GDPR Compliance Checks
ComplyGuard performs 15 checks related to the General Data Protection Regulation (GDPR). These checks verify that your website provides the required transparency and information obligations.
Rule-Based Checks
These checks run on all plans.
| Check | What We Look For | GDPR Reference |
|---|---|---|
| Privacy Policy Link | Scans the page for links containing keywords like “privacy”, “privacy policy”, or “data protection” | Art. 12, 13, 14 |
| Data Controller Information | Checks if the page identifies who is responsible for data processing | Art. 13(1)(a) |
| Cookie Consent Banner | Detects a cookie consent mechanism (banner, modal, or popup) before cookies are set | Art. 7, Recital 32 |
| Third-Party Trackers | Identifies third-party tracking scripts such as Google Analytics, Meta Pixel, Google Tag Manager, and others | Art. 6(1)(a) |
| Contact Information | Checks for visible contact information (email, phone, or address) | Art. 13(1)(a) |
AI-Powered Checks PRO
These checks analyze your privacy policy content.
| Check | What We Look For | GDPR Reference |
|---|---|---|
| Data Controller Identified | Reads the privacy policy to verify the data controller (company name, address) is clearly named | Art. 13(1)(a) |
| Legal Basis Stated | Checks if the privacy policy specifies the legal basis for each type of data processing (consent, legitimate interest, contract, etc.) | Art. 6, Art. 13(1)(c) |
| Data Subject Rights | Verifies that all data subject rights are described: right of access, rectification, erasure, restriction, portability, and objection | Art. 15-22 |
| Retention Periods | Checks if the privacy policy specifies how long personal data is stored or the criteria for determining retention | Art. 13(2)(a) |
| Third-Party Sharing | Verifies that the privacy policy discloses categories of recipients or specific third parties that receive personal data | Art. 13(1)(e) |
| International Transfers | Checks for information about data transfers to countries outside the EU/EEA, including safeguards in place | Art. 44-49 |
| DPO Contact | Looks for Data Protection Officer contact details (if applicable) | Art. 37-39 |
| Right to Complain | Checks if the right to lodge a complaint with a supervisory authority is mentioned | Art. 77 |
| Children’s Data | Verifies whether the privacy policy addresses the processing of children’s data and parental consent requirements | Art. 8 |
| Breach Notification | Checks for information about data breach notification procedures | Art. 33-34 |
AI-powered GDPR checks analyze the actual content of your privacy policy. Make sure your privacy policy page is publicly accessible and linked from your main website.