🔒 Zero-Retention · Code scanned in memory, never stored
Don't let sloppy GDPR code shave 20% off your SaaS valuation.
3-minute automated privacy & backend code audit purpose-built for Micro-SaaS founders looking to exit. Get a buyer-ready compliance scorecard before due diligence begins.
Scan a public repo
This deployment shows rule coverage. Run `npm run dev` locally for live scanning on a real repo.
This Vercel deployment shows rule coverage only. Live scanning (git clone + Semgrep) runs in local dev (
npm run dev) or a Railway container (planned, see ROADMAP.md).Rule coverage — 10 GDPR rules (Art.5 / 6 / 7 / 17 / 28 / 32)
gdpr-hardcoded-secret
· ·
gdpr-plaintext-personal-data-storage
· ·
gdpr-missing-consent-analytics
· ·
gdpr-logging-sensitive-data
· ·
gdpr-missing-right-to-erasure
· ·
gdpr-insecure-http
· ·
gdpr-third-party-data-sharing
· ·
gdpr-cookie-without-consent
· ·
gdpr-sql-injection-risk
· ·
gdpr-pii-hardcoded-email
Art.5(1)(f) · ·