What GDPR issues do you see most often on websites?

Hey PH community 👋

I'm launching Compliance-Copilot in two days – a tool that automatically checks websites for GDPR compliance issues (privacy policy, cookie consent, legal notice, SSL).

While building it, I've been scanning hundreds of websites and noticed the same problems come up over and over:

1. Google Fonts loaded from Google's CDN (sends visitor IPs to the US without consent)

2. Cookie banners that don't actually block tracking scripts before opt-in

3. Privacy policies that don't list all third-party services individually

4. YouTube/Maps embeds that connect to Google on page load without consent

I'm curious: if you run a website in the EU (or serve EU customers), what compliance issues have been the hardest to get right? And what would you want an automated checker to catch that existing tools miss?

Would love any input – it directly shapes what I'm building.

🔗 Launching in two days: compliance-copilot.com