Skip to content
https://lockheadmartin.com

Compliance

· 23 checks — WCAG, consent & privacy, language, viewport, cookie inventory, and legal pages rolled into one auditable list.
SCORE
63
GRADE
D
FIX
3
REVIEW
6
PASS
11
INFO
3
Checks
23
11 PASS 6 REVIEW 3 FIX
F
Language & i18n
Action
Missing <html lang>
FIX
Missing <html lang>
Warning::
<html lang> attribute is missing
The lang attribute on <html> is required for screen readers and WCAG 3.1.1 compliance.
Info::
No Content-Language HTTP header
Info::
Language signals are consistent
Page Language Content-Language Header Consistent Yes

The lang attribute on <html> is required for screen readers and WCAG 3.1.1 compliance.

Why this matters

Without a lang attribute, screen readers mispronounce every word on the page.

Learn more

An HTML element without lang="..." causes screen readers to fall back to the user's default voice — a French page read in English sounds like nonsense. Setting lang on the <html> element is a one-character fix that lets every assistive tool pronounce content correctly.

Source: W3C WCAG 2.1

F
GDPR Article 13 Disclosures
Action
0 / 8 Art. 13 categories matched in homepage body
FIX
0 / 8 Art. 13 categories matched in homepage body
Warning::
GDPR Article 13 disclosure coverage: 0 / 8 categories
Scanned the homepage body text AND the linked /privacy page for GDPR Article 13 disclosures. Matched 0 of 8 categories: . Missing: Data Protection Officer contact (where applicable), Data retention period, Data subject rights (access, erasure, rectification, etc.), Identity / contact details of the data controller, International data transfers, Legal basis for processing, Recipients of personal data, Right to lodge a complaint with a supervisory authority. Note: only the FIRST same-origin privacy-policy link is followed; deeper sub-pages (e.g. /legal/data-subject-rights) are not fetched.
Got: 0/8
C
Viewport Configuration
Action
Viewport prevents zooming
REVIEW
Viewport prevents zooming
Info::
Viewport meta tag is present
Info::
width=device-width is set
Critical::
Viewport prevents user zooming
user-scalable=no or maximum-scale < 2 prevents users from zooming. This is a WCAG 1.4.4 (Level AA) failure and an accessibility barrier for users with low vision.
Got: width=device-width, initial-scale=1, maximum-scale=1 Expected: width=device-width, initial-scale=1 (without zoom restrictions)
Viewport Configuration Problem
Content
width=device-width, initial-scale=1, maximum-scale=1
width=device-width

Responsive layout enabled

initial-scale=1

Correct initial zoom level

maximum-scale=1

Restricts zoom — set to 5.0 or higher, or remove entirely

User zooming BLOCKED

WCAG 1.4.4 violation — users with low vision cannot zoom. Remove user-scalable=no and set maximum-scale to at least 5.0.

user-scalable=no or maximum-scale < 2 prevents users from zooming. This is a WCAG 1.4.4 (Level AA) failure and an accessibility barrier for users with low vision.

Why this matters

user-scalable=no is a WCAG 1.4.4 failure and creates ADA/EAA legal exposure — low-vision users rely on pinch-zoom every day.

Learn more

Setting user-scalable=no (or maximum-scale=1) in the viewport meta blocks pinch-zoom. WCAG 2.1 success criterion 1.4.4 (Resize Text) requires zoom up to 200%. ADA lawsuits against inaccessible US sites have risen sharply; the EU Accessibility Act adds another enforcement layer in 2025. Remove user-scalable and maximum-scale from the viewport meta.

