Frequently asked questions

CompliantHQ reviews four areas in one tool: cookies and tracking (GDPR and ePrivacy), digital accessibility (WCAG 2.2 AA / the EU Accessibility Act), policy & terms documents — privacy policy, cookie policy and purchase/usage terms against GDPR and Swedish consumer law — and AI transparency under the EU AI Act (the disclosure duty for AI chats, Article 50).

Both. The core is the regulations already in force — cookies and tracking (ePrivacy/GDPR), accessibility (WCAG 2.2 / the EU Accessibility Act) and policy & terms (GDPR). But when a new law is on the way we build the check in well before it takes effect, so you can see where you stand ahead of the deadline instead of scrambling to catch up afterwards. The freshest example is the EU AI Act: its transparency requirements become binding in August 2026, and the check is already live — we flag when a site has an AI chat where visitors need to be told they're talking to an AI.

No. We scan your public pages in an automated browser to see what loads (cookies, scripts, third-party requests, accessibility issues). The data we store is about your site, not about your site's visitors. We don't track your customers.

Yes. Every distinct URL we visit during a scan counts as one page. If your site has 50 unique URLs and we crawl them all, that's 50 pages. Pricing combines a flat per-site fee with a soft scaling on total page volume — each site includes 200 pages with no surcharge, and your sites share a common pool so unused pages on one site can be used by another. You can set a per-site cap in site settings if you want to limit volume on a particular site.

No. CompliantHQ is a monitoring and analysis tool. The AI advisor explains what we found, references the relevant rules and standards (ePrivacy, GDPR, WCAG, EAA, DOS-lagen), and suggests fixes — but for binding legal interpretation specific to your situation, talk to a qualified lawyer. Our terms make this explicit.

Yes. Cancellation is one click in your workspace's plan settings. You keep access through the end of your paid quarter; sites are then archived (URLs stay claimed so nobody else can register them under your name) but no data is deleted. Reactivate any time.

50 sites still fits within self-service. On Pro that's 399 SEK × 50 = 19,950 SEK/mo, and at 20+ sites a 30% volume discount kicks in automatically — landing at 13,965 SEK/mo. Page volume on top is handled via a shared pool: all your sites share 50 × 200 = 10,000 pages with no surcharge; beyond that it's 100 SEK per 1,000 extra pages. If you want more than 100 sites or more than 20,000 pages total — contact us for a custom plan.

Yes. The scanner is locale-agnostic. The AI advisor knows EU-wide privacy law (GDPR, ePrivacy, EAA) plus Swedish enforcement (IMY, DIGG, PTS); for non-Swedish sites it falls back to the EU-wide framework. We're adding more country-specific knowledge as we onboard customers from those markets.

Yes. We test against WCAG 2.0, 2.1, and 2.2 AA rules simultaneously via axe-core. The headline standard you report against is WCAG 2.2 AA — it extends 2.1 with 9 new criteria and is the current version. EN 301 549 (the Swedish legal floor) is still based on 2.1, but 2.2 is where the standard is moving.

It applies strictly if both of these are true: you address private individuals through the website (digital services, e-commerce or booking), and you have at least 10 employees or more than EUR 2 million in annual turnover. Smaller businesses are exempt from the service requirements. Many fix accessibility issues anyway — a site that works for everyone has happier visitors, ranks better in search, and gets more people to complete their purchase. In your reports you can choose to show or hide the accessibility findings depending on whether the law covers you.

Yes, scan-result summaries are sent to Anthropic's Claude API for AI analysis. The transfer is protected by the European Commission's Standard Contractual Clauses (SCCs) under GDPR Art. 46. We never send login credentials, payment data, or content from authenticated areas of your site. Full details on our privacy policy and sub-processors pages.

Yes — that's the default. We bill quarterly by invoice (PDF email or e-invoice/Peppol where the country-specific format makes sense). No credit card required, no automatic charges.

Not currently. Email hello@complianthq.ai reaches the team behind CompliantHQ directly. We typically reply within one business day; trial customers can reasonably expect same-day.

Rarely. A free scan is based on a sample and is a snapshot — it tells you nothing definite about the rest of the site. And a website never stands still: a new page, an updated theme or a plugin update can reintroduce issues you just fixed, or create new ones. The regulations move at least as much — new laws arrive, and enforcement cases from IMY and other authorities change how the requirements are interpreted. With a plan we cover more of the site, rescan it continuously, and reach out as soon as something new appears or a fixed issue comes back.

Yes, and it's something an ordinary compliance review misses — it only says "block more". We also flag the reverse: when the configuration is so strict that you lose data you're legally allowed to collect. Example: configured correctly, Google Consent Mode v2 can send anonymous, cookieless modelling signals even when the visitor declined — so conversions are still counted without personal data, fully permitted. Misconfigured, nothing is sent at all, and measurement data you could legally have kept is lost needlessly. This doesn't show up in a compliance audit (everything looks strict and safe) but can cost significantly in lost measurement data. With continuous monitoring we catch these too.

The tool and your web partner do different jobs. We find the problems, prioritise them by legal risk, and describe exactly what needs to change — at the level that's needed (instructions you can click through yourselves in your publishing tool, or a developer write-up to hand off). Your web partner does the actual fix. The difference from letting them find and investigate everything themselves is that the research is already done: they don't have to track down which rules apply, interpret what the scan actually found, or dig into how your cookie platform should be configured. For many customers that means fewer billable hours on investigation — and more on the actual fix.

Yes. The tool finds the problems and describes exactly what needs to change, but if you don't have anyone to hand the list to — or it just sits there — we'll take on the work ourselves based on the report, at a fixed price. Read more about remediation help.

Tell us and we'll be pragmatic. If you want to evaluate CompliantHQ without paying for two systems at the same time, we'll typically cover your access to CompliantHQ at no cost until your existing contract expires — giving you proper time to evaluate before deciding whether to switch. Email hello@complianthq.ai and we'll work it out.