This is a sample report. Scan your own website free โ
Scanned on 29 March 2026
example-restaurant.nl
Poor
12 issues found
Issues by Category
Findings
Getty Images stock photo detected
An image loaded from media.gettyimages.com was found on the homepage. Using Getty Images without a license can result in demand letters of โฌ1,000-10,000+.
Google Analytics loaded before consent
The _ga and _gid cookies from Google Analytics are set immediately on page load, before any cookie consent is given. This violates GDPR Article 5(1)(a) and the ePrivacy Directive.
Privacy policy not found
No link to a privacy policy was found on the website. Dutch privacy law (AVG/UAVG) requires every website processing personal data to have an accessible privacy policy.
8 images missing alt text
8 images on the homepage do not have alt attributes. Screen readers cannot describe these images to visually impaired users. Required by WCAG 2.1 AA and the European Accessibility Act (EAA).
Outdated WordPress version detected
WordPress 5.9.3 was detected via the generator meta tag. This version has known security vulnerabilities. Update to the latest version.
Mixed content on 3 pages
HTTP resources (images, scripts) are loaded on HTTPS pages. Browsers may block these resources or show security warnings to visitors.
KVK number not displayed
No KVK (Chamber of Commerce) registration number was found on the website. Dutch businesses are required to display their KVK number.
Google Fonts loaded externally
Google Fonts are loaded from fonts.googleapis.com. This shares visitor IP addresses with Google, which a German court ruled violates GDPR. Self-host fonts instead.
Facebook Pixel fires before consent
The Meta/Facebook tracking pixel was detected loading before cookie consent. This sends visitor data to Meta without permission.
DMARC policy set to none
Your DMARC record uses p=none, which only monitors but doesn't prevent email spoofing. Consider upgrading to p=quarantine or p=reject.
No unsubscribe mechanism visible
A newsletter signup form was found but no visible unsubscribe link or information on the page.
Missing Content-Security-Policy header
No Content-Security-Policy header was found. CSP helps prevent cross-site scripting (XSS) and data injection attacks.
What a website report covers
Our scanner checks your website against 35+ requirements across seven categories: GDPR and privacy, image copyright, accessibility, security, legal pages, email marketing, and e-commerce rules. Each finding includes what was detected, why it matters, and how to fix it.
How severity levels work
Critical: Critical findings need immediate attention. This includes copyrighted images that can trigger demand letters of โฌ1,000โโฌ10,000, and tracking scripts that fire before cookie consent โ the most common GDPR issue enforced by European DPAs.
High: High severity findings are significant issues. Missing privacy policies, accessibility failures that affect screen reader users, and outdated software with known security vulnerabilities all fall in this category.
Medium: Medium findings are issues that should be addressed but carry lower immediate impact. Missing security headers, externally loaded fonts, and incomplete legal page information are typical examples.
Low: Low severity findings are best-practice improvements. Weak email authentication, missing optional meta information, and minor configuration issues that don't directly violate regulations but leave room for improvement.
Why we offer free scans
The free scan gives you your health score and a summary of top issues. If you want the full picture โ detailed descriptions, fix instructions, and evidence screenshots for every finding โ you can unlock the full report for a one-time payment of โฌ9. No subscription, no account required.
Learn more
Want to see your own results?
Scan your website for free. Get your health score and top issues in under 60 seconds.
This report is generated by automated scanning tools and provides a technical assessment of publicly accessible website characteristics. It does not constitute legal advice. The findings may include false positives or miss certain issues. For definitive legal assessment, consult a qualified legal professional. Exposure estimates are based on publicly available regulatory guidelines and actual penalties may differ.