CyroloCyrolo
Features
Platform capabilities & tools
Pricing
$299/mo security subscription
Security Scanning
150+ automated vulnerability checks
Penetration Testing
Elite red team services
Free Tools
Free security scanners
About
Our mission & team
Contact
Get in touch
Sign InGet Started
Cyber Security
All systems operational
Cookie wallsFrench auditFine estimate
Full Report

What's in the Full CNIL Audit?

12 CNIL-specific compliance checks beyond general GDPR requirements.

Cookie Wall Detection

Detects cookie walls that force consent by blocking content — explicitly prohibited by CNIL since 2020.

Consent Mechanism

Verifies consent banners follow CNIL's strict requirements: symmetry, granularity, and informed consent.

Pre-Deposit Testing

Detects trackers and cookies that fire before users give consent — CNIL's top enforcement priority.

Consent Duration

Checks that consent is re-requested within CNIL's 13-month maximum retention period.

French Language

Verifies privacy notices, consent text, and cookie policies are available in proper French.

Data Transfer

Audits international data transfers for CNIL compliance with post-Schrems II requirements.

CNIL is watching

CNIL: Europe's most aggressive DPA

CNIL conducts regular online sweeps, using automated tools to detect cookie violations at scale. They inspect hundreds of websites per campaign. If you target French users, you're in scope.

€150M
Google (2022)
€60M
Facebook (2022)
€40M
Criteo (2023)
€32M
Amazon (2020)

Also scan for compliance with

GDPR ScannerCookie BannerCCPA ScannerLGPD Scanner

Frequently Asked Questions

Everything about CNIL compliance scanning.

Why is CNIL compliance different from general GDPR?+
CNIL is France's data protection authority and has its own specific guidelines that go beyond general GDPR. For example, CNIL requires consent validity of maximum 13 months, explicitly bans cookie walls, mandates French-language privacy notices, and has specific rules about consent symmetry (reject must be as easy as accept). CNIL is also the most active EU DPA in terms of cookie enforcement.
What are CNIL's biggest enforcement actions?+
CNIL has been the most aggressive EU DPA on cookie compliance: €150M fine against Google (2022), €60M against Facebook (2022), €40M against Criteo (2023), €32M against Amazon (2020), and €5M against TikTok (2023). They've fined over €350M just for cookie violations.
What is CNIL's cookie wall ban?+
Since 2020, CNIL prohibits "cookie walls" — banners that block all content unless the user clicks "Accept All". Users must be able to continue browsing without accepting non-essential cookies. The only exception is if the site offers a genuine alternative (e.g., a paid ad-free version).
What is the 13-month consent rule?+
CNIL requires that cookie consent expires after a maximum of 13 months. After this period, consent must be re-obtained. Sites that store consent indefinitely or for unreasonably long periods violate this CNIL-specific requirement.
What do I get with the full CNIL report?+
The full report includes 12 CNIL-specific checks: cookie wall detection, consent mechanism audit, pre-deposit cookie test, consent duration check, French language audit, privacy policy depth analysis, purpose limitation audit, third-party consent test, data transfer audit, enforcement risk calculation, compliance scorecard, and an AI-generated remediation plan. Price: €129.

CNIL is watching

Every site without a scan
is a target for the next CNIL sweep

Discover compliance gaps across 12 CNIL-specific checks with expert remediation guidance — before enforcement catches up.

3,241 CNIL violations detected this hour
your-website.com
Live Compliance Feed
Start Scanning NowTalk to Sales

No registration required · Preview scan included · Full report from €129

More free tools

No account required. Scan any website instantly.

SSL Checker16 modulesFREE

Certificate chain, forward secrecy, OCSP stapling, CT logs, mixed content, and cipher analysis.

DNS Lookup18 modulesFREE

SPF, DKIM, DMARC, DNSSEC, MTA-STS, BIMI, reverse DNS, SMTP STARTTLS, and more.

Speed Test16 modulesFREE

Waterfall timing, resource hints, image optimization, HTML weight, and third-party detection.

Cookie Scanner12 modulesFREE

Full cookie inventory, pre-consent detection, GDPR compliance, and tracker mapping.

Security Headers8 headersFREE

CSP, HSTS, X-Frame-Options, Referrer-Policy, Permissions-Policy, COOP, CORP, X-Content-Type-Options.

Tech & Tracker DetectorFREE

CMS, analytics (GA, Hotjar), trackers, CDN, and framework detection.

Blacklist CheckFREE

Domain/IP on Spamhaus, SpamCop, Barracuda, SORBS DNSBLs.

Page Meta & SEOFREE

Open Graph, Twitter cards, canonical, robots meta, sitemap discovery.

Link & Redirect HealthFREE

Redirect chain and broken links on a single page.

Whois & AgeFREE

Domain WHOIS, registrar, creation, expiration, and domain age.

Subdomain DiscoveryFREE

Subdomains via crt.sh Certificate Transparency.

Squatting RiskFREE

Typosquatting patterns, homoglyphs, and heuristic risk score.

Trademark SimilarityFREE

4-layer brand detection: substring, fuzzy, phonetic & n-gram analysis across 200+ brands.

Domain Trust ScoreFREE

Composite from age, WHOIS privacy, blacklist, HTTPS.

Report a FakeFREE

Public counterfeit reporting portal with blockchain verification and anonymous submissions.

Verify PortalFREE

Verify brand ownership, authority grants, documents, and company identity on blockchain.

What's My IP24 modulesFREE

IP intelligence with geolocation, WebRTC leak test, timezone analysis, VPN & proxy detection, 12-database blacklist, browser privacy audit, abuse scoring, and privacy grading.

Email Verifier40 modulesFREE

40-module deep scan — name enrichment, toxic detection, SMTP multi-pass greylisting, 121k+ disposable DB, inbox prediction, quality scoring.

Email Finder90 patternsFREE

Analyze multiple pages & test 90 brand protection + security patterns (abuse@, legal@, dmca@, security@). Delivery verified.

View all free tools

Deep compliance scanners

Full regulatory audits with remediation roadmaps, penalty estimates, and court-ready reports. Free preview with every scan.

Security Scanner37 security suitesPRO

150+ checks across 6 inspection layers with full vulnerability assessment and PDF reports.

GDPR Scanner23 articlesPRO

23-article GDPR compliance audit with remediation guidance and penalty estimates.

Cookie Banner ScannerPRO

Consent mechanism audit with dark pattern detection per EDPB guidelines.

CCPA ScannerPRO

"Do Not Sell" link, GPC signal, and privacy policy audit for California compliance.

LGPD ScannerPRO

Brazilian data protection law compliance audit with Portuguese notice validation.

CNIL ScannerPRO

French CNIL regulatory compliance analysis and cookie consent validation.

Try free preview