stackpeek

transparency leaderboard

Policy claims vs. observed reality.
Every site, every scan.

The list below shows the current state of 57 sites. Each row links to a full audit with the evidence, the scan timestamp, and a permalink that survives future re-scans.

We audit every site on this leaderboard from the outside, using only what any visitor can see. We do not accept payment to include, exclude, or adjust any rating. Every finding links to its evidence and its scan timestamp. The methodology is public and versioned.

batch scan

2026-04-16

mismatch

9

warn

40

aligned

8

site / takeaway verdict
  1. 1Password password manager

    Policy says no advertising, but ad trackers were loaded

    1password.com 7 trackers scanned 2026-04-16
    mismatch
  2. Typeform form builder

    Functional data handling without policy transparency

    typeform.com 3 trackers scanned 2026-04-16
    mismatch
  3. Auth0 identity

    Adobe Tag Manager loaded but not named in vendor list

    auth0.com 2 trackers scanned 2026-04-16
    mismatch
  4. Fly.io hosting

    Google Tag Manager not disclosed in privacy policy

    fly.io 2 trackers scanned 2026-04-16
    mismatch
  5. Heroku hosting

    Parsely analytics loaded but not named in policy

    heroku.com 2 trackers scanned 2026-04-16
    mismatch
  6. Loom video

    Policy uses Atlassian boilerplate; does not name observed vendors

    loom.com 2 trackers scanned 2026-04-16
    mismatch
  7. Railway hosting

    Google Tag Manager deployment not disclosed in privacy policy

    railway.app 1 tracker scanned 2026-04-16
    mismatch
  8. Vercel hosting

    Clearbit API calls not disclosed in named third parties

    vercel.com 1 tracker scanned 2026-04-16
    mismatch
  9. WorkOS identity

    Named analytics vendors absent from observed tech stack

    workos.com 1 tracker scanned 2026-04-16
    mismatch
  10. Asana project management

    Session replay tools detected

    asana.com 30 trackers scanned 2026-04-16
    warn
  11. Mixpanel product analytics

    Session replay tools detected

    mixpanel.com 28 trackers scanned 2026-04-16
    warn
  12. Notion productivity

    Session replay tools detected

    notion.so 28 trackers scanned 2026-04-16
    warn
  13. Dashlane password manager

    No privacy policy found

    dashlane.com 24 trackers scanned 2026-04-16
    warn
  14. Bitwarden password manager

    No privacy policy found

    bitwarden.com 19 trackers scanned 2026-04-16
    warn
  15. Render hosting

    Observed vendors not named in policy

    render.com 7 trackers scanned 2026-04-16
    warn
  16. Resend transactional email

    No privacy policy found

    resend.com 5 trackers scanned 2026-04-16
    warn
  17. GitLab devops

    No privacy policy found

    gitlab.com 4 trackers scanned 2026-04-16
    warn
  18. Hotjar session replay

    Session replay tools detected

    hotjar.com 4 trackers scanned 2026-04-16
    warn
  19. HubSpot crm

    No privacy policy found

    hubspot.com 4 trackers scanned 2026-04-16
    warn
  20. Airtable productivity

    Observed vendors not named in policy

    airtable.com 3 trackers scanned 2026-04-16
    warn
  21. Amplitude product analytics

    Observed vendors not named in policy

    amplitude.com 3 trackers scanned 2026-04-16
    warn
  22. Front customer support

    No privacy policy found

    front.com 3 trackers scanned 2026-04-16
    warn
  23. Ghost publishing

    No privacy policy found

    ghost.org 3 trackers scanned 2026-04-16
    warn
  24. Okta identity

    Observed vendors not named in policy

    okta.com 3 trackers scanned 2026-04-16
    warn
  25. Retool internal tools

    Observed vendors not named in policy

    retool.com 3 trackers scanned 2026-04-16
    warn
  26. Segment customer data platform

    Observed vendors not named in policy

    segment.com 3 trackers scanned 2026-04-16
    warn
  27. Cloudflare infrastructure

