Aller au contenu principal
ConformiteWeb
Back to home
Complete audit

43 automatic checks

Every website audited by ConformiteWeb goes through 43 checks covering GDPR compliance, WCAG accessibility, and technical security. Each checkpoint is listed below.

12
RGPD
18
Accessibility
13
Security

RGPD12 checks

General Data Protection Regulation compliance — cookies, consent, user rights.

1

Google Analytics without consent

Detection of Google Analytics trackers loaded before consent

RGPD
2

Undeclared third-party cookies

Verification of non-consented or undeclared third-party cookies

RGPD
3

Privacy policy present

Existence and compliance of privacy policy

RGPD
4

Right to access data

Validation of access rights and CNIL request mechanisms

RGPD
5

Right to be forgotten

Verification of data deletion procedures

RGPD
6

Data retention duration stated

Clear mention of retention periods by data type

RGPD
7

Legal basis explicit

Justification of legal basis for each processing

RGPD
8

Third parties declared

Complete list of processors and partners

RGPD
9

DPA signed with vendors

Data processing agreements in place

RGPD
10

International transfers validated

Legal mechanisms for non-EU transfers

RGPD
11

Legal notices compliant

Mandatory publisher information present

RGPD
12

DPO contact visible

Data Protection Officer contact information

RGPD

Accessibilité18 checks

Web accessibility according to WCAG 2.2 criteria — contrasts, keyboard navigation, ARIA, readability.

1

Text contrast (WCAG AA)

Minimum contrast ratio 4.5:1 for text

Accessibilité
2

Graphic contrast (WCAG AA)

Minimum 3:1 ratio for graphical elements

Accessibilité
3

Complete keyboard navigation

Access to all features via keyboard

Accessibilité
4

Logical tab order

Focus follows natural reading order

Accessibilité
5

Focus visible

Clear indication of focused elements

Accessibilité
6

Explicit labels

Form fields properly labeled

Accessibilité
7

ARIA required

ARIA attributes present where needed

Accessibilité
8

ARIA hidden appropriate

Correct use of aria-hidden

Accessibilité
9

No focus trap

Keyboard not restricted in modals

Accessibilité
10

Image alt text

Descriptive alt text for all images

Accessibilité
11

Video captions

Captions or transcripts available

Accessibilité
12

Audio description

Audio description for complex video

Accessibilité
13

Not color alone

Information conveyed without color dependency

Accessibilité
14

No flashing content

Nothing flashing more than 3 times/sec

Accessibilité
15

Responsive at 200% zoom

Functional without loss at 200% zoom

Accessibilité
16

Target size 44×44px minimum

Buttons and interactive elements large enough

Accessibilité
17

Page language declared

Lang attribute on <html>

Accessibilité
18

No auto redirect

Redirects controlled by user

Accessibilité

Sécurité13 checks

Technical website security — HTTPS, HTTP headers, protection against common attacks.

1

HTTPS enforced

Transport encryption enabled

Sécurité
2

HSTS header present

Strict-Transport-Security configured

Sécurité
3

Content Security Policy

CSP header properly configured

Sécurité
4

X-Frame-Options

Clickjacking protection

Sécurité
5

X-Content-Type-Options

MIME sniffing prevention

Sécurité
6

No inline scripts

Scripts loaded from external files

Sécurité
7

No eval()

Dynamic code avoided

Sécurité
8

CSRF tokens on forms

CSRF attack protection

Sécurité
9

No sensitive errors

Generic error messages in production

Sécurité
10

No source maps

Debug files not served

Sécurité
11

Dependencies updated

No known vulnerable packages

Sécurité
12

No SQL injection

Parameterized queries only

Sécurité
13

Sensitive data encrypted

Encryption at rest for sensitive data

Sécurité

Launch your audit in 60 seconds

Check your website's compliance with all 43 checkpoints for free.

Start free audit