WCAGdesk
Sign in Start free scan EN · DE
Stakes Process Pricing Methodology Sign in Start free scan EN · DE
EAA in force · 28 June 2025

Defensible accessibility records for EU compliance.

Monthly scans with qualified RFC 3161 timestamps, an organization seal, and a verifiable hash chain — built for the European Accessibility Act and German BFSG enforcement — timestamped, verifiable records you can hand to counsel as documentation of ongoing due diligence.

No signup required for the first scan. Sample report (PDF) See methodology →
Sample · PDF/A-2b · 4 pages · 218 KB AdES seal · RFC 3161

Accessibility Conformance Report

handelshof-bremen.de · scan 047 · 2026-04-01
Standards
WCAG 2.1 AA · EN 301 549 V3.2.1 · BFSG § 12
Period
01 March – 01 April 2026 (monthly)
Findings
0 critical 2 serious 7 moderate 3 minor
Hash
sha256:a4f9e2d1b8c7e3a5f0d2b8c3d4e5f9a8…b91c3e7f
Time
2026-04-01T03:14:22Z · RFC 3161 trusted TSA
Conformance verdict
Partial conformance
Advanced Electronic Seal (eIDAS Art. 35) WCAGdesk UG · organization seal
cert · SAMPLE-XX-0000-0000 · valid through 2028-02-15
Verified 2026-04-09T14:23:11Z sha256:a4f9e2d1…8c3d RFC 3161 timestamp

Three numbers that changed the cost of ignoring accessibility.

€7,500
typical BFSG fine

Per non-compliant digital service, levied by the Bundesamt für Justiz under § 37 BFSG.

€1M
FTC settlement

Imposed on accessiBe in April 2025 for misleading claims about overlay widgets.

28.06.25
EAA enforcement begins

European Accessibility Act applies to every B2C service operating in EU member states.

Position

Overlay widgets are now a liability, not a remedy.

A scanner produces evidence. An overlay produces a JavaScript injection — and, increasingly, a regulator's invitation.

Approach A

Overlay widget

accessiBe, UserWay, EqualWeb

  • Legal admissibility
    Not accepted as evidence in EU courts
  • Audit-trail preservation
    No timestamped record of compliance over time
  • Accessibility statement
    Generic boilerplate, not BFSG / EN 301 549 conformant
  • Timestamp verifiability
    No RFC 3161 or eIDAS signing
  • Abmahnung defense
    Cited as aggravating factor — see FTC v. accessiBe (Apr 2025)
Approach B

WCAGdesk

Audit trail, not augmentation

  • Legally relevant artifacts
    RFC 3161 qualified timestamps + AdES organization seal — recognized instruments under eIDAS Regulation (EU) 910/2014, Articles 35 & 41
  • Audit-trail preservation
    Hash-chained monthly scans, retained for the full statutory period
  • Accessibility statement
    Per BFSG § 12 / EN 301 549 / Web Accessibility Directive 2016/2102
  • Timestamp verifiability
    RFC 3161 trusted timestamps from a qualified TSA
  • Abmahnung defense
    One-click evidence bundle export with response template (DE)
How the audit trail works

Three procedures. One verifiable record.

01

Scan

Your site is scanned monthly against WCAG 2.1 AA, EN 301 549 and BFSG. Each scan is hashed (SHA-256) and timestamped via an RFC 3161 trusted TSA.

rfc-3161 timestamp
02

Seal

Reports export as PDFs carrying an advanced electronic seal (eIDAS Art. 35) bound to WCAGdesk UG. Seal, certificate and RFC 3161 timestamp embed into PDF/A-2b. A qualified electronic seal upgrade is on the roadmap for Q3 2026.

ades seal · rfc 3161
03

Defend

When an Abmahnung arrives, export the full evidence bundle in one click: scan history, hash chain, statement publication log, remediation log.

evidence bundle
Pricing

Self-serve, monthly, billed in EUR via Paddle.

Billed via Paddle as Merchant of Record. VAT handled per buyer jurisdiction. No annual lock-in. No free trial — the public URL scanner is free.

Audit

Tier 01

For one site that needs a clean record.

