Skip to content
https://www.gesundheitswelt.de

Compliance

· 23 checks — WCAG, consent & privacy, language, viewport, cookie inventory, and legal pages rolled into one auditable list.
SCORE
69
GRADE
D
FIX
2
REVIEW
5
PASS
13
INFO
3
Checks
23
13 PASS 5 REVIEW 2 FIX
F
GDPR Article 13 Disclosures
Action
0 / 8 Art. 13 categories matched in homepage body
FIX
0 / 8 Art. 13 categories matched in homepage body
Warning::
GDPR Article 13 disclosure coverage: 0 / 8 categories
Scanned the homepage body text for GDPR Article 13 disclosures. Matched 0 of 8 categories: . Missing: Data Protection Officer contact (where applicable), Data retention period, Data subject rights (access, erasure, rectification, etc.), Identity / contact details of the data controller, International data transfers, Legal basis for processing, Recipients of personal data, Right to lodge a complaint with a supervisory authority. Note: this scan does not fetch the privacy policy sub-page; if Article 13 disclosures live there, they are not visible to this check.
Got: 0/8
B
Accessibility Statement
No accessibility statement detected
REVIEW
No accessibility statement detected
Warning::
No accessibility statement detected
Sites are increasingly expected to publish an accessibility statement. Required by EU Web Accessibility Directive 2016/2102 for public-sector bodies; recommended best practice elsewhere. Common URLs: /accessibility, /accessibility-statement, /a11y.
B
Tracking Pixel Inventory
1 tracking pixel(s) on the page
REVIEW
1 tracking pixel(s) on the page
Info::
1 tracking pixel(s) on the page (1 domain(s))
Tracking pixels are 1x1 / 2x2 cross-origin <img> tags that fire a GET request when the browser renders them -- no JavaScript, no cookies needed. They're how trackers survive when users disable JS or block third-party cookies, and they bypass most ad-blocker rules that target script src. Each one needs explicit disclosure under GDPR Art 7 / CCPA / ePrivacy because the request itself transmits the page URL + IP + user-agent + referrer to the tracker. Audit each surfaced domain: is it disclosed in your privacy policy? Is it conditional on the cookie banner? Affected domains: www.google.com.
Got: https://www.google.com/images/cleardot.gif
B
Cross-Site Cookies (SameSite=None)
1 cross-site cookie(s) (1 tracking-shaped, 0 essential)
REVIEW
1 cross-site cookie(s) (1 tracking-shaped, 0 essential)
Info::
1 tracking-shaped cross-site cookie(s): __cf_bm
Cookies with SameSite=None travel in cross-site contexts (third-party iframes, cross-origin POSTs, embedded widgets). With third-party cookies dying in Chrome/Firefox, the legitimate use cases narrowed to SSO + payment widgets + federated auth. Each tracking-shaped cookie surfaced here is a cross-site analytics or ad-tech surface that needs explicit privacy-policy disclosure beyond basic cookie banner consent. Audit each: is it conditional on consent? Does the privacy policy name the recipient + purpose? Switching to SameSite=Lax disables the cross-site travel without breaking same-site analytics.
C
Compliance Badges
Action
0 compliance badge(s) detected
REVIEW
0 compliance badge(s) detected
Info::
No compliance badges detected
No recognized compliance certification badges or seals were found. This is common — many sites do not display compliance badges.
SOC 2
ISO 27001
PCI DSS
GDPR Certified
HIPAA Compliant
Better Business Bureau
TRUSTe / TrustArc
Privacy Shield
McAfee SECURE / TrustedSite
Norton Secured
Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.
A+
WCAG Compliance
No testable criteria
PASS
No testable criteria
Level A
Level AA

0

Passed

0

Failed

0

Partial

0

Manual review

0

Not tested

Key accessibility barriers

Form controls without labels

Assistive technology cannot identify 5 input(s)

Screen reader and voice-control users

Links with unclear purpose

2 link(s) have empty or generic text

Screen reader users navigating by link list

Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.

Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket

A+
Tracker Inventory
No known trackers detected on this page
PASS
No known trackers detected on this page
Info::
No known trackers detected on this page
A
Language & i18n
Lang attribute present
PASS
Lang attribute present
Info::
<html lang> attribute is present
Info::
<html lang> value is valid
Info::
No Content-Language HTTP header
Info::
Language signals are inconsistent
The <html lang> attribute and Content-Language header should agree.
Page Language DetectedContent-Language Header Consistent No

The <html lang> attribute and Content-Language header should agree.

Why this matters

<html lang>, Content-Language, or og:locale disagree — pick one source of truth and align the others.

Learn more

Browsers and assistive tech use different sources for language. When they disagree, behavior is undefined: some pronounce by <html lang>, some by Content-Language. Decide on the canonical language for the page and set all signals to match.

Source: WCAG 2.1 SC 3.1.1

A+
Hreflang Configuration
No hreflang tags on this page
PASS
No hreflang tags on this page
Info::
No hreflang tags found (single-language site)
A+
Internationalization Extras
No additional i18n signals detected
PASS
No additional i18n signals detected
Info::
No additional i18n signals detected
A+
Readability & Typography
Font sizes and tap targets checked
PASS
Font sizes and tap targets checked
A+
Viewport Configuration
Viewport properly configured
PASS
Viewport properly configured
Info::
Viewport meta tag is present
Info::
width=device-width is set
Info::
User zooming is allowed
Viewport Configuration Good
Content
width=device-width, initial-scale=1, shrink-to-fit=no
width=device-width

Responsive layout enabled

initial-scale=1

Correct initial zoom level

User zooming allowed

Accessibility-friendly — users can zoom

A+
Third-Party Trackers
2 trackers detected
PASS
2 trackers detected
Info::
2 third-party trackers detected
Found 2 analytics, 0 advertising, 0 marketing, 0 tag manager, 0 session-replay, 0 heatmap trackers.
Got: 2 trackers
A+
Browser Fingerprinting
No browser-fingerprinting libraries detected
PASS
No browser-fingerprinting libraries detected
Info::
No browser-fingerprinting libraries detected
A+
Beacon Tracking (sendBeacon)
No navigator.sendBeacon usage detected in inline scripts
PASS
No navigator.sendBeacon usage detected in inline scripts
Info::
No navigator.sendBeacon usage detected in inline scripts
Regulatory Indicators
1 regulatory indicator(s) detected
INFO
1 regulatory indicator(s) detected
Info::
This is a technical scan, not a legal assessment
BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.
Info::
GDPR indicators detected (strong confidence)
Indicators suggesting GDPR may be relevant: European TLD detected: .de; Text mentions: gdpr; Privacy policy page found. EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.
Got: 3 indicators: European TLD detected: .de, Text mentions: gdpr, Privacy policy page found

This is a technical scan, not a legal assessment.

BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.

GDPR Strong

EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.

Indicators detected

  • European TLD detected: .de
  • Text mentions: gdpr
  • Privacy policy page found
Third-Party Data Sharing
1 third-party service(s) detected
INFO
1 third-party service(s) detected
Info::
Data inventory for transparency purposes
This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.
Info::
1 third-party services across 1 categories
1 third-party services detected across 1 categories: CDN (1). Each of these services receives some user data from your site visitors.
Info::
Cloudflare (CDN)
Detected via cookie name. Typically collects: IP address (transient), Request metadata. Privacy policy: https://www.cloudflare.com/privacypolicy/. Data Processing Agreement available.
Got: Category: CDN | Data types: IP address (transient), Request metadata
CDN (1)
Cloudflare CDN
Detected by: cookie name
Data typically collected:
IP address (transient)Request metadata
Privacy policy → DPA available ✓

This inventory identifies services receiving visitor data.

Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.

Readability Scores
1028 words, Flesch-Kincaid grade 16.6
INFO

Readability Analysis (Flesch-Kincaid)

Grade Level

16.6

Grade 17 (college+)

Reading Ease

3

Very Difficult

Words

1028

Sentences

67

All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.

Send Feedback