Cookie Compliance Checker
Inside the cookie banner audit
Every scan is a full consent mode audit, run as a series of fresh, isolated browser sessions that act like a real visitor - cookies before consent, after Accept All, after Reject All, and with privacy signals like Global Privacy Control (GPC) and Google Consent Mode v2 enabled.
New to terms like CMP, IAB TCF, or Google Consent Mode v2? Read the plain-English glossary before diving into the scenarios below.
The scenarios
Six scenarios, each run in a fresh browser session, build up a complete compliance picture.
First Visit - No Prior Consent
What you'll get
- Which cookies are set before consent, and how each is classified
- Whether GA4, GTM, or ad pixels fire immediately on load
- Whether the banner actually blocks scripts until a choice is made
- A baseline privacy score for "do nothing" visitors
Accept All Cookies
What you'll get
- Which additional cookies and trackers appear after consent
- Whether Google Consent Mode v2 signals switch to "granted"
- Whether the banner disappears and the choice persists on reload
- The privacy score for a fully-opted-in visitor
Reject All Cookies
What you'll get
- Whether advertising and analytics cookies are actually removed or blocked
- Whether Consent Mode v2 signals stay "denied"
- Whether GA4, GTM, or ad pixels stop firing entirely
- The privacy score after a full opt-out - the strictest test
Global Privacy Control Signals
What you'll get
- Whether non-essential cookies are suppressed automatically when GPC is present
- Whether your CMP recognizes GPC as an opt-out signal at all
- Whether GPC alone produces a result at least as strict as Reject All
- CCPA/CPRA "Do Not Sell or Share" readiness, independent of any click
GPC Combined with Accept / Reject
What you'll get
- Whether GPC overrides an "Accept All" click for advertising cookies where required
- Whether Reject All + GPC together are at least as strict as Reject All alone
- Whether the CMP surfaces a conflict, or silently ignores GPC
Granular Consent - Analytics-only / Marketing-only
What you'll get
- Whether only the selected category's cookies and trackers actually fire
- Whether unselected categories (e.g. advertising when only Analytics was chosen) remain blocked
- Whether Consent Mode v2 signals reflect the granular choice per category
What you get from every audit
- Per-scenario cookie list with name, domain, expiry, and category classification
- A 0-100 privacy score per scenario, plus an overall average across all tests
- Global Privacy Control (GPC) and IAB TCF consent-string detection
- A Google Consent Mode v2 signal snapshot - ad_storage, analytics_storage, ad_user_data, and ad_personalization - before and after your choice
- CMP (cookie banner) vendor fingerprint and a screenshot of the consent banner
- HTTP status, page load evidence, and exit-IP region confirmation for every region tested
Frequently asked questions
See plans and pricing
Free scans cover the first-visit check, Accept All, and Reject All. Paid plans add GPC, granular consent, and 15-region coverage.