Privacy Audit
developer/v1/domain/privacy-auditAnalyzes cookies, consent management sophistication, privacy policy content, third-party trackers, CCPA/CPRA compliance signals, and cookie wall detection for privacy regulation readiness assessment. Checks for GDPR elements in privacy policy content (data rights, legal basis, DPO, transfer mechanisms) and CCPA terms (California disclosures, right to know/delete). Note: this is a static HTML analysis that detects compliance signals and documentation presence — it cannot verify cookie-blocking behavior before consent or test opt-out mechanism functionality, which require browser-based testing.
What It Does
Performs a privacy audit: inventories first-party and third-party cookies with security attributes (Secure, HttpOnly, SameSite), detects consent management platforms with sophistication analysis (IAB TCF API, granular consent categories, reject-all buttons, Google Consent Mode v2), fetches and analyzes privacy policy content for GDPR terms (data rights, legal basis, DPO contact, transfer mechanisms) and CCPA terms (California disclosures), identifies third-party trackers by category, evaluates CCPA signals (Do Not Sell link detection), detects cookie walls (GDPR/ePrivacy violation), and computes enhanced compliance indicators for GDPR and CCPA readiness based on substantive content analysis. Returns a score, grade, per-component breakdown, and actionable recommendations.
Why It's Useful
Privacy regulations (GDPR, CPRA, ePrivacy Directive) carry significant fines for non-compliance. Websites frequently add tracking scripts without proper consent mechanisms. This audit provides the visibility needed to maintain compliance.
Use Cases
GDPR Compliance Check
Audit websites for tracking technologies that require consent under GDPR.
Identify compliance gaps before they result in regulatory fines.
Cookie Audit
Inventory all cookies set by the website including third-party cookies and security attributes.
Maintain an accurate cookie inventory for privacy notices.
Vendor Privacy Assessment
Evaluate vendor websites for tracker usage and consent management as part of procurement.
Assess vendor privacy practices before sharing user data.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | The domain to audit privacy forExample: example.com |
Response Fields
| Field | Type | Description |
|---|---|---|
domain | string | The audited domain |
cookies | object | Cookie inventory: first-party, third-party, session, persistent |
consentManagement | object | Consent banner detection: provider, IAB TCF API, granular consent categories, reject-all button, Google Consent Mode v2, cookie wall detection |
privacyPolicy | object | Privacy policy presence, URL, and content analysis (GDPR/CCPA term detection) |
thirdPartyTrackers | object | Tracker inventory by category |
ccpa | object | CCPA compliance signals: Do Not Sell link detection and URL |
complianceIndicators | object | GDPR and CCPA readiness flags including Do Not Sell link and cookie wall detection |
score | number | Privacy score 0-100 |
grade | string | Letter grade A-F |
gradeDescription | string | Human-readable description of the grade (e.g., "Very Good - strong posture") |
breakdown | object | Per-component score breakdown: cookieSecurity (20), consentQuality (25), privacyPolicy (12), trackerCount (13), firstPartyOnly (10), ccpaSignals (12), cookieWall (8) |
recommendations | array | Privacy improvement actions |
confidence | object | Result confidence indicator: level (high/medium/low) and limitations list |
Code Examples
curl "https://api.edgedns.dev/v1/domain/privacy-audit" \
-H "Authorization: Bearer YOUR_API_KEY" \
-d "domain=example.com"const response = await fetch(
'https://api.edgedns.dev/v1/domain/privacy-audit?domain=example.com',
{
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
}
);
const data = await response.json();
console.log(data);import requests
response = requests.get(
'https://api.edgedns.dev/v1/domain/privacy-audit',
headers={'Authorization': 'Bearer YOUR_API_KEY'},
params={
'domain': 'example.com'
}
)
data = response.json()
print(data)Read the full Privacy Audit guide
Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.
Read the guide →Related Endpoints
External References
Learn more about the standards and protocols behind this endpoint.
Try This Endpoint
Test the Privacy Audit endpoint live in the playground.