Privacy Compliance Analysis

LLMSE evaluates the visible privacy posture of web pages by detecting cookie consent mechanisms, privacy and cookie policy links, CCPA "Do Not Sell" links, third-party tracker scripts, consent-gated loading patterns, and data processing disclosure text. This grades HTML-visible privacy signals, not full GDPR compliance (which requires runtime analysis).

Privacy Compliance Grading

Every classified website receives a Privacy Compliance grade:

A Excellent (90-100) — Comprehensive privacy posture with consent banner, policies, and proper tracker gating

B Good (80-89) — Strong privacy signals with minor gaps

C Fair (70-79) — Missing critical privacy elements

D Poor (60-69) — Multiple privacy requirements missing

F Failing (<60) — No meaningful privacy posture detected

What We Detect

Seven categories of privacy compliance signals are analyzed:

Consent Banner Cookie consent banners and CMPs (OneTrust, Cookiebot, CookieYes, Termly, Usercentrics, iubenda, and 15+ more)

Privacy Policy Privacy policy links detected by URL pattern (/privacy, /datenschutz) or link text

Cookie Policy Separate cookie policy links (/cookie-policy, /cookies, /use-of-cookies)

Do Not Sell CCPA/CPRA "Do Not Sell or Share My Personal Information" links and privacy choices

Tracker Scripts 40+ third-party tracker domains enumerated (Google Analytics, Facebook Pixel, HotJar, Segment, etc.)

Consent Gating Scripts gated behind cookie consent via type="text/plain" with data-cookieconsent attributes

Data Processing Visible data processing disclosure text ("we use cookies", "personal data", "GDPR", "data controller")

Scoring Logic

Deduction-based scoring starts at 100 points:

Critical -15 points — No cookie consent banner or CMP detected

Critical -15 points — No privacy policy link detected

Warning -5 points — No separate cookie policy link

Warning -5 points — No "Do Not Sell" or "Do Not Share" link (CCPA)

Warning -5 points — 5+ third-party tracker scripts detected

Info -1 point — Tracker scripts not behind consent gate

Info -1 point — No data processing disclosure text

Full Reports via MCP & API

Get detailed privacy compliance reports with detected signals and recommendations:

MCP Server

Use the analyze_privacy tool through your AI assistant:

"Check privacy compliance for https://example.com"

Set up via the LLMSE Public MCP server.

REST API

Call the Privacy endpoint directly:

GET /api/v1/privacy?url=https://example.com

See full parameters and response schema in the interactive API docs.

Browse by Privacy Grade

Filter classified websites by their Privacy Compliance grade:

privacy Grade A (Excellent) ?privacy=A

privacy Grade B (Good) ?privacy=B

privacy Grade C (Fair) ?privacy=C

privacy Grade D (Poor) ?privacy=D

privacy Grade F (Failing) ?privacy=F

Regulatory Context

The GDPR (EU), CCPA/CPRA (California), and the ePrivacy Directive require websites to obtain consent before setting non-essential cookies, provide clear privacy policies, and offer opt-out mechanisms. This analyzer checks for the HTML-visible signals of these requirements: consent banners, policy links, "Do Not Sell" links, and consent-gated script loading.

LLMSE detects 21+ CMP platforms (OneTrust, Cookiebot, CookieYes, Usercentrics, iubenda, and more) and enumerates 40+ tracker domains across analytics, advertising, and session replay categories.

Learn More

SEO Analysis — Technical SEO grading
EEAT Analysis — Content quality and trust signals
AEO Analysis — AI answer engine optimization
WCAG Accessibility — Automated accessibility checks
GARM Brand Safety — Brand suitability scoring
AI Disclosure — AI transparency compliance