Compliance - https://perryhomes.com BeaverCheck Audit

F

GDPR Article 13 Disclosures

Action

0 / 8 Art. 13 categories matched in homepage body

FIX

0 / 8 Art. 13 categories matched in homepage body

GDPR Article 13 disclosure coverage: 0 / 8 categories

Scanned the homepage body text for GDPR Article 13 disclosures. Matched 0 of 8 categories: . Missing: Data Protection Officer contact (where applicable), Data retention period, Data subject rights (access, erasure, rectification, etc.), Identity / contact details of the data controller, International data transfers, Legal basis for processing, Recipients of personal data, Right to lodge a complaint with a supervisory authority. Note: this scan does not fetch the privacy policy sub-page; if Article 13 disclosures live there, they are not visible to this check.

Got: 0/8

F

Third-Party Trackers

Action

13 trackers detected

FIX

13 trackers detected

13 third-party trackers detected

Found 8 analytics, 2 advertising, 1 marketing, 1 tag manager, 1 session-replay, 0 heatmap trackers.

Got: 13 trackers

2 advertising/retargeting trackers detected

Advertising trackers collect user data for ad targeting. Under GDPR, these typically require explicit consent.

1 session-replay tool(s) detected (Hotjar)

Session-replay tools record what users type, click, and scroll. Under GDPR these are high-risk processing requiring explicit consent and (per UK ICO and French CNIL guidance) often a Data Protection Impact Assessment. Mask sensitive form fields and gate firing on user consent.

Trackers detected but no cookie policy found

This page loads 13 trackers but no cookie policy was detected. GDPR requires disclosure when using tracking cookies.

Trackers detected but no privacy policy found

Most data protection regulations require a privacy policy when collecting user data via trackers.

F

Legal Page Ecosystem

Action

1 of 7 expected legal pages detected

FIX

1 of 7 expected legal pages detected

Privacy Policy not detected

No link matching common Privacy Policy URL patterns or link text was found. Most websites are expected to have a Privacy Policy, especially those collecting user data.

Terms of Service detected

Found at /legal, linked from footer.

Got: /legal

Cookie Policy not detected

No link matching common Cookie Policy URL patterns or link text was found. Most websites are expected to have a Cookie Policy, especially those collecting user data.

Accessibility Statement not detected

No link matching common Accessibility Statement URL patterns or link text was found. Most websites are expected to have a Accessibility Statement, especially those collecting user data.

DMCA / Copyright Notice not detected

No link matching common DMCA / Copyright Notice URL patterns or link text was found. Most websites are expected to have a DMCA / Copyright Notice, especially those collecting user data.

Refund / Returns Policy not detected

No link matching common Refund / Returns Policy URL patterns or link text was found. Most websites are expected to have a Refund / Returns Policy, especially those collecting user data.

Acceptable Use Policy not detected

No link matching common Acceptable Use Policy URL patterns or link text was found. Most websites are expected to have a Acceptable Use Policy, especially those collecting user data.

Privacy PolicyNot found

Terms of Service/legal

footer

Cookie PolicyNot found

Accessibility StatementNot found

DMCA / Copyright NoticeNot found

Refund / Returns PolicyNot found

Acceptable Use PolicyNot found

1 of 7 common legal pages detected

B

Accessibility Statement

No accessibility statement detected

REVIEW

No accessibility statement detected

Sites are increasingly expected to publish an accessibility statement. Required by EU Web Accessibility Directive 2016/2102 for public-sector bodies; recommended best practice elsewhere. Common URLs: /accessibility, /accessibility-statement, /a11y.

B

Tracking Pixel Inventory

1 tracking pixel(s) on the page

REVIEW

1 tracking pixel(s) on the page

1 tracking pixel(s) on the page (1 domain(s))

Tracking pixels are 1x1 / 2x2 cross-origin <img> tags that fire a GET request when the browser renders them -- no JavaScript, no cookies needed. They're how trackers survive when users disable JS or block third-party cookies, and they bypass most ad-blocker rules that target script src. Each one needs explicit disclosure under GDPR Art 7 / CCPA / ePrivacy because the request itself transmits the page URL + IP + user-agent + referrer to the tracker. Audit each surfaced domain: is it disclosed in your privacy policy? Is it conditional on the cookie banner? Affected domains: insight.adsrvr.org.

Got: https://insight.adsrvr.org/track/pxl/?adv=7s95dua&ct=0:edd2c1f&fmt=3

C

Copyright Notice

Action

REVIEW

Copyright year is 2024 (2 year(s) behind)

Copyright year is 2024 — 2 year(s) behind. While copyright protection doesn't depend on the year being current, an outdated notice may suggest the site is not actively maintained. Update to © 2026 or use a range like © 2024–2026.