€149/mo
  • One domain
  • Monthly scans, RFC 3161 timestamped
  • WCAG 2.1 AA, EN 301 549 coverage
  • Basic accessibility statement (BFSG § 12)
  • PDF + JSON export
  • 12-month scan retention
Start with Audit
Recommended

Defense

Tier 02

For SMBs exposed to BFSG enforcement.

€299/mo
  • 1 site, up to 200 pages per scan
  • Weekly scans + on-demand
  • Statement generator (EN, DE, FR, IT, ES, NL)
  • Evidence bundle export (.zip)
  • PDF/UA-1 scanning for PDFs you serve (veraPDF)
  • Abmahnung response toolkit (DE)
  • 36-month scan retention
Start with Defense

Counsel

Tier 03

For B2B SaaS with regulated procurement.

€599/mo
  • Everything in Defense
  • Qualified electronic seal upgrade (Q3 2026, included)
  • Quarterly expert review
  • White-label PDFs
  • SSO + audit log
  • Priority support, named contact
Start with Counsel

Prices exclude VAT. Cancel any time. Existing scans remain available for export for 90 days after cancellation.

Questions buyers ask before they buy.

What does an Abmahnung cost in Germany?
A typical Abmahnung from a Wettbewerbsverein cites €1,500–€7,500 in legal fees plus a Unterlassungserklärung (cease-and-desist undertaking) carrying contractual penalties of €5,001 per future violation. BFSG-specific cases brought via the Marktüberwachungsbehörden can additionally levy administrative fines up to €100,000 under § 37 BFSG.
Is automated scanning enough for legal compliance?
No tool is. WCAG conformance requires a mix of automated and manual evaluation; EN 301 549 §11.4 says the same. WCAGdesk produces the verifiable, dated evidence layer that demonstrates ongoing diligence — what regulators look for when assessing intent. Manual remediation work remains your responsibility.
How can timestamped reports support a legal defense?
Each report carries an RFC 3161 trusted timestamp from a qualified Time-Stamping Authority (qualified electronic timestamp under Article 41 of Regulation (EU) 910/2014) and an advanced electronic seal (Article 35) bound to WCAGdesk UG. Together they support evidence of integrity and origin under eIDAS Regulation (EU) 910/2014; admissibility in any particular proceeding is a determination for counsel and the court. Counsel customers will receive a qualified electronic seal upgrade rolling out in Q3 2026, automatically included. WCAGdesk does not provide legal advice.
How is "Polygon anchored" actually verifiable?
Every scan's per-domain hash chain is included in a SHA-256 Merkle tree that gets written to a Polygon mainnet smart contract at 0xEc9fE204…CeE6a. For any individual scan we ship the Merkle path; you (or an auditor) recompute the root locally and confirm it on Polygonscan independently of WCAGdesk. Each weekly anchor costs us roughly $0.01 in gas — durable for as long as Polygon exists, which is the point.
What if I receive an Abmahnung — what do I do?
Do not sign the Unterlassungserklärung as written. Open the Defense view in WCAGdesk: upload the letter, generate a German-language response that references your scan history and remediation log, and forward both to a Fachanwalt für IT-Recht. We maintain a list of vetted DE accessibility lawyers for Counsel customers.
Why isn't an overlay widget enough?
Overlays modify the DOM at runtime; they neither fix underlying source code nor produce evidence of what was tested when. The Federal Trade Commission's April 2025 settlement with accessiBe ($1M) treats marketing claims about overlay efficacy as deceptive. EU regulators and accessibility advocates have raised similar concerns. Your underlying liability is the source HTML, not the JavaScript wrapped around it — overlay output is rarely durable evidence of compliance.
How is this different from Pope Tech, Siteimprove, accessiBe?
Pope Tech and Siteimprove are honest scanners — but they're positioned as enterprise audit tools, not legal-defense systems, and they don't produce eIDAS-sealed evidence bundles or Abmahnung response workflows. accessiBe is an overlay vendor, which we explicitly are not. Deque axe is a developer toolkit and excellent for that purpose; it isn't a service or a record-keeping system.

Start the record. Defend it later.

First scan is free, no signup. Paid plans from €149/month, cancel any time. The artifacts you generate stay yours — exportable as eIDAS-sealed, timestamped PDFs.

Start free scan See pricing No credit card. Public sites only. axe-core 4.11.