Skip to content
https://cn.aliyun.com

Compliance

· 22 checks — WCAG, consent & privacy, language, viewport, cookie inventory, and legal pages rolled into one auditable list.
SCORE
67
GRADE
D
FIX
2
REVIEW
5
PASS
12
INFO
3
Checks
22
12 PASS 5 REVIEW 2 FIX
F
GDPR Article 13 Disclosures
Action
0 / 8 Art. 13 categories matched in homepage body
FIX
0 / 8 Art. 13 categories matched in homepage body
Warning::
GDPR Article 13 disclosure coverage: 0 / 8 categories
Scanned the homepage body text AND the linked /privacy page for GDPR Article 13 disclosures. Matched 0 of 8 categories: . Missing: Data Protection Officer contact (where applicable), Data retention period, Data subject rights (access, erasure, rectification, etc.), Identity / contact details of the data controller, International data transfers, Legal basis for processing, Recipients of personal data, Right to lodge a complaint with a supervisory authority. Note: only the FIRST same-origin privacy-policy link is followed; deeper sub-pages (e.g. /legal/data-subject-rights) are not fetched.
Got: 0/8
C
Viewport Configuration
Action
Viewport prevents zooming
REVIEW
Viewport prevents zooming
Info::
Viewport meta tag is present
Info::
width=device-width is set
Critical::
Viewport prevents user zooming
user-scalable=no or maximum-scale < 2 prevents users from zooming. This is a WCAG 1.4.4 (Level AA) failure and an accessibility barrier for users with low vision.
Got: width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no,viewport-fit=cover Expected: width=device-width, initial-scale=1 (without zoom restrictions)
Viewport Configuration Problem
Content
width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no, viewport-fit=cover
width=device-width

Responsive layout enabled

initial-scale=1

Correct initial zoom level

user-scalable=no

User zooming BLOCKED

maximum-scale=1

Restricts zoom — set to 5.0 or higher, or remove entirely

User zooming BLOCKED

WCAG 1.4.4 violation — users with low vision cannot zoom. Remove user-scalable=no and set maximum-scale to at least 5.0.

user-scalable=no or maximum-scale < 2 prevents users from zooming. This is a WCAG 1.4.4 (Level AA) failure and an accessibility barrier for users with low vision.

Why this matters

user-scalable=no is a WCAG 1.4.4 failure and creates ADA/EAA legal exposure — low-vision users rely on pinch-zoom every day.

Learn more

Setting user-scalable=no (or maximum-scale=1) in the viewport meta blocks pinch-zoom. WCAG 2.1 success criterion 1.4.4 (Resize Text) requires zoom up to 200%. ADA lawsuits against inaccessible US sites have risen sharply; the EU Accessibility Act adds another enforcement layer in 2025. Remove user-scalable and maximum-scale from the viewport meta.

Source: WCAG 2.1 SC 1.4.4 / ADA / EAA

B
Accessibility Statement
No accessibility statement detected
REVIEW
No accessibility statement detected
Warning::
No accessibility statement detected
Sites are increasingly expected to publish an accessibility statement. Required by EU Web Accessibility Directive 2016/2102 for public-sector bodies; recommended best practice elsewhere. Common URLs: /accessibility, /accessibility-statement, /a11y.
C
Beacon Tracking (sendBeacon)
Action
3 sendBeacon call site(s) in inline scripts
REVIEW
3 sendBeacon call site(s) in inline scripts
Warning::
3 navigator.sendBeacon call site(s) in inline scripts
navigator.sendBeacon() fires fire-and-forget POSTs in the background after page-unload -- typically used for last-second analytics (read-time, scroll depth, exit-intent). Ad-blockers' XHR/fetch interception often misses them (different API path); DevTools shows beacon requests typed as "ping" instead of "fetch", which is easy to overlook in privacy reviews. Audit each call site: what data is being sent? Is the recipient disclosed in the privacy policy? Is the call gated behind cookie-banner consent? Does the user have a way to opt out of the page-unload tracking specifically (separate from in-session analytics)? Detection is limited to inline scripts -- beacons in external SDKs aren't visible to this static scan.
B
Compliance Badges
2 compliance badge(s) detected
REVIEW
2 compliance badge(s) detected
Info::
ISO 27001 badge detected
Found via body text: 'iso 27001'. Note: the presence of a badge does not verify the certification is current or valid.
Got: Detected by: body text
Info::
PCI DSS badge detected
Found via body text: 'pci dss'. Note: the presence of a badge does not verify the certification is current or valid.
Got: Detected by: body text
SOC 2
ISO 27001 detected

