https://smithsonianmag.com
Compliance
· 13 checks — WCAG, consent & privacy, language, viewport, cookie inventory, and legal pages rolled into one auditable list.SCORE
87
GRADE
B
FIX
0
REVIEW
3
PASS
7
INFO
3
Checks
137 PASS 3 REVIEW
BThird-Party Trackers13 trackers detectedREVIEW
Third-Party Trackers
13 trackers detected
13 trackers detected
Info::
13 third-party trackers detected
Found 9 analytics, 2 advertising, 1 marketing, 1 tag manager trackers.
Got: 13 trackers
Warning::
2 advertising/retargeting trackers detected
Advertising trackers collect user data for ad targeting. Under GDPR, these typically require explicit consent.
Warning::
Session replay tool detected: Microsoft Clarity
Session replay tools record user interactions. These require clear disclosure and often explicit consent under GDPR.
CLegal Page EcosystemAction2 of 7 expected legal pages detectedREVIEW
Legal Page Ecosystem
Action2 of 7 expected legal pages detected
2 of 7 expected legal pages detected
Info::
Privacy Policy detected
Found at /privacy/, linked from footer.
Got: /privacy/
Info::
Terms of Service detected
Found at https://www.si.edu/termsofuse, linked from footer.
Got: https://www.si.edu/termsofuse
Info::
Cookie Policy not detected
No link matching common Cookie Policy URL patterns or link text was found. Most websites are expected to have a Cookie Policy, especially those collecting user data.
Info::
Accessibility Statement not detected
No link matching common Accessibility Statement URL patterns or link text was found. Most websites are expected to have a Accessibility Statement, especially those collecting user data.
Info::
DMCA / Copyright Notice not detected
No link matching common DMCA / Copyright Notice URL patterns or link text was found. Most websites are expected to have a DMCA / Copyright Notice, especially those collecting user data.
Info::
Refund / Returns Policy not detected
No link matching common Refund / Returns Policy URL patterns or link text was found. Most websites are expected to have a Refund / Returns Policy, especially those collecting user data.
Info::
Acceptable Use Policy not detected
No link matching common Acceptable Use Policy URL patterns or link text was found. Most websites are expected to have a Acceptable Use Policy, especially those collecting user data.
Privacy Policy/privacy/
footer
Terms of Servicehttps://www.si.edu/termsofuse
footer
Cookie PolicyNot found
Accessibility StatementNot found
DMCA / Copyright NoticeNot found
Refund / Returns PolicyNot found
Acceptable Use PolicyNot found
2 of 7 common legal pages detected
CCompliance BadgesAction0 compliance badge(s) detectedREVIEW
Compliance Badges
Action0 compliance badge(s) detected
0 compliance badge(s) detected
Info::
No compliance badges detected
No recognized compliance certification badges or seals were found. This is common — many sites do not display compliance badges.
SOC 2
ISO 27001
PCI DSS
GDPR Certified
HIPAA Compliant
Better Business Bureau
TRUSTe / TrustArc
Privacy Shield
McAfee SECURE / TrustedSite
Norton Secured
Badge detection is based on image alt text, link URLs, and page content. Detection does not verify that certifications are current or valid.
A+WCAG ComplianceNo testable criteriaPASS
WCAG Compliance
No testable criteria
No testable criteria
Level A
Level AA
0
Passed
0
Failed
0
Partial
0
Manual review
0
Not tested
Key accessibility barriers
Links with unclear purpose
12 link(s) have empty or generic text
Screen reader users navigating by link list
Form controls without labels
Assistive technology cannot identify 1 input(s)
Screen reader and voice-control users
Automated testing covers ~30–40% of WCAG criteria. Manual review is recommended for full conformance.
Full WCAG 2.1 AA compliance checklist — paste into a client deliverable or ticket
A+Cookie Consent & Privacyprivacy policy foundPASS
Cookie Consent & Privacy
privacy policy found
privacy policy found
Info::
Privacy policy link found
Got: https://www.salesforce.com/company/privacy/
Info::
No terms of service link detected
Info::
No cookie consent banner detected
Info::
This is an automated check, not legal advice
BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.
Consent Banner Not detected Privacy Policy https://www.salesforce.com/company/privacy/ Terms of Service —
No cookies set before user interaction.
This is an automated check, not legal advice. Consult a privacy professional for GDPR/CCPA compliance.
BeaverCheck detects technical indicators of consent management. This does not constitute a legal compliance assessment. Consult a privacy professional for GDPR/CCPA compliance.
Why this matters
Disclaimer: legal-page checks identify presence/absence; consult counsel for legal sufficiency.
ALanguage & i18nLang attribute presentPASS
Language & i18n
Lang attribute present
Lang attribute present
Info::
<html lang> attribute is present
Info::
<html lang> value is valid
Info::
No Content-Language HTTP header
Info::
Language signals are inconsistent
The <html lang> attribute and Content-Language header should agree.
Page Language DetectedContent-Language Header ——Consistent No—
The <html lang> attribute and Content-Language header should agree.
Why this matters
<html lang>, Content-Language, or og:locale disagree — pick one source of truth and align the others.
Learn more ▾ ▴
Browsers and assistive tech use different sources for language. When they disagree, behavior is undefined: some pronounce by <html lang>, some by Content-Language. Decide on the canonical language for the page and set all signals to match.
