Privacy Review

A holistic, AI-powered compliance assessment that evaluates your codebase against privacy requirements and delivers executive-level findings with root cause analysis.

Data Handling Principles

Purpose limitation, data minimization, accuracy, and storage limitation — are you collecting only what you need, for clearly defined purposes?

Legal Basis for Processing

Consent validity, legitimate interests, and contractual necessity — does your code enforce the legal basis you claim?

Individual Rights

Access, erasure, portability, objection, and restriction — can users actually exercise their rights through your application?

Security & Technical Safeguards

Privacy by design, encryption, access controls, and incident logging — are the right technical measures in place?

Governance & Accountability

Impact assessments, processing records, and controller obligations — can you demonstrate compliance, not just claim it?

Sample output

What a Privacy Review delivers — illustrated with a fictional e-commerce SaaS

34 Requirements evaluated18 Verified12 Unverified4 Contradicted

Executive Summary

The codebase collects user email addresses and behavioral analytics but lacks explicit purpose declarations for each processing activity. Consent mechanisms exist but do not cover all data flows. Deletion endpoints are present for user accounts but do not cascade to third-party integrations.

Root Causes

Missing purpose specification for analytics data

4 requirements affected

Analytics events are collected across 6 modules without a documented processing purpose. This affects purpose limitation, consent scope, and transparency requirements.

Add a data processing manifest (e.g. PROCESSING_PURPOSES.md or a config file) that maps each analytics event to a specific, declared purpose.

Incomplete deletion cascade to third-party services

3 requirements affected

The user deletion endpoint removes the local database record but does not propagate deletion requests to the payment processor or email marketing service.

Extend the deletion handler to issue API calls to connected third-party services when a user exercises their right to erasure.

Requirement Findings

Verified
Data MinimizationData Handling Principles

User registration collects only email and display name. No excessive fields were found in the signup flow.

Unverified
Purpose LimitationData Handling Principles

Analytics events are emitted in 6 modules but no explicit processing purpose is declared for behavioral data collection.

Unverified
Consent MechanismLegal Basis

A cookie banner is present but does not gate analytics script loading. Scripts fire before user interaction with the consent dialog.

Contradicted
Right to ErasureIndividual Rights

A deletion endpoint exists at /api/users/:id but does not cascade to the Stripe customer record or Mailchimp subscriber list.

Verified
Encryption at RestTechnical Safeguards

Database connection uses TLS. S3 bucket policy enforces server-side encryption for all stored objects.

Contradicted
Records of ProcessingGovernance

No data processing inventory or records of processing activities were found in the repository.

Open Questions

Is behavioral analytics data shared with any third-party advertising networks?

The codebase includes a Google Analytics integration but the data sharing configuration could not be determined from code alone.