Compliance

B

Compliance Badges

1 compliance badge(s) detected

REVIEW

1 compliance badge(s) detected

TRUSTe / TrustArc badge detected

Found via body text: 'truste'. Note: the presence of a badge does not verify the certification is current or valid.

Got: Detected by: body text

SOC 2

ISO 27001

PCI DSS

GDPR Certified

HIPAA Compliant

Better Business Bureau

TRUSTe / TrustArc detected

Detected by: body text

Evidence: truste

Privacy Shield

McAfee SECURE / TrustedSite

Norton Secured

Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.

A+

WCAG Compliance

No testable criteria

PASS

No testable criteria

Level A

Level AA

0

Passed

0

Failed

0

Partial

0

Manual review

0

Not tested

Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.

Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket

A+

Cookie Consent & Privacy

privacy policy found

PASS

privacy policy found

Privacy policy link found

Got: https://tinyurl.com/app/privacy-policy

Terms of service link found

No cookie consent banner detected

5 cookie(s) set on initial load (functional)

This is an automated check, not legal advice

BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.

Consent Banner Not detected Privacy Policy https://tinyurl.com/app/privacy-policy Terms of Service https://tinyurl.com/app/terms

Pre-consent Cookies

XSRF-TOKEN Functional

tinyurl-session Functional

tinyUUID Functional

early-access Functional

__cf_bm Functional

This is an automated check, not legal advice. Consult a privacy professional for GDPR/CCPA compliance.

BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.

Why this matters

Disclaimer: legal-page checks identify presence/absence; consult counsel for legal sufficiency.

A+

Language & i18n

Lang attribute + Content-Language header

PASS

Lang attribute + Content-Language header

<html lang> attribute is present

<html lang> value is valid

Content-Language header is set

Got: en

Language signals are consistent

Page Language DetectedContent-Language Header enConsistent Yes

A+

Readability & Typography

Font sizes and tap targets checked

PASS

Font sizes and tap targets checked

A+

Viewport Configuration

Viewport properly configured

PASS

Viewport properly configured

Viewport meta tag is present

width=device-width is set

User zooming is allowed

Viewport Configuration Good

Content

width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=5.0

width=device-width

Responsive layout enabled

initial-scale=1

Correct initial zoom level

User zooming allowed

Accessibility-friendly — users can zoom

A+

Third-Party Trackers

3 trackers detected

PASS

3 trackers detected

3 third-party trackers detected

Found 3 analytics, 0 advertising, 0 marketing, 0 tag manager trackers.

Got: 3 trackers

A+

Cookie & Tracker Inventory

5 cookies · 3 trackers · 0 pre-consent

PASS

5 cookies · 3 trackers · 0 pre-consent

3 cookie(s) could not be classified

3 third-party tracker(s) detected on page

5 cookies · 3 trackers · 0 third-party No pre-consent violations

Necessary 1

Functional 1

Unknown 3

Cookie name	Domain	Type	Expiry	Flags	Consent

Third-party trackers (3)

Tracker	Category	Consent
Facebook	Analytics	Requires consent
Google Search Console	Analytics	Requires consent
Profitwell	Analytics	Requires consent

A

Legal Page Ecosystem

4 of 7 expected legal pages detected

PASS

4 of 7 expected legal pages detected

Privacy Policy detected

Found at /app/privacy-policy.

Got: /app/privacy-policy

Terms of Service detected

Found at /app/terms.

Got: /app/terms

Cookie Policy detected

Found at /app/cookies-policy, linked from footer.

Got: /app/cookies-policy

Accessibility Statement detected

Found at /app/accessibility, linked from footer.

Got: /app/accessibility

DMCA / Copyright Notice not detected

No link matching common DMCA / Copyright Notice URL patterns or link text was found. Most websites are expected to have a DMCA / Copyright Notice, especially those collecting user data.

Refund / Returns Policy not detected

No link matching common Refund / Returns Policy URL patterns or link text was found. Most websites are expected to have a Refund / Returns Policy, especially those collecting user data.

