Free Website Compliance Tools

Dutch SMEs face the same compliance demands as large corporations. A GDPR-compliant website, a cookie banner that actually works, a privacy policy that reflects how you really process data. The difference is budget.

A GDPR audit from a law firm costs €2,000–€15,000. A paid CMP starts around €10 per month and scales up fast once traffic exceeds 50,000 visits. For a bakery website, a dentist's practice page, or a small online shop with 20 products, that's disproportionate.

The tools on this page cover the most common checks. They don't replace legal advice. They tell you what's broken and how to fix it, in language your web developer can understand.

Each tool targets a specific point that regulators sanction. The Autoriteit Persoonsgegevens (AP) has issued fines for cookie violations and actively monitors websites under the Telecommunicatiewet. The CNIL fined Google €325 million in September 2025 for cookie practices on Gmail. The Belgian DPA fined IAB Europe €250,000 for its Transparency and Consent Framework. The same flaws exist, on a smaller scale, across thousands of Dutch SME websites.

The cookie checker loads your page in a clean browser and checks which cookies are set before any click. If Google Analytics fires on page load, that's a problem. The security headers checker reads your HTTP responses and verifies the presence of CSP, HSTS, X-Content-Type-Options and others. Missing these headers isn't a direct GDPR violation, but it weakens your position under Article 32 GDPR (appropriate technical measures).

The privacy policy generator produces a document that matches your actual situation: the right processors, purposes, and retention periods. It's not a copy-paste of a generic template.

Free tools answer one question at a time. Does your cookie banner respect refusal? Are your headers configured? Does your privacy policy cover the 14 elements of Articles 13 and 14 GDPR?

The full scan answers a broader question: is this site ready for an AP inspection? It covers 7 categories in one pass, produces a shareable report for your web developer, and costs €9 for the detailed version.

For sites with fewer than ten pages and no e-commerce, free tools often suffice. For e-commerce, medical, legal, or any site processing sensitive data, the full scan is worth every cent of those nine euros.

For a first diagnosis, start with the free 60-second scan before moving to individual tools.

Are the free tools really free?

Yes. No signup, no credit card, no 7-day trial. You enter a URL, you get a result. The €9 detailed scan is optional and only unlocks the full report from the main scan, not these tools.

Are they suitable for Dutch sites?

Yes. The GDPR is an EU-wide regulation, so the core rules are identical across member states. The AP (Autoriteit Persoonsgegevens) enforces both the GDPR and the Telecommunicatiewet for cookie rules. The AP publishes guidance on cookies that our tools align with.

Can I use these tools to audit a client's site?

Yes. Many web designers, SEO consultants, and agencies use them before delivering a site. If you audit multiple sites per week, the Pro report becomes useful.

Are results legal proof?

No. This is technical analysis. It shows what an automated crawler sees, similar to how an AP inspector first checks a site's public behaviour. For formal proof, a notary or specialist firm is needed.

Is my test data stored?

No. We only scan public pages, like any visitor. We don't store scanned URLs beyond the time needed to display the result.