Copyright holder: Perry Homes

Copyright Notice Outdated

Year 2024 — 2 years behind Entity Perry Homes

B

Compliance Badges

1 compliance badge(s) detected

REVIEW

1 compliance badge(s) detected

TRUSTe / TrustArc badge detected

Found via body text: 'truste'. Note: the presence of a badge does not verify the certification is current or valid.

Got: Detected by: body text

SOC 2

ISO 27001

PCI DSS

GDPR Certified

HIPAA Compliant

Better Business Bureau

TRUSTe / TrustArc detected

Detected by: body text

Evidence: truste

Privacy Shield

McAfee SECURE / TrustedSite

Norton Secured

Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.

A+

WCAG Compliance

No testable criteria

PASS

No testable criteria

Level A

Level AA

0

Passed

0

Failed

0

Partial

0

Manual review

0

Not tested

Key accessibility barriers

Links with unclear purpose

5 link(s) have empty or generic text

Screen reader users navigating by link list

Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.

Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket

A

Cookie Consent & Privacy

No consent signals detected

PASS

No consent signals detected

No privacy policy link detected

A privacy policy page is recommended for transparency and may be legally required.

Terms of service link found

No cookie consent banner detected

This is an automated check, not legal advice

BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.

Consent Banner Not detected Privacy Policy Not found Terms of Service /legal

No cookies set before user interaction.

This is an automated check, not legal advice. Consult a privacy professional for GDPR/CCPA compliance.

A privacy policy page is recommended for transparency and may be legally required.

Why this matters

GDPR, CCPA, and most other privacy laws require a published privacy policy — its absence is a per-violation fine.

Learn more ▾

If you collect any personal data (analytics counts), GDPR requires a clear privacy notice describing what you collect, why, and how to exercise data rights. Fines start at €10M or 2% of global revenue, whichever is higher. CCPA's penalties scale per affected user.

Source: GDPR Article 13 / CCPA

BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.

Why this matters

Disclaimer: legal-page checks identify presence/absence; consult counsel for legal sufficiency.

A+

Consent UX Depth

No consent-UX depth issues detected

PASS

No consent-UX depth issues detected

A+

Tracker Inventory

4 known tracker(s) detected

PASS

4 known tracker(s) detected

Inventory of trackers loaded by the page (matched against a curated SDK URL registry): analytics: Google Analytics 4 | marketing: Reddit Pixel, Meta Pixel | session-replay: Hotjar Each entry maps a script URL pattern to a known vendor SDK. This is purely informational -- consent posture / pre-consent firing is graded by the consent analyzer.

A

Language & i18n

Lang attribute present

PASS

Lang attribute present

<html lang> attribute is present

<html lang> value is valid

No Content-Language HTTP header

Language signals are inconsistent

The <html lang> attribute and Content-Language header should agree.

Page Language DetectedContent-Language Header ——Consistent No—

The <html lang> attribute and Content-Language header should agree.

Why this matters

<html lang>, Content-Language, or og:locale disagree — pick one source of truth and align the others.

Learn more ▾

Browsers and assistive tech use different sources for language. When they disagree, behavior is undefined: some pronounce by <html lang>, some by Content-Language. Decide on the canonical language for the page and set all signals to match.

Source: WCAG 2.1 SC 3.1.1

A+

Hreflang Configuration

No hreflang tags on this page

PASS

No hreflang tags on this page

No hreflang tags found (single-language site)

A+

Internationalization Extras

No additional i18n signals detected

PASS

No additional i18n signals detected

A+

Readability & Typography

Font sizes and tap targets checked

PASS

Font sizes and tap targets checked

A+

Viewport Configuration

Viewport properly configured

PASS

Viewport properly configured

Viewport meta tag is present

width=device-width is set

User zooming is allowed

Viewport Configuration Good

Content

width=device-width, initial-scale=1

width=device-width

Responsive layout enabled

initial-scale=1

Correct initial zoom level

User zooming allowed

Accessibility-friendly — users can zoom

A+

Browser Fingerprinting

No browser-fingerprinting libraries detected

PASS

No browser-fingerprinting libraries detected

A+

Cross-Site Cookies (SameSite=None)

No cookies on the page

PASS

No cookies on the page

No cookies set on the page response

A+

Beacon Tracking (sendBeacon)

