The GDPR Scanner automatically checks a specific web page for technically detectable data protection risks. The tool particularly examines cookies set early, conspicuous network connections, embedded third-party providers, and other signals that may indicate tracking or unclear data flows.
For website owners and responsible parties, this is especially valuable when an initial technical assessment is needed before more in-depth legal or operational measures follow. Instead of merely guessing whether a page processes data before consent is given, you receive reliable technical indicators, prioritized findings, and an understandable summary of the most important areas for action.
How the tool works in practice
You enter the URL to be checked and start the scan. The tool analyzes the page technically, observes cookies and network activities, and prepares the results in a clear evaluation. It deliberately focuses on the specific URL being checked, not automatically on the entire website structure.
After the technical scan, the tool creates a prioritized list of findings. This clearly shows whether there are urgent risks, for example when known tracking cookies are set immediately or third-party connections are active early in a sensitive context. In addition, you receive a condensed assessment with score and recommendations so that the technical review can be translated more quickly into concrete measures.
The result view combines overview and depth. You first see the overall assessment and key metrics, and can then drill down into individual findings, evidence, and detected technologies. This makes the tool suitable both for a quick preliminary check and for structured handover to technical teams, data protection officers, or external partners.
Core features and key views
- The quick overview shows directly whether obviously problematic signals are present and how to classify the overall technical situation.
- Findings are filtered by priority. This allows you to focus on high risks first and work through downstream issues later in a targeted way.
- For individual findings, the tool provides technical evidence so that decisions are not based on mere assumptions, but on verifiable cookies, requests, or hostnames.
- Additional metrics such as number of requests, early-set cookies, interactive cookies, or detected third-party providers help you quickly grasp the extent of an integration.
- The detected technical environment is listed separately. This makes it easier to understand which platforms, services, or consent solutions are likely involved.
Recommended workflow
Use the scanner first on the homepage and then on particularly sensitive page types such as landing pages, form pages, shop entry points, or embedded campaign pages. Differences between these page types are often crucial in practice, because tracking, tagging, or third parties are integrated differently there.
Treat the results as a technical working basis. High-priority items should first go to the responsible teams for tagging, consent integration, and third-party scripts. If you want to derive data protection decisions, technical findings should then be assessed together with the legal requirements.