Most privacy tools start by asking for your website. You do not have one — you sell through Instagram, Etsy, a TikTok Shop, a Square terminal at the counter, or a WhatsApp order list. So you assume none of this applies to you. It does, and no website is required to handle it. The moment you keep a customer list, run a loyalty program, or take an order in the DMs, you are responsible for that data — the same as any store with a domain.
Here is the relief: you can find out exactly where you stand in about 30 seconds, for free, without a website and without signing up.
Why the platform's policy does not cover you
Etsy's privacy policy covers Etsy. Instagram's covers Instagram. Neither covers you — the business collecting names, emails, and order details. The second you build a mailing list or take a custom order outside the platform, that part is yours to account for. If a customer messages "delete everything you have on me," the platform will not answer for you.
That is the gap almost no tool is built for. It is also the gap that gets a real coffee roaster, cake maker, or cleaning service caught out — not through carelessness, but because nobody ever told them the loyalty list counted.
Take the 30-second check
Go straight to the 30-second quiz — no website needed. You answer a few plain questions — where you sell, whether you keep a mailing list, whether you run a loyalty scheme or take deposits.

Then Dxtra tells you where you stand: a risk band based on your declared answers, with each gap named and paired to the fix. No legal jargon. No 88 pages of regulation. Just a straight read of what applies to a business like yours, in the countries you actually sell into — whether that is the US (CCPA), the UK and EU (GDPR), Australia, Singapore or Japan.

Then Dxtra gives you the thing you're missing
For a seller with no website, the missing piece is usually a real place to point people to. Dxtra gives you a hosted privacy page with your business name on it — one link for your Instagram bio, your Linktree, your Etsy About section, or your order confirmations. And because not every customer meets you online, Dxtra also gives you a QR code — for that privacy page or for a specific consent form — to put on your packaging, a receipt, a market-stall card, or the counter. A customer scans it with their phone and sees exactly what you do with their data. It gives you a simple consent form for your mailing list, and one place to handle "show me / delete my data" when a customer asks.
Setup is about ten minutes. You tell Dxtra the platforms you sell on, and it fills in the rest from there. You are not building a compliance program — you are answering a few questions and getting a link. From $10/month, with a 14-day money-back guarantee.
What you get, in plain terms
- A privacy page with your shop's name on it — hosted for you, no website needed.
- A consent form for your mailing list, so signups have a clear basis.
- A QR code for your privacy notice or a consent form — for packaging, receipts, a market stall, or the counter, so in-person customers can scan and see it.
- A ready answer when a customer asks about their data.
- A privacy-posture you can point a marketplace, a customer, or a partner to when they ask.
An honest note
The 30-second check is an indicator — a fast read of where you stand and what to prioritize. It is not legal advice, and it will not tell you that you are "compliant," because that is a regulator's call, not a tool's. What it does is take you from "I have no idea if this applies to me" to "I know what to do next" — which is the part that lets you get back to the business.
See where you stand
You do not need a website. You do not need $10,000 or a lawyer. You need about 30 seconds.
No website required. No account. From $10/month.
Want the whole walkthrough, step by step? See the step-by-step scan guide. Do have a website? Start with Is my Shopify store actually compliant?
