If you're here, you already know: 2GDPR discontinued its free public compliance checks.
Their tool was simple and fast — paste a URL, get a basic compliance scan. Thousands of website owners used it as a quick sanity check. Now the free tier is gone: as of 2026, 2GDPR's website states "Free public checks have been discontinued. To use our service or API, please contact us for pricing." The company is still operating, but it is now a paid/enterprise product.
Searches for "2gdpr alternative" and "2gdpr down" have spiked from users who lost a go-to free tool. This article tells you what 2GDPR did, what actually replaces it for free, and how to run your own scan today.
⚠️ Disclaimer: This article is for informational purposes only and does not constitute legal advice. Consult a qualified lawyer for advice specific to your situation.
2GDPR was a free online tool that scanned a URL and returned a basic GDPR compliance report. It checked things like:
It wasn't deep — no enforcement analysis, no CNIL or BfDI case context, no remediation guidance. And banner-only detection is specifically what CNIL's 2021 enforcement automation targets: the regulator's scanning tools check not just whether a banner exists, but whether trackers fire before consent is given — a check 2GDPR did not run. See the real cost of non-compliance for how enforcement actually plays out. But it was free, fast, and useful for a first-pass check. It became a go-to link in "how to make your website GDPR compliant" guides across the web.
As of 2026, 2GDPR has discontinued free public scanning. The service is now paid — you need to contact them for pricing. Users looking for a free replacement are stuck.
Before you find a replacement, it's worth knowing where 2GDPR fell short — so you don't swap one incomplete tool for another.
2GDPR did not cover:
If you operate in France, Germany, or Singapore — or if you use Google Ads, Meta Pixel, or HubSpot — a surface-level scan wasn't enough even when 2GDPR was free. A banner check alone won't protect you from a CNIL enforcement notice: regulators look at what fires before the user clicks "accept," not just whether a banner appeared. See the real cost of non-compliance for how enforcement actually plays out.
What it does: Scans your website and delivers a structured compliance report covering GDPR (EU), CNIL (France), and PDPA (Singapore). The free scan identifies tracker behavior, cookie consent issues, and missing legal pages. A paid PDF report (€49) adds enforcement context, remediation steps, and a methodology citation.
Why it replaces 2GDPR: Sitetals does what 2GDPR did — fast URL-based scanning — but with enforcement depth that 2GDPR did not have. CNIL and BfDI case references. Actual tracker firing behavior, not just banner detection.
Best for: European businesses, French/German market operators, Singapore-based companies, anyone who needs more than a green/red flag.
What it does: Free cookie audit tool that detects cookies and categorizes them (necessary, analytics, marketing). No enforcement context. No privacy policy check.
Best for: A quick cookie inventory before you build a consent banner. Not a compliance assessment.
What it does: Scans for cookies and trackers, generates a cookie declaration. Paid product; limited free scan available.
Best for: Businesses that want a scanner bundled with a consent management platform. Higher cost, less enforcement depth.
CookieYes (free tier): Offers automated cookie detection, a basic consent banner, and Google Consent Mode v2 on its free plan. Confirmed available as of June 2026. Limitations: 5,000 pageview cap, one domain per account, mandatory CookieYes branding, no geo-targeting. Adequate for personal blogs; not suitable for most business sites.
Cookiebot (audit mode): Scans your site for cookies and generates a cookie declaration. Limited free scan available. No enforcement depth.
Sitetals is not the only free option — it's the most thorough. The free scan here checks tracker firing behavior, not just whether a banner is present.
| Feature | 2GDPR (was free) | Sitetals |
|---|---|---|
| Free scan | ❌ (now paid) | ✅ |
| GDPR cookie banner check | ✅ | ✅ |
| CNIL-specific requirements | ❌ | ✅ |
| German enforcement context | ❌ | ✅ |
| PDPA (Singapore) | ❌ | ✅ |
| Tracker pre-consent detection | Basic | Deep |
| Remediation guidance | ❌ | ✅ (paid) |
| PDF compliance report | ❌ | ✅ (€49) |
| Methodology citation | ❌ | ✅ |
If you're in France or Germany, or if you've received an Abmahnung or CNIL warning, you'll want the full PDF report. It includes enforcement references specific to your market and a remediation checklist your legal team can act on.
Not sure what you're looking for? Start with the 12 hidden compliance risks most site owners miss — it covers what automated scans can and can't catch.
2GDPR's free scanner served its purpose. The free tier is gone — it's now a paid service.
If you need a free GDPR scanner that actually covers how regulators enforce — not just whether a banner exists — Sitetals is the direct replacement. Same speed. More depth. Actual enforcement context.
Sources: CNIL Guidelines (2022, updated with 2021 automation directive) · BfDI Enforcement Reports 2024–2025 · PDPC Advisory 2021 · GDPR Articles 13–17 · CookieYes pricing page (verified June 2026) · Cookiebot feature pages (verified June 2026)
🩸 — Sitetals Editorial