What others check
Documents, policies, checkboxes
About Vakteye
Vakteye proves what your website actually does with personal data.
Built for EU regulatory reality. We test live website behavior, preserve evidence, and turn findings into material legal, security, and procurement records.
Origin
The gap was never the policy. It was the behavior.
We clicked "Reject All" on a cookie banner. Then we checked if tracking actually stopped.
It didn't.
We tested it on more sites. Same story. Privacy policies said one thing. The websites did another. Nobody was checking.
So we built Vakteye: a compliance evidence layer for the space between what organizations promise and what their sites actually do.
Problem
Paper compliance breaks when the browser behaves differently
Most compliance tools check documents. They read your privacy policy and tick boxes.
We check behavior. We visit your site like a real user, click "Reject All," inspect network requests, and verify whether tracking actually stops.
What we check
Observed behavior, live tracking, actual cookies and evidence
Regulatory grounding
European enforcement is moving toward evidence
Across the EU, privacy and security obligations are becoming more operational: what the site does, what the vendor receives, what the organization can prove.
We built Vakteye with Nordic regulatory discipline and EU-wide coverage: GDPR, ePrivacy, EDPB guidance, NIS2 and supervisory practice from across Europe.
IMY decisions still matter, but they are one source in a broader European evidence model.
01
Observe the browser
We re-fire each ping after a Reject click and time it against the banner-paint event.
02
Review the signal
Lower-confidence findings go to a review queue where an analyst decides. High-confidence findings are backed by behavioural proof. Confidence level is shown on every finding.
03
Package the evidence
Reports include tamper-evident evidence and mapping to applicable GDPR, ePrivacy or NIS2 obligations.
What customers get
What you get
All low-confidence findings are reviewed by an analyst before customers rely on them.
≤5 min
time to first finding
EU
regulatory grounding
EU-only
data residency
Signed
every report
Operating principles
Built for evidence, not theater
European regulators demand data protection from every organization that touches personal data. Vakteye helps prove the state of a website with evidence, not paperwork.
Behavior first
We start with what the user and browser experience, then map it to obligations.
Evidence preserved
The useful output is not a score. It is the proof trail behind each finding.
Enterprise usable
Reports need to work for DPOs, CISOs, boards and procurement, not just technical operators.
Enterprise adoption
Built for the committees that approve risk.
Vakteye packages live website evidence so legal, security and procurement can review the same facts before a decision is made.
Legal review
Findings are tied to GDPR, ePrivacy, EDPB guidance and supervisory practice instead of vague policy opinions.
Security review
Evidence includes observed browser behavior, network traces and confidence labels for follow-up work.
Procurement ready
Reports are structured for vendor due diligence, audit trails and internal approval conversations.
See what we find on your site.
Book a demo. We scan live pages during the call and show what matters first.