    Observed vendors not named in policy

    cloudflare.com 2 trackers scanned 2026-04-16
    warn
  28. Figma design tools

    Observed vendors not named in policy

    figma.com 2 trackers scanned 2026-04-16
    warn
  29. Heap product analytics

    Observed vendors not named in policy

    heap.io 2 trackers scanned 2026-04-16
    warn
  30. Mailchimp email marketing

    No HSTS header

    mailchimp.com 2 trackers scanned 2026-04-16
    warn
  31. Monday.com project management

    Observed vendors not named in policy

    monday.com 2 trackers scanned 2026-04-16
    warn
  32. Pipedrive crm

    No privacy policy found

    pipedrive.com 2 trackers scanned 2026-04-16
    warn
  33. Postmark transactional email

    No privacy policy found

    postmarkapp.com 2 trackers scanned 2026-04-16
    warn
  34. Calendly scheduling

    Observed vendors not named in policy

    calendly.com 1 tracker scanned 2026-04-16
    warn
  35. ConvertKit email marketing

    No privacy policy found

    convertkit.com 1 tracker scanned 2026-04-16
    warn
  36. Help Scout customer support

    No privacy policy found

    helpscout.com 1 tracker scanned 2026-04-16
    warn
  37. Intercom customer support

    Observed vendors not named in policy

    intercom.com 1 tracker scanned 2026-04-16
    warn
  38. LogRocket session replay

    Observed vendors not named in policy

    logrocket.com 1 tracker scanned 2026-04-16
    warn
  39. Netlify hosting

    Observed vendors not named in policy

    netlify.com 1 tracker scanned 2026-04-16
    warn
  40. Plausible analytics

    No HSTS header

    plausible.io 1 tracker scanned 2026-04-16
    warn
  41. Proton privacy suite

    No privacy policy found

    proton.me 1 tracker scanned 2026-04-16
    warn
  42. SendGrid transactional email

    No privacy policy found

    sendgrid.com 1 tracker scanned 2026-04-16
    warn
  43. Sentry error tracking

    Observed vendors not named in policy

    sentry.io 1 tracker scanned 2026-04-16
    warn
  44. Slack communication

    Observed vendors not named in policy

    slack.com 1 tracker scanned 2026-04-16
    warn
  45. Twilio communication

    No privacy policy found

    twilio.com 1 tracker scanned 2026-04-16
    warn
  46. Zendesk customer support

    No privacy policy found

    zendesk.com 1 tracker scanned 2026-04-16
    warn
  47. Brave browser

    No privacy policy found

    brave.com 0 trackers scanned 2026-04-16
    warn
  48. Clerk identity

    Session replay without CSP protection

    clerk.com 0 trackers scanned 2026-04-16
    warn
  49. DuckDuckGo privacy search

    No privacy policy found

    duckduckgo.com 0 trackers scanned 2026-04-16
    warn
  50. Linear project management

    Observed stack aligns with policy disclosures.

    linear.app 2 trackers scanned 2026-04-16
    aligned
  51. Datadog observability

    Observed stack aligns with policy disclosures.

    datadoghq.com 1 tracker scanned 2026-04-16
    aligned
  52. Zapier automation

    Observed stack aligns with policy disclosures.

    zapier.com 1 tracker scanned 2026-04-16
    aligned
  53. GitHub devops

    No tracking or analytics observed. Policy matches.

    github.com 0 trackers scanned 2026-04-16
    aligned
  54. PostHog product analytics

    No tracking or analytics observed. Policy matches.

    posthog.com 0 trackers scanned 2026-04-16
    aligned
  55. Stripe payments

    No tracking or analytics observed. Policy matches.

    stripe.com 0 trackers scanned 2026-04-16
    aligned
  56. Supabase backend

    No tracking or analytics observed. Policy matches.

    supabase.com 0 trackers scanned 2026-04-16
    aligned
  57. Trello project management

    No tracking or analytics observed. Policy matches.

    trello.com 0 trackers scanned 2026-04-16
    aligned