Acceptable Use Policy not detected

No link matching common Acceptable Use Policy URL patterns or link text was found. Most websites are expected to have a Acceptable Use Policy, especially those collecting user data.

Privacy Policy/app/privacy-policy

Terms of Service/app/terms

Cookie Policy/app/cookies-policy

footer

Accessibility Statement/app/accessibility

footer

DMCA / Copyright NoticeNot found

Refund / Returns PolicyNot found

Acceptable Use PolicyNot found

4 of 7 common legal pages detected

A+

Copyright Notice

PASS

Copyright notice is up to date

Copyright holder: TinyURL LLC

Copyright Notice ✓ Up to Date

Regulatory Indicators

4 regulatory indicator(s) detected

INFO

4 regulatory indicator(s) detected

This is a technical scan, not a legal assessment

BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.

GDPR indicators detected (moderate confidence)

Indicators suggesting GDPR may be relevant: Privacy policy page found. EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.

Got: 1 indicators: Privacy policy page found

ADA indicators detected (moderate confidence)

Indicators suggesting ADA may be relevant: Accessibility statement page found. Americans with Disabilities Act / Section 508 — requires digital accessibility for people with disabilities.

Got: 1 indicators: Accessibility statement page found

PCI-DSS indicators detected (moderate confidence)

Indicators suggesting PCI-DSS may be relevant: Payment processor detected: js.stripe.com. Payment Card Industry Data Security Standard — applies to organizations handling credit card data.

Got: 1 indicators: Payment processor detected: js.stripe.com

HIPAA indicators detected (weak confidence)

Indicators suggesting HIPAA may be relevant: Text mentions: phi. Health Insurance Portability and Accountability Act — protects sensitive patient health information.

Got: 1 indicators: Text mentions: phi

This is a technical scan, not a legal assessment.

BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.

GDPR Moderate

EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.

Indicators detected

Privacy policy page found

ADA Moderate

Americans with Disabilities Act / Section 508 — requires digital accessibility for people with disabilities.

Indicators detected

Accessibility statement page found

PCI-DSS Moderate

Payment Card Industry Data Security Standard — applies to organizations handling credit card data.

Indicators detected

Payment processor detected: js.stripe.com

HIPAA Weak

Health Insurance Portability and Accountability Act — protects sensitive patient health information.

Indicators detected

Text mentions: phi

Third-Party Data Sharing

2 third-party service(s) detected

INFO

2 third-party service(s) detected

Data inventory for transparency purposes

This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.

2 third-party services across 2 categories

2 third-party services detected across 2 categories: Payment (1), CDN (1). Each of these services receives some user data from your site visitors.

Stripe (Payment)

Detected via script URL. Typically collects: Payment card data (PCI-scoped), Transaction details. Privacy policy: https://stripe.com/privacy. Data Processing Agreement available.

Got: Category: Payment | Data types: Payment card data (PCI-scoped), Transaction details

Cloudflare (CDN)

Detected via script URL. Typically collects: IP address (transient), Request metadata. Privacy policy: https://www.cloudflare.com/privacypolicy/. Data Processing Agreement available.

Got: Category: CDN | Data types: IP address (transient), Request metadata

Payment (1)

CDN (1)

Stripe Payment

Detected by: script URL

Data typically collected:

Payment card data (PCI-scoped)Transaction details

Privacy policy → DPA available ✓

Cloudflare CDN

Detected by: script URL

Data typically collected:

IP address (transient)Request metadata

Privacy policy → DPA available ✓

This inventory identifies services receiving visitor data.

Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.

Readability Scores

990 words, Flesch-Kincaid grade 9.9

INFO

Readability Analysis (Flesch-Kincaid)

Grade Level

9.9

Grade 10 (high school)

Reading Ease

54

Fairly Difficult

Words

990

Sentences

58

Browse & Analyze

Learn

Third-party trackers (3)

Readability Analysis (Flesch-Kincaid)