Trackers before consent. Not your fault, still your fine.
Trusted by
See it in action
50 checks. Corrections included.
How it works
Four steps, zero legalese.
Drop your URL
We crawl every legal page on your site in any EU language. Then a browser agent clicks through your cookie banners to check if they actually work.
We cross-examine
50 checks across 9 categories of EU law. Privacy, cookies, terms, eCommerce, security and accessibility, AI Act. Each grounded in the actual article and paragraph.
AI writes the fix
For every violation, we generate copy-paste corrections for your legal pages. Minimal, targeted changes, not full rewrites. Inline diff so you see exactly what changed.
Ship with confidence
Compliance score, fix estimates, and exportable reports in PDF or CSV. Track your progress across scans and watch your score climb.
The problem
10 frameworks. 27 countries. One website.
GDPR. ePrivacy. AI Act. DSA. Accessibility. Every quarter, Brussels adds another layer. Every country adds exceptions.
The pile never shrinks. And the fines stopped being theoretical a long time ago.
GDPR
Art. 13/14PrivacyYour privacy policy must disclose every category of personal data collected, each processing purpose, all third-party recipients, and the legal basis for each.
ePrivacy Directive
Art. 5(3)CookiesNo cookies or trackers may be placed on a user's device before obtaining explicit, informed consent. Pre-checked boxes do not constitute valid consent.
Consumer Rights Directive
Art. 6(1)ConsumerBefore checkout, display the total price including taxes, delivery costs, the trader's identity, a complaints address, and the 14-day withdrawal right.
GDPR
Art. 7(3)PrivacyWithdrawing consent must be as easy as giving it. If consent was one click, revocation cannot require emailing support or navigating five pages.
AI Act
Art. 50(1)AI ActAny AI system interacting with users must clearly disclose it is not human. Chatbots, virtual assistants, and AI-generated content all require labeling.
Accessibility Act
Art. 4Access.All e-commerce services must be perceivable, operable, and understandable for persons with disabilities. This includes screen reader support and keyboard navigation.
DSA
Art. 25ConsumerOnline interfaces shall not use dark patterns that distort or impair users' ability to make free and informed decisions.
GDPR
Art. 32SecurityImplement appropriate technical measures to ensure security of processing. This includes encryption of personal data in transit and at rest.
Omnibus Directive
Art. 6aConsumerEvery price reduction must show the prior price. The 'prior price' is the lowest price applied in the 30 days before the reduction.
ePrivacy Directive
Recital 32CookiesCookie consent banners must offer a genuine choice. Accept and reject must be equally prominent. No pre-selected categories except strictly necessary.
Consumer Rights Directive
Art. 11ConsumerProvide a standard withdrawal form. The consumer has 14 days to return goods without giving any reason. Refund within 14 days of receiving the return.
GDPR
Art. 6(1)PrivacyEvery processing activity needs a lawful basis. Legitimate interest requires a balancing test. Consent must be freely given, specific, and unambiguous.
NIS2 Directive
Art. 21SecurityEssential and important entities must adopt risk management measures including incident handling, supply chain security, and vulnerability disclosure.
AI Act
Art. 52AI ActProviders of AI systems generating synthetic content must ensure outputs are machine-readable as artificially generated or manipulated.
GDPR
Art. 83PrivacyInfringements may result in fines up to 20 million euros or 4% of annual worldwide turnover, whichever is higher.
GDPR
Art. 13/14PrivacyYour privacy policy must disclose every category of personal data collected, each processing purpose, all third-party recipients, and the legal basis for each.
ePrivacy Directive
Art. 5(3)CookiesNo cookies or trackers may be placed on a user's device before obtaining explicit, informed consent. Pre-checked boxes do not constitute valid consent.
Consumer Rights Directive
Art. 6(1)ConsumerBefore checkout, display the total price including taxes, delivery costs, the trader's identity, a complaints address, and the 14-day withdrawal right.
GDPR
Art. 7(3)PrivacyWithdrawing consent must be as easy as giving it. If consent was one click, revocation cannot require emailing support or navigating five pages.
AI Act
Art. 50(1)AI ActAny AI system interacting with users must clearly disclose it is not human. Chatbots, virtual assistants, and AI-generated content all require labeling.
Accessibility Act
Art. 4Access.All e-commerce services must be perceivable, operable, and understandable for persons with disabilities. This includes screen reader support and keyboard navigation.
DSA
Art. 25ConsumerOnline interfaces shall not use dark patterns that distort or impair users' ability to make free and informed decisions.
GDPR
Art. 32SecurityImplement appropriate technical measures to ensure security of processing. This includes encryption of personal data in transit and at rest.
Omnibus Directive
Art. 6aConsumerEvery price reduction must show the prior price. The 'prior price' is the lowest price applied in the 30 days before the reduction.
ePrivacy Directive
Recital 32CookiesCookie consent banners must offer a genuine choice. Accept and reject must be equally prominent. No pre-selected categories except strictly necessary.
Consumer Rights Directive
Art. 11ConsumerProvide a standard withdrawal form. The consumer has 14 days to return goods without giving any reason. Refund within 14 days of receiving the return.
GDPR
Art. 6(1)PrivacyEvery processing activity needs a lawful basis. Legitimate interest requires a balancing test. Consent must be freely given, specific, and unambiguous.
NIS2 Directive
Art. 21SecurityEssential and important entities must adopt risk management measures including incident handling, supply chain security, and vulnerability disclosure.
AI Act
Art. 52AI ActProviders of AI systems generating synthetic content must ensure outputs are machine-readable as artificially generated or manipulated.
GDPR
Art. 83PrivacyInfringements may result in fines up to 20 million euros or 4% of annual worldwide turnover, whichever is higher.
Pricing
Your lawyer charges more to say hello.
No sales calls. No annual lock-in. No “let me get back to you.” Pick a plan and ship.
The traditional route
Hire a Lawyer
Billable hours, mysterious invoices, and a vague sense of dread.
Results delivered in 2-4 weeks. Parking not included.
Or, hear us out, you could just...
Free
See what’s wrong before you pay to fix it.
- One full site scan across all EU regulations
- AI-generated corrections for every violation
- PDF and CSV reports
- Compliance evolution tracking over time
Watchdog
Always-on compliance monitoring. We scan, flag, and fix every month so you don’t have to think about it.
- 2 monthly scans across all EU regulations
- AI-generated corrections for every violation
- PDF and CSV reports
- Compliance evolution tracking over time
On-Demand Pack
Need more? New product launch, incoming due diligence, surge of complaints. Top up with 10 extra scans, valid forever.
- 10 extra scans with corrections
- Never expires, use them whenever
- Same engine, same depth, same everything
For developers
Too busy for compliance? Let your agent handle it.
Full REST API and MCP server. Scan, fix, and ship. No human in the loop.
REST API
Five endpoints. Trigger scans, poll status, pull findings, generate corrections. Bearer token auth.
View docsMCP Server
Drop it into Claude, Cursor, or any MCP-compatible agent. Compliance checks become a natural part of the conversation.
Setup guideCI/CD Ready
Run a scan on every deploy. Fail the build if your compliance score drops. Legal regressions caught before they ship.
Stop guessing, start knowing.
Your first scan takes less than five minutes. Find out what your legal pages are missing before a regulator does.
Get started free