DxtraBETA
Free privacy compliance scan. No website required.

Check a site’s privacy & data-protection compliance — free, no sign-up required.

Enter a domain and we’ll review its public pages the way a regulator would — privacy notice, consent forms and trackers — then return a risk band and pinpoint the top issues and recommended fixes in under a minute. It checks privacy practices — not security, malware or vulnerabilities.

https://
Reads only public pagesFree · no account requiredNot legal adviceHow we score ↗
No website? Selling or providing services in person, through marketplaces, or on social platforms? Take the 30-second quiz instead.
How the scan works

We read what regulators read.

Three agents read the site's public surface, then score it against the same Methodology v1.8 rules the full Dxtra platform uses — returning a Low / Medium / High risk band, never a vanity score.

Read the public surface

The Surface Agent fetches the homepage, footer and notice links; the Browser Agent drives a real headless browser for cookies, trackers, Reject-All and GPC.

Analyze the notice

The Policy AI reads the site's privacy notice for the substance regulators expect — rights, transfers, retention, contacts — across the jurisdictions it touches.

Score & explain

Findings map to NIST, ISO 27701 and ENISA, each paired with the Dxtra capability that fixes it — and a projected band after remediation.

What the scanner checks

48 findings regulators actually look for.

A cookie banner is not compliance. The scanner looks across the obligations behind a credible privacy program — and tells you which are missing.

Privacy notice & freshness

Is there a notice, is it reachable, and updated in the last 24 months?

Data-subject rights

A clear DSAR / rights-request route and a designated privacy contact.

Cookies & trackers

Cookies before consent, a working Reject-All, and Global Privacy Control.

Cross-border transfers

International-transfer disclosures and the mechanisms that legitimise them.

Records of processing

Whether a record of processing activities (ROPA) is referenced.

Jurisdiction nexus

Singapore, Japan, India, China, Canada, Switzerland, Korea & more — applied where a nexus is detected from the site's public surface.

Elevated sensitivity

Health, biometric, financial, child-directed and AI-decisioning sites use tighter bands.

Commendable practice

Transparency hubs and sub-processor lists are credited — but never inflate the band.

After the scan

Fix what the scan finds — from $10/month.

The scan is free. When you're ready to close the gaps, Dxtra generates your privacy program — policies, notices, consent, records — in hours. Every plan includes all 16 capabilities; plans differ only in usage limits.

Get started — from $10/monthSee It In Action

The Dxtra Privacy Scanner is an automated diagnostic indicator based on publicly available information. It is not legal advice and not a determination of regulatory breach. Privacy law is jurisdiction- and fact-specific. For material decisions, consult a qualified privacy professional. Methodology v1.8 · Research preview.