Free GPC Checker

Test whether your website actually honors the Global Privacy Control signal — not just whether it reads the header.

No credit card required • Instant free scan

What this GPC checker tests

Signal delivery

We revisit your pages with Sec-GPC: 1 set, exactly like a Firefox or Brave user with GPC enabled.

Network-level verification

We intercept every outbound request and compare tracker activity with and without the signal — the only way to prove opt-out is enforced.

CCPA § 7025 mapping

Failures map to the specific California regulation text, ready to hand to legal.

Why header-only GPC checkers aren't enough

Most basic GPC check tools only verify whether your server reads the incoming Sec-GPCheader. However, reading the header is just the first step. True compliance means that your website's client-side tag managers, advertising pixels, and analytics scripts must actively suppress data collection when the signal is detected.

Many consent management platforms (CMPs) claim out-of-the-box GPC support, but misconfigurations or custom hardcoded marketing pixels frequently bypass these controls. To verify compliance, you must intercept the real outbound network requests. Check out our full guide to GPC testing for an in-depth breakdown.

Frequently asked questions

What is Global Privacy Control (GPC)?

Global Privacy Control (GPC) is a user-configurable browser setting or extension that automatically notifies websites of the user's privacy preferences, signaling an opt-out from the sale or sharing of their personal information.

Is GPC legally required?

Yes. Under California's CCPA/CPRA regulations (§ 7025), businesses must recognize universal opt-out signals like GPC as valid requests to opt-out of data sale or sharing. Colorado, Connecticut, Texas, Oregon, and other states also mandate Universal Opt-Out Mechanism (UOOM) recognition.

What does Privisy check that browser extensions don't?

Browser extensions send the GPC header, but they cannot verify if your backend server or tag managers actually block third-party trackers at the network layer. Privisy intercepts outbound traffic in a headless browser to prove compliance or identify leaks.

Get a complete compliance audit report

Go beyond GPC. Scan for UI violations, shadow trackers, and policy gaps in under 3 minutes.

Run full free scan