitor's computer until that date. |
Please switch to desktop version for advanced audit report view.
third-party cookies
| Name Name of the cookie. | Domain The domain on which the cookie was found. | Expiry date The expiration date indicates the period of validity of the cookie. The cookie remains stored on the website visitor's computer until that date. |
Please switch to desktop version for advanced audit report view.
third-party requests
| Host Name of the host domain for the request. Name of the host domain for the request. | Region Region of origin for the request. | URLs All third-party requests from the host domain. |
Please switch to desktop version for advanced audit report view.
Summary Report
General Information
URL
Host
Date
first-party cookies
| Name Name of the cookie. | Domain The domain on which the cookie was found. | Expiry date The expiration date indicates the period of validity of the cookie. The cookie remains stored on the website visitor's computer until that date. | HTTP A cookie with the "HTTP only" attribute is only accessible by the server and not by JavaScript in the web browser. This attribute helps reduce cross-site scripting (XSS) attacks. | Secure A cookie with the "Secure" attribute is sent to the server only through a secure HTTPS connection, not through any unsecured HTTP connection. | SameSite A cookie with "SameSite" attribute is sent to the server to indicate that it can only send the cookie if the request comes from the same website. This attribute helps prevent certain cross-site request forgery attacks (CSRF). |
third-party cookies
| Name Name of the cookie. | Domain The domain on which the cookie was found. | Expiry date The expiration date indicates the period of validity of the cookie. The cookie remains stored on the website visitor's computer until that date. | HTTP A cookie with the "HTTP only" attribute is only accessible by the server and not by JavaScript in the web browser. This attribute helps reduce cross-site scripting (XSS) attacks. | Secure A cookie with the "Secure" attribute is sent to the server only through a secure HTTPS connection, not through any unsecured HTTP connection. | SameSite A cookie with "SameSite" attribute is sent to the server to indicate that it can only send the cookie if the request comes from the same website. This attribute helps prevent certain cross-site request forgery attacks (CSRF). |
third-party requests
| Host Name of the host domain for the request. | IP-Address IP address for the request. | Region Geographic region the request is coming from. | URLs All third-party requests from the host domain. |
Loading
Loading...
We’re compiling your audit results.
This might take a few seconds.
This might take a few seconds.
How The Privacy Audit Works
The data privacy audit checks your website to determine current data privacy compliance risk level. This is based on requirements of privacy laws like the GDPR, CCPA, LGPD and POPIA. Compliance depends on the user consent for the website’s use of first-party cookies, third-party cookies and third-party requests to collect and share data.
“In order to be GDPR-compliant it was of great importance for us to carefully collect and document the consent of our website visitors. We initially had concerns that our relatively complex tag management would make the implementation more difficult. However, they were quickly dispelled.”
“Short implementation of 7 days for our first site. We can rollout templates with already defined consent technologies, so we stay concentrated on the real issues which bring us further.”
“It’s super easy to use with an intuitive dashboard. You can customise the CMP with just a few clicks. A/B testing is easily setup. Legal texts are up to date which saved me a lot of time”.
“We were looking for a tool that allows us to easily and conveniently implement GDPR compliance when using tracking and services on our website. Usercentrics was the ideal solution to find this as the tool covers all essential features and makes it possible for businesses to stay compliant without any hassle”.
FAQ
What is a data privacy audit?
A data privacy audit checks the use of first-party cookies, third-party cookies and third-party requests on your website. This determines if it collects and shares data in accordance with privacy regulations at a resulting low, medium or high risk level for privacy noncompliance.
What do I do with the privacy audit results?
Once you have identified which cookies and requests are being used by your website for data collection, you can begin to ask your website visitors for consent. A consent management platform (CMP) manages the gathering and storing of consents to help you achieve privacy compliance.
How do I achieve GDPR compliance?
We can’t provide specific legal advice, but there are some best practices. Appoint representatives for data privacy and protection initiatives. Know what data you collect and how it’s managed. Have a provable legal basis for data processing. Set up data processing agreements with third parties. Provide clear information to enable users’ consent choices. Download our GDPR Compliance Checklist for more information.
What does it mean if my website risk is low?
A low risk level means that the data privacy audit found that your website sets first-party cookies without explicitly asking users for consent. No third-party cookies or third-party requests were found.
What does it mean if my website risk is medium?
A medium risk level means that the data privacy audit found that your website is definitely not privacy compliant. Your website sets either an above average number of first-party cookies OR third-party cookies and/or third-party requests, without explicitly asking users for consent. You may be at risk of noncompliance penalties.
What does it mean if my website risk is high?
A high risk level means that the data privacy audit found that your website has substantial privacy compliance failures. Your website sets a large number of third-party cookies and third-party requests without explicitly asking users for consent. You may be at risk of noncompliance penalties.
What are cookies?
Cookies are small files set in web browsers that enable user identification tracking, personalized marketing and other functions. Some types of cookies share user data with third parties. Website operators should know which cookies they use and what data they collect. Valid consent can’t be requested from users without accurately communicating about cookie usage.
What are first-party cookies?
First-party cookies are set by websites while the user is on-site. They enable website providers to collect customer activity and analytics data, remember language and other preference settings, and carry out other useful user experience functions.
What are third-party cookies?
The riskiest type of cookies for privacy compliance, these are usually set for tracking and retargeting marketing campaigns. They are set by third-party servers, such as ad servers on publishers’ websites, and user data is shared.
What are third-party requests?
Third-party requests are files that are loaded from a website other than the one that the user is currently visiting. They usually are from vendors whose technology is implemented on the website where the user is active, or who use that website for advertising and tracking purposes.
Disclaimer: The Data Privacy Website Audit is intended to serve as a starting point for website operators to improve their data protection compliance. The results presented might not be 100% complete and should not be considered as an extensive compliance check. The results have no right to accuracy. Usercentrics does not assume any liability for the accuracy and completeness of the results.