Compliance - https://steamcommunity.com BeaverCheck Audit

B

Cookie Consent & Privacy

No consent signals detected

REVIEW

No consent signals detected

No privacy policy link detected

A privacy policy page is recommended for transparency and may be legally required.

No terms of service link detected

No cookie consent banner detected

2 cookie(s) set on initial load (functional)

This is an automated check, not legal advice

BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.

Consent Banner Not detected Privacy Policy Not found Terms of Service —

Pre-consent Cookies

sessionid Functional

steamCountry Functional

This is an automated check, not legal advice. Consult a privacy professional for GDPR/CCPA compliance.

A privacy policy page is recommended for transparency and may be legally required.

Why this matters

GDPR, CCPA, and most other privacy laws require a published privacy policy — its absence is a per-violation fine.

Learn more ▾

If you collect any personal data (analytics counts), GDPR requires a clear privacy notice describing what you collect, why, and how to exercise data rights. Fines start at €10M or 2% of global revenue, whichever is higher. CCPA's penalties scale per affected user.

Source: GDPR Article 13 / CCPA

BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.

Why this matters

Disclaimer: legal-page checks identify presence/absence; consult counsel for legal sufficiency.

C

Third-Party Trackers

Action

1 trackers detected

REVIEW

1 trackers detected

1 third-party trackers detected

Found 1 analytics, 0 advertising, 0 marketing, 0 tag manager trackers.

Got: 1 trackers

Trackers detected but no cookie policy found

This page loads 1 trackers but no cookie policy was detected. GDPR requires disclosure when using tracking cookies.

Trackers detected but no privacy policy found

Most data protection regulations require a privacy policy when collecting user data via trackers.

C

Copyright Notice

Action

No copyright notice detected

REVIEW

No copyright notice detected

No copyright notice detected in the page content. While not legally required in most jurisdictions (copyright exists automatically), a notice is standard practice and signals site ownership.

Copyright Notice Not Detected

Copyright exists automatically — a notice is standard practice but not legally required.

C

Compliance Badges

Action

0 compliance badge(s) detected

REVIEW

0 compliance badge(s) detected

No compliance badges detected

No recognized compliance certification badges or seals were found. This is common — many sites do not display compliance badges.

SOC 2

ISO 27001

PCI DSS

GDPR Certified

HIPAA Compliant

Better Business Bureau

TRUSTe / TrustArc

Privacy Shield

McAfee SECURE / TrustedSite

Norton Secured

Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.

A+

WCAG Compliance

No testable criteria

PASS

No testable criteria

Level A

Level AA

0

Passed

0

Failed

0

Partial

0

Manual review

0

Not tested

Key accessibility barriers

Images without alt text

Screen reader users cannot understand 94 image(s)

~8M screen reader users in the US

Links with unclear purpose

27 link(s) have empty or generic text

Screen reader users navigating by link list

Form controls without labels

Assistive technology cannot identify 5 input(s)

Screen reader and voice-control users

Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.

Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket

A

Language & i18n

Lang attribute present

PASS

Lang attribute present

<html lang> attribute is present

<html lang> value is valid

No Content-Language HTTP header

Language signals are inconsistent

The <html lang> attribute and Content-Language header should agree.

Page Language DetectedContent-Language Header ——Consistent No—

The <html lang> attribute and Content-Language header should agree.

Why this matters

<html lang>, Content-Language, or og:locale disagree — pick one source of truth and align the others.

Learn more ▾

Browsers and assistive tech use different sources for language. When they disagree, behavior is undefined: some pronounce by <html lang>, some by Content-Language. Decide on the canonical language for the page and set all signals to match.

Source: WCAG 2.1 SC 3.1.1

A+

Readability & Typography

Font sizes and tap targets checked

PASS

Font sizes and tap targets checked

A+

Viewport Configuration

Viewport properly configured

PASS

Viewport properly configured

Viewport meta tag is present

width=device-width is set

User zooming is allowed

Viewport Configuration Good

Content

width=device-width, initial-scale=1

width=device-width

Responsive layout enabled

initial-scale=1

Correct initial zoom level

User zooming allowed

Accessibility-friendly — users can zoom

A

Cookie & Tracker Inventory

2 cookies · 1 trackers · 1 pre-consent

PASS

2 cookies · 1 trackers · 1 pre-consent

1 tracking cookie(s) set before consent interaction

Under GDPR ePrivacy Art. 5(3), analytics and advertising cookies require explicit opt-in. These cookies appeared in the server response without any consent step — a likely violation.

