Mini Website Audit – Terms & Scope

Service provider
Folla Ky (“Folla”, “we”).

What this audit is

The Mini Website Audit is a passive, unauthenticated analysis of publicly accessible parts of a website provided by the submitter.
It is intended to identify surface-level technical, security, and GDPR-relevant signals only.

What we do

• Access only publicly available URLs and resources
• Analyse headers, HTML, scripts, assets, and configuration signals
• Detect third-party services, external resources, and common exposure points
• Produce an informational report with findings and recommendations

What we do NOT do

• No login attempts or credential use
• No vulnerability exploitation
• No denial-of-service, brute-force, or stress testing
• No data modification, uploads, or system changes
• No access to private, authenticated, or restricted areas

Authorization
By submitting a website, you confirm that:

• You are the website owner or
• You have explicit authorization to act on behalf of the website owner or company

No guarantees
This audit:

• Does not constitute a full security audit or penetration test
• Does not guarantee security, compliance, or absence of vulnerabilities
• Reflects the state of the site at the time of scanning only

Data handling

• Scan results are processed and stored on EU-based servers
• No credentials or intentionally submitted personal data are accessed
• Results are retained only as long as necessary to deliver the report and related services

Liability
The audit is provided “as is” for informational purposes.
Folla is not liable for decisions or actions taken based on the report.