Source: WCAG 2.1 SC 1.4.4 / ADA / EAA

B
Accessibility Statement
No accessibility statement detected
REVIEW
No accessibility statement detected
Warning::
No accessibility statement detected
Sites are increasingly expected to publish an accessibility statement. Required by EU Web Accessibility Directive 2016/2102 for public-sector bodies; recommended best practice elsewhere. Common URLs: /accessibility, /accessibility-statement, /a11y.
B
Tracking Pixel Inventory
1 tracking pixel(s) on the page
REVIEW
1 tracking pixel(s) on the page
Info::
1 tracking pixel(s) on the page (1 domain(s))
Tracking pixels are 1x1 / 2x2 cross-origin <img> tags that fire a GET request when the browser renders them -- no JavaScript, no cookies needed. They're how trackers survive when users disable JS or block third-party cookies, and they bypass most ad-blocker rules that target script src. Each one needs explicit disclosure under GDPR Art 7 / CCPA / ePrivacy because the request itself transmits the page URL + IP + user-agent + referrer to the tracker. Audit each surfaced domain: is it disclosed in your privacy policy? Is it conditional on the cookie banner? Affected domains: l.cdn-fileserver.com.
Got: https://l.cdn-fileserver.com/bping.php?ssld=%7B%22QQNN%22%3A%22sD%22%2C%22QQN75%...
C
Compliance Badges
Action
0 compliance badge(s) detected
REVIEW
0 compliance badge(s) detected
Info::
No compliance badges detected
No recognized compliance certification badges or seals were found. This is common — many sites do not display compliance badges.
SOC 2
ISO 27001
PCI DSS
GDPR Certified
HIPAA Compliant
Better Business Bureau
TRUSTe / TrustArc
Privacy Shield
McAfee SECURE / TrustedSite
Norton Secured
Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.
A+
WCAG Compliance
No testable criteria
PASS
No testable criteria
Level A
Level AA

0

Passed

0

Failed

0

Partial

0

Manual review

0

Not tested

Key accessibility barriers

Images without alt text

Screen reader users cannot understand 1 image(s)

~8M screen reader users in the US

Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.

Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket

A+
Tracker Inventory
No known trackers detected on this page
PASS
No known trackers detected on this page
Info::
No known trackers detected on this page
A+
Hreflang Configuration
No hreflang tags on this page
PASS
No hreflang tags on this page
Info::
No hreflang tags found (single-language site)
A+
Internationalization Extras
No additional i18n signals detected
PASS
No additional i18n signals detected
Info::
No additional i18n signals detected
A+
Readability & Typography
Font sizes and tap targets checked
PASS
Font sizes and tap targets checked
A+
Third-Party Trackers
1 trackers detected
PASS
1 trackers detected
Info::
1 third-party trackers detected
Found 0 analytics, 0 advertising, 0 marketing, 1 tag manager, 0 session-replay, 0 heatmap trackers.
Got: 1 trackers
A+
Browser Fingerprinting
No browser-fingerprinting libraries detected
PASS
No browser-fingerprinting libraries detected
Info::
No browser-fingerprinting libraries detected
A+
Cross-Site Cookies (SameSite=None)
No SameSite=None cookies -- no cross-site travel surface
PASS
No SameSite=None cookies -- no cross-site travel surface
Info::
No cookies opted in to cross-site travel (SameSite=None)
A+
Beacon Tracking (sendBeacon)
No navigator.sendBeacon usage detected in inline scripts
PASS
No navigator.sendBeacon usage detected in inline scripts
Info::
No navigator.sendBeacon usage detected in inline scripts
Regulatory Indicators
1 regulatory indicator(s) detected
INFO
1 regulatory indicator(s) detected
Info::
This is a technical scan, not a legal assessment
BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.
Info::
CCPA indicators detected (strong confidence)
Indicators suggesting CCPA may be relevant: Text mentions: do not sell; Link text: Do Not Sell or Share My Personal Information. California Consumer Privacy Act — gives California residents rights over their personal data.
Got: 2 indicators: Text mentions: do not sell, Link text: Do Not Sell or Share My Personal Information

This is a technical scan, not a legal assessment.

BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.

CCPA Strong

California Consumer Privacy Act — gives California residents rights over their personal data.

Indicators detected

  • Text mentions: do not sell
  • Link text: Do Not Sell or Share My Personal Information
Third-Party Data Sharing
0 third-party service(s) detected
INFO
0 third-party service(s) detected
Info::
Data inventory for transparency purposes
This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.
Info::
No recognized third-party data-sharing services detected
This page does not appear to load external tracking, analytics, or advertising scripts.

No recognized data-sharing services detected.

This inventory identifies services receiving visitor data.

Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.

Readability Scores
11 words, Flesch-Kincaid grade 14.4
INFO

Readability Analysis (Flesch-Kincaid)

Grade Level

14.4

Grade 14 (college+)

Reading Ease

11

Very Difficult

Words

11

Sentences

1

All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.

Send Feedback