Detected by: body text

Evidence: iso 27001

PCI DSS detected

Detected by: body text

Evidence: pci dss

GDPR Certified
HIPAA Compliant
Better Business Bureau
TRUSTe / TrustArc
Privacy Shield
McAfee SECURE / TrustedSite
Norton Secured
Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.
A+
WCAG Compliance
No testable criteria
PASS
No testable criteria
Level A
Level AA

0

Passed

0

Failed

0

Partial

0

Manual review

0

Not tested

Key accessibility barriers

Images without alt text

Screen reader users cannot understand 83 image(s)

~8M screen reader users in the US

Links with unclear purpose

17 link(s) have empty or generic text

Screen reader users navigating by link list

Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.

Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket

A+
Tracker Inventory
No known trackers detected on this page
PASS
No known trackers detected on this page
Info::
No known trackers detected on this page
A
Language & i18n
Lang attribute present
PASS
Lang attribute present
Info::
<html lang> attribute is present
Info::
<html lang> value is valid
Info::
No Content-Language HTTP header
Info::
Language signals are inconsistent
The <html lang> attribute and Content-Language header should agree.
Page Language DetectedContent-Language Header Consistent No

The <html lang> attribute and Content-Language header should agree.

Why this matters

<html lang>, Content-Language, or og:locale disagree — pick one source of truth and align the others.

Learn more

Browsers and assistive tech use different sources for language. When they disagree, behavior is undefined: some pronounce by <html lang>, some by Content-Language. Decide on the canonical language for the page and set all signals to match.

Source: WCAG 2.1 SC 3.1.1

A+
Hreflang Configuration
No hreflang tags on this page
PASS
No hreflang tags on this page
Info::
No hreflang tags found (single-language site)
A+
Internationalization Extras
No additional i18n signals detected
PASS
No additional i18n signals detected
Info::
No additional i18n signals detected
A+
Readability & Typography
Font sizes and tap targets checked
PASS
Font sizes and tap targets checked
A+
Third-Party Trackers
No third-party trackers detected
PASS
No third-party trackers detected
Info::
No third-party trackers detected
A+
Tracking Pixel Inventory
No tracking pixels detected
PASS
No tracking pixels detected
Info::
No tracking pixels detected
A+
Browser Fingerprinting
No browser-fingerprinting libraries detected
PASS
No browser-fingerprinting libraries detected
Info::
No browser-fingerprinting libraries detected
A+
Cross-Site Cookies (SameSite=None)
No cookies on the page
PASS
No cookies on the page
Info::
No cookies set on the page response
Regulatory Indicators
1 regulatory indicator(s) detected
INFO
1 regulatory indicator(s) detected
Info::
This is a technical scan, not a legal assessment
BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.
Info::
PCI-DSS indicators detected (weak confidence)
Indicators suggesting PCI-DSS may be relevant: Text mentions: pci dss. Payment Card Industry Data Security Standard — applies to organizations handling credit card data.
Got: 1 indicators: Text mentions: pci dss

This is a technical scan, not a legal assessment.

BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.

PCI-DSS Weak

Payment Card Industry Data Security Standard — applies to organizations handling credit card data.

Indicators detected

  • Text mentions: pci dss
Third-Party Data Sharing
0 third-party service(s) detected
INFO
0 third-party service(s) detected
Info::
Data inventory for transparency purposes
This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.
Info::
No recognized third-party data-sharing services detected
This page does not appear to load external tracking, analytics, or advertising scripts.

No recognized data-sharing services detected.

This inventory identifies services receiving visitor data.

Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.

Readability Scores
545 words, Flesch-Kincaid grade 10.6
INFO

Readability Analysis (Flesch-Kincaid)

Grade Level

10.6

Grade 11 (high school)

Reading Ease

80

Fairly Easy

Words

545

Sentences

16

All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.

Send Feedback