No navigator.sendBeacon usage detected in inline scripts

PASS

No navigator.sendBeacon usage detected in inline scripts

A+

Cookie & Tracker Inventory

0 cookies · 13 trackers · 0 pre-consent

PASS

0 cookies · 13 trackers · 0 pre-consent

13 third-party tracker(s) detected on page

0 cookies · 13 trackers · 0 third-party No pre-consent violations

Third-party trackers (13)

Tracker	Category	Consent
Apple	Analytics	Requires consent
Facebook	Analytics	Requires consent
Facebook SDK	Analytics	Requires consent
Google Search Console	Analytics	Requires consent
Hotjar	Session Replay	Informational
Adform	Advertising	Requires consent
CallTrackingMetrics	Analytics	Requires consent
Facebook Pixel	Analytics	Requires consent
Google Analytics	Analytics	Requires consent
Google Tag Manager	Tag Manager	Informational
HubSpot	Marketing	Requires consent
HubSpot Analytics	Analytics	Requires consent
StackAdapt	Advertising	Requires consent

Regulatory Indicators

0 regulatory indicator(s) detected

INFO

0 regulatory indicator(s) detected

This is a technical scan, not a legal assessment

BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.

No specific regulatory indicators detected

No strong signals for GDPR, CCPA, ADA, PCI, HIPAA, or COPPA were found. This does not mean these regulations don't apply — it means we didn't detect common technical indicators.

This is a technical scan, not a legal assessment.

BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.

No specific regulatory indicators detected.

This does not mean no regulations apply.

Third-Party Data Sharing

5 third-party service(s) detected

INFO

5 third-party service(s) detected

Data inventory for transparency purposes

This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.

5 third-party services across 5 categories

5 third-party services detected across 5 categories: Analytics (1), Tag Management (1), Advertising (1), Session Recording (1), Marketing (1). Each of these services receives some user data from your site visitors.

Google Analytics (Analytics)

Detected via script URL. Typically collects: Page views, User behavior, Demographics, Device info, IP address. Privacy policy: https://policies.google.com/privacy. Data Processing Agreement available.

Got: Category: Analytics | Data types: Page views, User behavior, Demographics, Device info, IP address

Google Tag Manager (Tag Management)

Detected via script URL. Typically collects: Orchestrates other tracking scripts, Page views. Privacy policy: https://policies.google.com/privacy. Data Processing Agreement available.

Got: Category: Tag Management | Data types: Orchestrates other tracking scripts, Page views

Facebook Pixel (Advertising)

Detected via script URL. Typically collects: Page views, Conversions, User behavior, Ad targeting. Privacy policy: https://www.facebook.com/privacy/policy. Data Processing Agreement available.

Got: Category: Advertising | Data types: Page views, Conversions, User behavior, Ad targeting

Hotjar (Session Recording)

Detected via script URL. Typically collects: Session recordings, Heatmaps, Click patterns, Form interactions. Privacy policy: https://www.hotjar.com/privacy/. Data Processing Agreement available.

Got: Category: Session Recording | Data types: Session recordings, Heatmaps, Click patterns, Form interactions

HubSpot (Marketing)

Detected via script URL. Typically collects: Lead tracking, Form submissions, Page views, Email tracking. Privacy policy: https://legal.hubspot.com/privacy-policy. Data Processing Agreement available.

Got: Category: Marketing | Data types: Lead tracking, Form submissions, Page views, Email tracking

Analytics (1)

Tag Management (1)

Advertising (1)

Session Recording (1)

Marketing (1)

Google Analytics Analytics

Detected by: script URL

Data typically collected:

Page viewsUser behaviorDemographicsDevice infoIP address

Privacy policy → DPA available ✓

Google Tag Manager Tag Management

Detected by: script URL

Data typically collected:

Orchestrates other tracking scriptsPage views

Privacy policy → DPA available ✓

Facebook Pixel Advertising

Detected by: script URL

Data typically collected:

Page viewsConversionsUser behaviorAd targeting

Privacy policy → DPA available ✓

Hotjar Session Recording

Detected by: script URL

Data typically collected:

Session recordingsHeatmapsClick patternsForm interactions

Privacy policy → DPA available ✓

HubSpot Marketing

Detected by: script URL

Data typically collected:

Lead trackingForm submissionsPage viewsEmail tracking

Privacy policy → DPA available ✓

This inventory identifies services receiving visitor data.

Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.

Readability Scores

2555 words, Flesch-Kincaid grade 10.0

INFO

Readability Analysis (Flesch-Kincaid)

Grade Level

10.0

Grade 10 (high school)

Reading Ease

54

Fairly Difficult

Words

2555

Sentences

149