Built on Law. Verified by Results.
Every finding SiteProof AI surfaces is mapped to a specific legal article — not a best guess. Here's how we approach website AI compliance scanning.
What We Analyze
Four principles that define how every free AI compliance scan works.
Public Surface Only
We analyze what any visitor sees: your pages, chatbots, forms, policies, and published content. We never access your backend, database, or internal systems.
Legal Precision
Every finding references a specific regulation and article (EU AI Act Article 50, GDPR Article 22, CCPA §1798.100). No generic warnings — only cited issues.
Point-in-Time Analysis
Each scan is a snapshot. Websites change; compliance requirements evolve. That's why continuous monitoring matters.
Honest Limitations
Automated scanning cannot detect internal AI tools, employee AI usage, or contractual obligations. We tell you what we can't see.
Four Compliance Modules
Each module focuses on a specific area of AI compliance. Together, they provide a comprehensive view of your website's compliance posture.
AI Disclosure Scanner
Checks whether your chatbots, AI-generated content, and automated decisions are disclosed as required by EU AI Act Article 50 transparency obligations.
What it detects
- Chatbots and virtual assistants not identified as AI-powered
- AI-generated content published without transparency disclosures
- Recommendation systems operating without adequate transparency
- Automated decision-making without required explanations
- Missing AI usage disclosures in terms of service or user-facing pages
AI Privacy Scanner
Detects GDPR and CCPA AI compliance gaps: missing cookie consent for AI tools, undisclosed data transfers to AI APIs, and inadequate privacy policies.
What it detects
- AI-related cookies deployed without proper consent mechanisms
- User data potentially sent to third-party AI APIs without notice
- Privacy policies that may not adequately address AI data processing
- International data transfers to AI model providers lacking safeguards
- AI systems processing personal data beyond disclosed purposes
AI Content Quality Scanner
Verifies your AI content disclosure requirements are met and flags AI-generated content that lacks proper labeling under emerging regulations.
What it detects
- Content exhibiting patterns commonly associated with AI generation
- Pages lacking E-E-A-T signals (Experience, Expertise, Authoritativeness, Trustworthiness)
- Thin or repetitive content that could trigger search engine quality filters
- Missing author attribution or editorial oversight indicators
- Content quality issues that could undermine regulatory credibility
AI Risk Assessment
A guided questionnaire that uncovers hidden compliance risks automated scanning cannot detect — internal AI tools, HR systems, vendor relationships.
What it detects
- Internal AI tools and systems not visible from outside your website
- AI-powered HR, recruitment, or employee monitoring systems
- Third-party AI vendor relationships creating shared compliance obligations
- Data processing activities that may require a DPIA
- AI governance gaps — missing policies, training, or oversight structures
Legal Frameworks We Cover
SiteProof AI covers the regulations most likely to apply to websites using AI in 2025–2026.
The world's first comprehensive AI regulation, establishing obligations for AI system providers and deployers based on risk levels.
Key articles
- Article 50 — Transparency obligations for deployers of certain AI systems
- Article 52 — Transparency for chatbots, deepfakes, and emotion recognition
- Articles 9 & 10 — Risk management and data governance for high-risk AI
- Article 26 — Obligations of deployers of high-risk AI systems
The General Data Protection Regulation governing personal data processing, with specific provisions relevant to AI systems.
Key articles
- Articles 5 & 6 — Principles and lawfulness of data processing
- Articles 13 & 14 — Transparency and information obligations
- Article 22 — Automated individual decision-making, including profiling
- Article 25 — Data protection by design and by default
- Article 35 — Data Protection Impact Assessment (DPIA)
- Articles 44–49 — International data transfers
California's consumer privacy laws granting residents rights over their personal information, including in AI contexts.
Key articles
- Right to know about personal information collected and shared
- Right to delete personal information
- Right to opt out of automated decision-making technology
- Right to non-discrimination for exercising privacy rights
Federal Trade Commission guidelines on AI transparency, fairness, and consumer protection in AI-powered services.
Key articles
- Prohibition of deceptive AI practices under Section 5
- Requirements for clear disclosure of AI use in consumer-facing applications
- Guidelines on AI-generated content and endorsements
- Enforcement actions against unfair or deceptive AI business practices
What We Don't Do
Transparency means being honest about our limitations.
We do NOT claim content is "X% AI-generated" — we identify characteristics that may warrant review
We do NOT guarantee compliance — we detect potential issues for your review
We do NOT replace legal advice — always consult a qualified professional for compliance decisions
We do NOT store the HTML of scanned websites — only URLs, findings, scores, and content hashes
We do NOT access password-protected areas — our analysis is limited to publicly accessible content
We do NOT execute JavaScript — our analysis is based on the static HTML source of your pages
We do not provide legal advice, legal certification, or regulatory approval. Our reports are informational tools designed to help your team identify and prioritize potential compliance gaps.
Data Privacy & Security
We take the security of your data seriously. Here's how we protect the information involved in every scan.
No HTML Storage
Raw HTML is discarded after analysis. We retain only a content hash for change detection between scans.
Robots.txt Respected
We honor your robots.txt directives. If you block our crawler, those pages will not be scanned.
Identifiable Crawler
Our crawler identifies itself in every request, allowing you to verify and control access through your robots.txt or server configuration.
Minimal Data Retention
We store only URLs, findings, compliance scores, and content hashes. Free scan data is deleted after 24 hours.
Ready to run your free AI compliance scan?
No signup. No credit card. Results in under 3 minutes.
Scan Your Site Free →No credit card required · Results in under 60 seconds
SiteProof AI is an automated analysis tool. Results are informational and do NOT constitute legal advice. Consult a qualified legal professional for compliance decisions.