Got: sessionid

1 cookie(s) could not be classified

1 third-party tracker(s) detected on page

2 cookies · 1 trackers · 0 third-party 1 pre-consent violation(s)

1 tracking cookie(s) set before consent

Analytics and advertising cookies require explicit opt-in under ePrivacy Directive Art. 5(3). These cookies appeared in the probe response without any consent step.

Advertising 1

Unknown 1

Cookie name	Domain	Type	Expiry	Flags	Consent

Third-party trackers (1)

Tracker	Category	Consent
Google Search Console	Analytics	Requires consent

Under GDPR ePrivacy Art. 5(3), analytics and advertising cookies require explicit opt-in. These cookies appeared in the server response without any consent step — a likely violation.

Why this matters

Compliance gaps create legal exposure under GDPR, CCPA, ADA, and other regulations.

A

Legal Page Ecosystem

5 of 7 expected legal pages detected

PASS

5 of 7 expected legal pages detected

Privacy Policy detected

Found at https://store.steampowered.com/privacy_agreement/.

Got: https://store.steampowered.com/privacy_agreement/

Terms of Service detected

Found at http://www.valvesoftware.com/legal.htm.

Got: http://www.valvesoftware.com/legal.htm

Cookie Policy detected

Found at https://store.steampowered.com/account/cookiepreferences/.

Got: https://store.steampowered.com/account/cookiepreferences/

Accessibility Statement detected

Found at https://help.steampowered.com/faqs/view/10BB-D27A-6378-4436.

Got: https://help.steampowered.com/faqs/view/10BB-D27A-6378-4436

DMCA / Copyright Notice not detected

No link matching common DMCA / Copyright Notice URL patterns or link text was found. Most websites are expected to have a DMCA / Copyright Notice, especially those collecting user data.

Refund / Returns Policy detected

Found at https://store.steampowered.com/steam_refunds/.

Got: https://store.steampowered.com/steam_refunds/

Acceptable Use Policy not detected

No link matching common Acceptable Use Policy URL patterns or link text was found. Most websites are expected to have a Acceptable Use Policy, especially those collecting user data.

Privacy Policyhttps://store.steampowered.com/privacy_agreement/

Terms of Servicehttp://www.valvesoftware.com/legal.htm

Cookie Policyhttps://store.steampowered.com/account/cookieprefe…

Accessibility Statementhttps://help.steampowered.com/faqs/view/10BB-D27A-…

DMCA / Copyright NoticeNot found

Refund / Returns Policyhttps://store.steampowered.com/steam_refunds/

Acceptable Use PolicyNot found

5 of 7 common legal pages detected

Regulatory Indicators

2 regulatory indicator(s) detected

INFO

2 regulatory indicator(s) detected

This is a technical scan, not a legal assessment

BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.

GDPR indicators detected (moderate confidence)

Indicators suggesting GDPR may be relevant: Privacy policy page found. EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.

Got: 1 indicators: Privacy policy page found

ADA indicators detected (moderate confidence)

Indicators suggesting ADA may be relevant: Accessibility link found: Accessibility. Americans with Disabilities Act / Section 508 — requires digital accessibility for people with disabilities.

Got: 1 indicators: Accessibility link found: Accessibility

This is a technical scan, not a legal assessment.

BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.

GDPR Moderate

EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.

Indicators detected

Privacy policy page found

ADA Moderate

Americans with Disabilities Act / Section 508 — requires digital accessibility for people with disabilities.

Indicators detected

Accessibility link found: Accessibility

Third-Party Data Sharing

0 third-party service(s) detected

INFO

0 third-party service(s) detected

Data inventory for transparency purposes

This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.

No recognized third-party data-sharing services detected

This page does not appear to load external tracking, analytics, or advertising scripts.

No recognized data-sharing services detected.

This inventory identifies services receiving visitor data.

Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.

Readability Scores

1265 words, Flesch-Kincaid grade 13.9

INFO

Readability Analysis (Flesch-Kincaid)

Grade Level

13.9

Grade 14 (college+)

Reading Ease

44

Difficult

Words

1265

Sentences

46