Free GDPR & website-compliance check

Belgian SMEs face the same compliance demands as large corporations. A GDPR-compliant website, a cookie banner that actually works, a privacy policy that reflects how you really process data. The difference is budget.

A GDPR audit from a law firm costs €2,000–€15,000. A paid CMP starts around €10 per month and scales up fast once traffic exceeds 50,000 visits. For a bakery website, a dentist's practice page, or a small online shop with 20 products, that's disproportionate.

The tools on this page cover the most common checks. They don't replace legal advice. They tell you what's broken and how to fix it, in language your web developer can understand.

Each tool targets a specific point that regulators sanction. The APD/GBA fined IAB Europe €250,000 for its Transparency and Consent Framework, a decision upheld by the Brussels Market Court on 14 May 2024. The same flaws exist, on a smaller scale, across thousands of Belgian SME websites.

The cookie checker loads your page in a clean browser and checks which cookies are set before any click. If Google Analytics fires on page load, that's a problem. The security headers checker reads your HTTP responses and verifies the presence of CSP, HSTS, X-Content-Type-Options and others. Missing these headers isn't a direct GDPR violation, but it weakens your position under Article 32 GDPR (appropriate technical measures). The SPF Economy can also inspect your site for consumer protection compliance.

The privacy policy generator produces a document that matches your actual situation: with the right processors, purposes, and retention periods. It's not a copy-paste of a generic template.

Free tools answer one question at a time. Does your cookie banner respect refusal? Are your headers configured? Does your privacy policy cover the 14 elements of Articles 13 and 14 GDPR?

The full scan answers a broader question: is this site ready for an APD/GBA or SPF Economy inspection? It covers 7 categories in one pass, produces a shareable report for your web developer, and costs €2.50 for the full report.

For sites with fewer than ten pages and no e-commerce, free tools often suffice. For e-commerce, medical, legal, or any site processing sensitive data, the full scan is worth every cent.

For a first diagnosis, start with the free 60-second scan before moving to individual tools.

Are the free tools really free?

Yes. No signup, no credit card, no 7-day trial. You enter a URL, you get a result. The €2.50 full report is optional and only unlocks the full report from the main scan, not these tools.

Are they suitable for Belgian sites?

Yes. The GDPR is an EU-wide regulation, so the core rules are identical across member states. The APD/GBA applies a stricter position than some other DPAs on cookie walls and analytics cookies. You can read more on our Belgium page.

Can I use these tools to audit a client's site?

Yes. Many web designers, SEO consultants, and agencies use them before delivering a site. If you audit multiple sites per week, the Pro report becomes useful.

Are results legal proof?

No. This is technical analysis. It shows what an automated crawler sees, similar to how an APD/GBA inspector first checks a site's public behaviour. For formal proof, a notary or specialist firm is needed.

Is my test data stored?

No. We only scan public pages, like any visitor. We don't store scanned URLs beyond the time needed to display the result.