Source: WCAG 2.1 SC 3.1.1
A+Readability & TypographyFont sizes and tap targets checkedPASS
Readability & Typography
Font sizes and tap targets checked
Font sizes and tap targets checked
A+Viewport ConfigurationViewport properly configuredPASS
Viewport Configuration
Viewport properly configured
Viewport properly configured
Info::
Viewport meta tag is present
Info::
width=device-width is set
Info::
User zooming is allowed
Viewport Configuration Good
Content
width=device-width, initial-scale=1
width=device-width
Responsive layout enabled
initial-scale=1
Correct initial zoom level
User zooming allowed
Accessibility-friendly — users can zoom
A+Copyright Notice© 2026 Smithsonian Magazine Privacy Statement [5/20/25] CPASS
Copyright Notice
© 2026 Smithsonian Magazine Privacy Statement [5/20/25] C
© 2026 Smithsonian Magazine Privacy Statement [5/20/25] C
Info::
Copyright notice is up to date
Copyright notice is up to date: © 2026 Smithsonian Magazine Privacy Statement [5/20/25] C
Got: © 2026 Smithsonian Magazine Privacy Statement [5/20/25] C
Info::
Copyright holder: Smithsonian Magazine Privacy Statement [5/20/25] C
Copyright Notice ✓ Up to Date
© 2026 Smithsonian Magazine Privacy Statement [5/20/25] C
Year 2026 Entity Smithsonian Magazine Privacy Statement [5/20/25] C
Regulatory Indicators2 regulatory indicator(s) detectedINFO
Regulatory Indicators
2 regulatory indicator(s) detected
2 regulatory indicator(s) detected
Info::
This is a technical scan, not a legal assessment
BeaverCheck detects technical indicators that may suggest regulatory relevance. This is not a compliance audit and should not be relied upon for legal decisions. Consult qualified legal counsel for compliance assessments.
Info::
GDPR indicators detected (strong confidence)
Indicators suggesting GDPR may be relevant: Consent management platform detected: cookielaw.org; Privacy policy page found. EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.
Got: 2 indicators: Consent management platform detected: cookielaw.org, Privacy policy page found
Info::
CCPA indicators detected (strong confidence)
Indicators suggesting CCPA may be relevant: Text mentions: california consumer privacy act; Text mentions: do not sell; Link text: Do Not Sell My Personal Information. California Consumer Privacy Act — gives California residents rights over their personal data.
Got: 3 indicators: Text mentions: california consumer privacy act, Text mentions: do not sell, Link text: Do Not Sell My Pers…
This is a technical scan, not a legal assessment.
BeaverCheck detects technical indicators that may suggest regulatory relevance. This should not be relied upon for legal decisions. Consult qualified legal counsel.
GDPR Strong
EU General Data Protection Regulation — governs collection and processing of personal data of EU residents.
Indicators detected
- Consent management platform detected: cookielaw.org
- Privacy policy page found
CCPA Strong
California Consumer Privacy Act — gives California residents rights over their personal data.
Indicators detected
- Text mentions: california consumer privacy act
- Text mentions: do not sell
- Link text: Do Not Sell My Personal Information
Third-Party Data Sharing3 third-party service(s) detectedINFO
Third-Party Data Sharing
3 third-party service(s) detected
3 third-party service(s) detected
Info::
Data inventory for transparency purposes
This inventory identifies third-party services that receive data from your site visitors. Under regulations like GDPR (Article 30), maintaining records of data processing activities is commonly considered a best practice. This automated scan provides a starting point — it may not capture all data flows.
Info::
3 third-party services across 3 categories
3 third-party services detected across 3 categories: Analytics (1), Tag Management (1), Advertising (1). Each of these services receives some user data from your site visitors.
Info::
Google Analytics (Analytics)
Detected via script URL. Typically collects: Page views, User behavior, Demographics, Device info, IP address. Privacy policy: https://policies.google.com/privacy. Data Processing Agreement available.
Got: Category: Analytics | Data types: Page views, User behavior, Demographics, Device info, IP address
Info::
Google Tag Manager (Tag Management)
Detected via script URL. Typically collects: Orchestrates other tracking scripts, Page views. Privacy policy: https://policies.google.com/privacy. Data Processing Agreement available.
Got: Category: Tag Management | Data types: Orchestrates other tracking scripts, Page views
Info::
Facebook Pixel (Advertising)
Detected via script URL. Typically collects: Page views, Conversions, User behavior, Ad targeting. Privacy policy: https://www.facebook.com/privacy/policy. Data Processing Agreement available.
Got: Category: Advertising | Data types: Page views, Conversions, User behavior, Ad targeting
Analytics (1)
Tag Management (1)
Advertising (1)
Google Analytics Analytics
Detected by: script URL
Data typically collected:
Page viewsUser behaviorDemographicsDevice infoIP address
Privacy policy → DPA available ✓
Google Tag Manager Tag Management
Detected by: script URL
Data typically collected:
Orchestrates other tracking scriptsPage views
Privacy policy → DPA available ✓
Facebook Pixel Advertising
Detected by: script URL
Data typically collected:
Page viewsConversionsUser behaviorAd targeting
Privacy policy → DPA available ✓
This inventory identifies services receiving visitor data.
Under regulations like GDPR Article 30, maintaining records of data processing is commonly considered a best practice. This scan provides a starting point.
Readability Scores2536 words, Flesch-Kincaid grade 16.1INFO
Readability Scores
2536 words, Flesch-Kincaid grade 16.1
Readability Analysis (Flesch-Kincaid)
Grade Level
16.1
Grade 16 (college+)
Reading Ease
34
Difficult
Words
2536
Sentences
83
All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.