Skip to main content
MONITOR. DETECT. PROTECT.

Catch trust gaps on client websites
before visitors do.

PolicyGen scans any client website for missing policy links, undisclosed tracking scripts, SSL signals, and trust-breaking changes — then keeps watching so you know when something breaks before your client does.

Paste any client URL. Get a shareable trust report in under 60 seconds — no account needed.

Trust signals monitored
LINK
Policy links
Privacy, terms, cookie, refund, shipping, and contact paths.
PIXEL
Tracking signals
Analytics, pixels, tag managers, and obvious disclosure signals.
SSL
Security-lite
HTTPS, SSL status, security headers, and risky public endpoints.
PATH
Customer paths
Contact forms, visible email addresses, cart/checkout page presence, and console errors.
FIX
Client-ready findings
Severity, evidence, and next steps you can share directly with clients.

What you can do with client sites

Scan any client URL in seconds, then add monitoring to track trust signal changes across all your client sites over time.


About this project

Built for web agencies managing client trust

PolicyGen is built for web agencies, freelancers, and small teams that need a fast, practical way to find trust gaps on client websites before visitors — or clients — notice them.

Automated checks are not a legal review, but they surface missing policy links, undisclosed trackers, broken pages, and SSL signals that your clients expect you to catch.

Plain language
Priority issues explained in terms that non-lawyers can act on.
No dark patterns
No manufactured urgency and no claims that an automated scan certifies your website.
Best-effort monitoring
Websites change. Run checks again when you ship new pages, scripts, or customer paths.
Your data is yours
Monitoring records and scan history belong to you. Export at any time, no lock-in.

Going deeper

When one scan is not enough

Trust monitoring needs continuity — tracking changes, storing scan history, and reviewing findings across a team or multiple client websites over time.

Create an account →
Review records

Keep website scan history, notes, and monitoring findings together.

Continuous scanning

Scheduled scans of your web properties with change detection alerts.

Multi-site monitoring

Monitor all your client sites from one dashboard and catch trust-breaking issues before your clients notice.

Evidence snapshots

Keep dated scan records so changes can be reviewed against previous website signals.

Trust & transparency signals monitored

PolicyGen checks visible, publicly observable signals on your website. Built around common privacy and transparency expectations — not regulatory certification.

Privacy & transparency
Policy page presence
Checks whether privacy policy, terms of service, cookie policy, refund, and contact pages are present and reachable from the homepage.
Tracking disclosures
Analytics & pixel detection
Detects Google Analytics, Tag Manager, advertising pixels, and other tracking scripts — then checks whether a corresponding cookie or tracking disclosure is visible.
Security-lite signals
HTTPS & header checks
Checks HTTPS redirect, SSL certificate validity and expiry, and the presence of basic security response headers. No exploitation or penetration testing.
Customer trust paths
Contact & checkout visibility
Checks whether contact forms, visible email addresses, and cart or checkout links appear reachable. Surface-level only — no forms are submitted and no payments are processed.
Change detection
Monitoring & drift alerts
Scheduled re-scans compare current signals against previous results. Flags when policy pages disappear, tracking scripts change, or new trust issues appear. Monitoring plans only.
Client-ready findings
Prioritised issue summaries
Each finding includes what was detected, why it matters, and a clear next step — written plainly so you can share it directly with clients.
What PolicyGen does not do
  • Certify regulatory compliance
  • Replace legal review or counsel
  • Determine whether a regulation applies to your business
  • Submit forms, process transactions, or access authenticated pages
  • Scan internal systems, APIs, or data storage

What signals do popular sites publish?

View signal index →
E-commerce
1 Squarespace 90%
2 Shopify 89%
3 WooCommerce 86%
SaaS
1 Calendly 94%
2 Airtable 86%
3 Notion 83%
Fintech
1 Wise 90%
2 Square 83%
3 Stripe 83%

What gets caught

These are the kinds of issues monitoring surfaces automatically — things that break quietly after a site update, a redesign, or a third-party change.

Detected
Privacy policy link disappeared after redesign.
Homepage no longer links to /privacy. Flagged on the next scheduled scan.
Detected
New tracking script added without a matching disclosure.
A Meta pixel was added to the site. No cookie notice references it.
Detected
Cookie banner no longer visible on the homepage.
Previously present. Missing after a theme update. Tracking scripts still active.
Detected
Checkout page terms link became inaccessible.
The linked terms page returns a 404. Visible on cart and checkout pages.
Detected
SSL certificate approaching expiry.
Certificate expires in 12 days. Site currently accessible but renewal is overdue.
Detected
Contact page no longer reachable from the homepage.
No visible email address or contact link found. Link in footer now broken.