See what your AI is leaking
Find shadow AI endpoints, exposed Indian PII, pre-consent trackers, and buyer-facing DPDP gaps before your customer asks for proof.
Takes 2 minutes. We crawl only publicly accessible pages. No data is stored without your consent.
18
Compliance Checks
7
RBI Sutras Graded
22
Languages Checked
Free
No Sign-up
<2min
Scan Time
How It Works
Three agents. One comprehensive report.
Our scanner uses a multi-agent pipeline to analyze your website like a compliance auditor would.
Scout Agent
Loads your site in headless Chromium. Crawls up to 20 pages. Captures screenshots, network requests, consent banners, form fields, and privacy policies.
- Dynamic JS rendering
- Shadow AI endpoint detection
- Third-party tracker monitoring
- Multilingual script detection
Auditor Agent
Evaluates crawled data against 18 DPDP checks, grades the 7 RBI Sutras, and simulates a 72-hour breach readiness drill.
- 18-point DPDP checklist
- RBI FREE-AI Sutra Scorecard
- Breach readiness simulation
- Auto-generated DPIA
Report Agent
Generates a board-ready PDF with scores, findings, remediation roadmap, and DPIA summary. SEBI-grade formatting.
- Compliance score gauges
- Prioritized remediation
- Shadow AI & tracker tables
- Shareable results link
What We Detect
Beyond basic privacy policy checks
Shadow AI Endpoints
Undocumented LLM API calls (OpenAI, Anthropic, Azure, Google AI) leaking customer data.
Indian PII Coverage
Nine DPDP-relevant identifier families across government, finance, health, work, education, biometric, demographic, digital, and legal records.
Pre-Consent Trackers
Google Analytics, Meta Pixel, Hotjar, and others firing before user consent.
Multilingual Consent
Checks for 22 scheduled Indian languages as required by DPDP Rules 2025.
Consent Mechanisms
Cookie banners, reject-all buttons, consent withdrawal, and granular controls.
Grievance Officer
Published contact details for the Grievance Officer as required by DPDP §8(9).
Breach Readiness
72-hour notification process, security contacts, and timeline commitments.
Data Localization
RBI-mandated statements about data storage within India for financial data.
AI Disclosure
SEBI 2026 mandate: disclosure of AI/ML usage in customer-facing services.
Children's Data
Age verification, parental consent, and special protections for minors.
Full Checklist
18-Point DPDP Compliance Audit
Every check maps to a specific regulatory requirement with severity and remediation guidance.
Who Is This For
Built for Indian SaaS founders and compliance teams
SaaS Founders
Check your own website before a regulator does. Fix issues before they become fines.
Compliance Officers
Audit vendor websites during due diligence. Generate evidence for board reports.
VCs & Investors
Scan portfolio companies for compliance gaps. Part of tech due diligence.
Enterprise Buyers
Evaluate vendor compliance before signing contracts. Automated third-party risk.
FAQ
Frequently Asked Questions
Your AI is probably leaking data you haven't checked for.
Free scan. No sign-up. Shareable proof in 2 minutes.
Or integrate CrewCheck into your AI stack for continuous compliance monitoring. View docs →