GDPR Article 13 requires informing users about data collection at the point of collection. CCPA §1798.100 grants California residents the right to know what data is collected and to opt out — both rights are only exercisable if users can find your privacy policy. Beyond legal requirements, major ad networks (Google, Meta), payment processors (Stripe, PayPal), and app stores (Apple, Google) require a linked privacy policy to approve accounts and maintain access. Launching without visible legal links exposes the business to regulatory fines, platform bans, and loss of payment processing — not just reputational risk.
Critical because absent legal links constitute a regulatory compliance failure under GDPR and CCPA, and trigger automatic rejection or suspension by ad networks, app stores, and payment processors.
Add privacy policy and terms of service links in your site footer, visible on every page:
<footer>
<a href="/privacy">Privacy Policy</a>
<a href="/terms">Terms of Service</a>
</footer>
In Next.js, create app/privacy/page.tsx and app/terms/page.tsx. Use a free generator (Termly, Iubenda, PrivacyPolicies.com) if you do not have legal documents yet — a generated policy is far better than none. Your privacy policy must cover at minimum: what personal data you collect, how you use it, who you share it with, and how users can request deletion. Links with href="#" or href="javascript:void(0)" do not satisfy this check — the links must point to actual pages.
ID: site-health-check.trust-polish.legal-links
Severity: critical
What to look for: Enumerate all anchor tags (<a>) in the HTML whose href attribute or visible text content contains any of these 7 keywords (case-insensitive): "privacy", "terms", "legal", "tos", "cookie policy", "cookie notice", "gdpr". Count the total number of matching links found. For each match, note whether it links to an internal page or an external URL.
Pass criteria: At least 1 anchor tag is found whose href or visible text matches any of the 7 legal keywords listed above. The link must have a non-empty href that points to an actual page (not href="#" or href="javascript:void(0)"). Report the count of legal links found and their destinations.
Fail criteria: 0 anchor tags match any of the 7 legal keywords in either their href or visible text content.
Skip (N/A) when: The response Content-Type is not HTML (e.g., JSON API endpoint).
Error when: SPA detected.
Detail on fail: "No privacy policy or terms of service link found — required for user trust and many ad networks"
Remediation: Privacy policies and terms of service are legally required in many jurisdictions (GDPR, CCPA) and by most ad networks, payment processors, and app stores. Add links in your footer:
<footer>
<a href="/privacy">Privacy Policy</a>
<a href="/terms">Terms of Service</a>
</footer>
Free privacy policy generators: Termly, PrivacyPolicies.com, Iubenda. For Next.js, create app/privacy/page.tsx and app/terms/page.tsx with your legal text. At minimum, cover: what data you collect, how you use it, and how users can request deletion.