Skip to main content
Syrcha
Get started

/ about

Compliance tooling for people who ship.

Syrcha exists because privacy compliance turned into a cottage industry of PDFs and consulting hours, while the actual scanner you can point at a URL still doesn't ship in most teams' CI.

We build the scanner. Real browser, real consent flows, real requests captured. Findings include the fix. Reports are signed, versioned, and replayable. No call required.

Founded
2025
Hosted
EU only
Frameworks
GDPR · CCPA · AI Act
Trial
Free · no card
Reports
Signed · SHA-256
Source
Open ruleset
Start free scanGet in touch

/ principles

Four things we refuse to compromise.

Stated up front so you can hold us to them later.

  1. 01

    Findings include the fix

    Every violation links to the offending request, the responsible script, and a worked remediation. Audit reports describe problems. We describe fixes.

  2. 02

    Reports are signed

    Each report carries a SHA-256 of the page state and rule set used. Replayable on demand. Defensible in front of a regulator.

  3. 03

    We charge what is on the page

    No "contact sales" tier. The Agency price is on the pricing page. There is a genuine free tier — no card needed to start.

  4. 04

    You can leave

    Cancel from settings without sending an email. Export your reports. No retention games, no win-back calls.

/ build log

What we've shipped. What's next.

  1. Q3 2025

    First scans live

    Hosted scanner online. First GDPR ruleset shipped. Add a domain, run a scan, get a result — the loop closed.

  2. Q4 2025

    Reports and notifications

    PDF + HTML report generator. Webhook + email notifications. Scheduled scans.

  3. Q1 2026

    CCPA + signed reports

    CCPA ruleset in beta. SHA-256 report stamping. Public beta opens.

  4. Q3 2026

    AI Act ruleset

    Transparency, chatbot disclosure, generated-content notice, risk-tier docs. EU AI Act go-live.

/ commitments

What you can hold us to.

No buzzwords. If we miss one of these, call us on it.

  • Actionable guidance

    Prioritised findings with concrete remediation, evidence, and the exact request or selector to look at.

  • Privacy and security

    Minimal data processing, passkeys + 2FA, strict ownership checks, EU-only hosting. Public security disclosure path.

  • Reliable monitoring

    Scheduled scans, transparent status page, diff between runs, and email alerts when something regresses.

  • Human support

    No chatbots, no ticket purgatory. A real person replies — typically within one business day.

/ start

Point us at a URL. See for yourself.

Free first scan. No card. No call. You decide whether the report is worth more than the marketing.

Create accountSee pricing