Got an idea, found a bug, or want to see a feature? We'd love to hear it.
✓ Thanks! We got it.
How Scores Are Calculated
Every policy is read and scored against ISO/IEC 29100 — the international privacy framework that defines what a credible, well-formed privacy posture looks like.
About ISO/IEC 29100
ISO/IEC 29100 is the international standard for privacy frameworks. It defines 11 privacy principles that any organization handling personal data is expected to address — from consent and purpose limitation through to accountability and security. Read the standard →
The 11 Principles We Score
01Consent & Choice
02Purpose Legitimacy
03Collection Limitation
04Data Minimization
05Use, Retention & Disclosure
06Accuracy & Quality
07Openness & Transparency
08Individual Participation
09Accountability
10Information Security
11Privacy Compliance
Grading Scale
Each principle scores 1–10. Scores are averaged and converted to a letter grade: A+ (97–100%) through F- (0–29%). Forest green for A's, sage for B's, amber for C's, burnt orange for D's, deep clay for F, darkest rust for F-.
What We Read
We read the main privacy policy page for the given website or app. Scores reflect the quality of the written privacy policy, not necessarily the product's actual data practices. A well-run product with a poorly written policy may score lower than expected, and vice versa.
How We Compare
Tool
Reads policy
Standards-based
Real-time
privacy-first.app
✓
✓ ISO/IEC 29100
✓ Any site
DuckDuckGo
Trackers only
—
Browser only
ToS;DR
Manual
Volunteer
Pre-reviewed
Osano
Attorneys
Proprietary
Database
This tool's own practices are documented in our Privacy Policy.