Frequently asked questions
Is scanning my site safe? Could it break anything?
Yes, it's safe. The audit is external, non-intrusive and read-only: we only read what your site already serves, run a single pass, and never execute exploits or modify anything.
Do I need to install anything or grant access?
No. Just enter your URL — no agent, no plugin, no credentials. The entire audit runs from the outside.
Are my data and the audited site kept private?
Yes. No account is required, we use no advertising trackers, data is stored encrypted in the EU and purged automatically, and we never resell it.
What's the difference between EU and US mode?
EU mode checks GDPR, ePrivacy and NIS2 signals; US mode checks CCPA, COPPA and FTC. Pick your main market — you can add the other one at checkout at any time.
What do I get for free versus in the paid report?
The free preview shows your global score and issue counts. The paid report adds every finding in detail plus a prioritized, step-by-step action plan referenced to official standards.
What happens if the scan fails?
If a scan cannot complete for a technical reason (site unreachable, scan error), your payment is refunded automatically.
Do you guarantee compliance or better ranking?
No. CheckSpot identifies technical signals against public standards (OWASP, GDPR/CCPA, Google Core Web Vitals, Schema.org). It is an information tool — not a certification, and not a ranking guarantee.