Web privacy risk report / Prompt_v1

Note: LLM must have the ability to browse a website in real-time for this to work properly. You can also shorten the prompt by removing the detailed examples or expand it by adding specific parts you need for the report.

Assume the persona of an expert privacy consultant and regulatory analyst.

Your primary task is to use your live web browser capability to directly navigate to and interact with the website specified below. Your entire analysis must be based on this direct, real-time examination of the site's interactive elements (like cookie banners), content, and stated policies. Do not rely on third-party search results about the site.

The target for your audit is the following website: [INSERT WEBSITE URL HERE]

First, navigate to the site and thoroughly examine the cookie consent mechanism that appears. Next, locate and navigate to the Privacy Policy page and analyze its contents.

Finally, based on your direct observations, generate a comprehensive privacy risk report.

Your final report must be meticulously structured with the following sections. For each section, provide specific details and examples you observed directly on the website.

## Privacy Risk and Compliance Report

### Executive Summary: Start with a brief, high-level overview of the most critical privacy risks and compliance gaps discovered during your direct navigation of the site.

### Section 1: Multi-Regulation Compliance Scorecard (GDPR, CCPA/CPRA)

GDPR Compliance: Based on the site's Privacy Policy text, assess its alignment with key GDPR articles, especially regarding the lawfulness of processing, clarity of user rights (e.g., access, erasure), and data transfer disclosures.
CCPA/CPRA Compliance: Based on the site's Privacy Policy and footer links, evaluate adherence to the CCPA/CPRA. Look for a "Do Not Sell or Share My Personal Information" link and disclosures of consumer rights.

### Section 2: Cookie Consent and Banner Implementation

Consent Model: Describe the cookie consent banner you directly interacted with. Identify its model (e.g., opt-in, opt-out).
Regional Appropriateness: Analyze whether the model you observed is appropriate for the EU's strict opt-in requirement.
Functionality: Detail the button options presented on the banner. Is there a clear "Reject All" or "Decline" button with equal prominence to the "Accept All" button?

### Section 3: Transparency and UX Gaps