=== PhoenixForge Compliance Checker ===
Contributors: ryanpurvisphoenixforge
Tags: compliance, gdpr, accessibility, wcag, audit
Requires at least: 6.2
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 2.2.1
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Scan your WordPress site against GDPR, EU Cyber Resilience Act, and WCAG accessibility requirements.

== Description ==

PhoenixForge Compliance Checker scans your WordPress site against major regulatory frameworks — GDPR, the EU Cyber Resilience Act (CRA), and WCAG accessibility standards. Identify gaps, get actionable fixes, and generate compliance reports.

**The problem:** Regulatory compliance is complex and keeps changing. GDPR, the EU CRA, and accessibility requirements each have dozens of technical criteria. Checking manually is error-prone and time-consuming.

**The solution:** PhoenixForge Compliance Checker automates the scanning process. It checks your site against specific regulatory requirements, flags non-compliant areas, explains what needs fixing, and generates reports you can share with legal or management.

= Free Features =

* GDPR compliance scanning (cookies, privacy policy, data handling)
* WCAG 2.1 accessibility checks (contrast, alt text, headings, forms)
* EU Cyber Resilience Act baseline checks
* Actionable fix recommendations for each finding
* Compliance score per framework
* Summary report export

= Pro Features =

* Scheduled automatic compliance scans
* Full WCAG 2.1 AA coverage (50+ checks)
* CRA vulnerability assessment integration
* White-labelled compliance reports
* Compliance trend tracking over time
* Priority support

= Part of the PhoenixForge Suite =

PhoenixForge Compliance Checker works alongside PhoenixForge Auditor for comprehensive site health and PhoenixForge Security Monitor for ongoing CRA-aligned security monitoring.

== Installation ==

1. Upload the plugin files to `/wp-content/plugins/wp-compliance-checker/`
2. Activate the plugin through the 'Plugins' screen in WordPress
3. Navigate to Compliance Checker in the admin menu
4. Select which frameworks to scan against
5. Run your first compliance scan and review the findings

== Frequently Asked Questions ==

= Does this make my site GDPR compliant? =
PhoenixForge Compliance Checker identifies technical gaps. Full GDPR compliance also requires organisational measures, legal documentation, and data processing agreements that are beyond the scope of any plugin.

= Which WCAG level does it check? =
The free version checks key WCAG 2.1 Level A criteria. Pro extends coverage to Level AA with 50+ automated checks.

= What is the EU Cyber Resilience Act? =
The CRA is EU legislation requiring digital products to meet cybersecurity standards. PhoenixForge Compliance Checker checks your WordPress site against its technical requirements.

= Is there a Pro version? =
Yes, Pro adds scheduled scans, full WCAG AA coverage, vulnerability assessment, and branded reports. Visit phoenixforge.io for details.

= Can I generate reports for clients? =
Yes, compliance scan results can be exported as reports. Pro adds white-labelled reports with your branding.

== Screenshots ==

1. Compliance dashboard with per-framework scores for GDPR, WCAG, and EU CRA
2. Detailed findings list with severity ratings and actionable fix recommendations
3. WCAG accessibility check results showing contrast, alt text, and form issues
4. Compliance report export preview with framework-by-framework breakdown
5. Scan configuration panel for selecting frameworks and setting check parameters

== Third-Party Services ==

This plugin connects to external services under certain conditions:

= PhoenixForge License Server =
When you activate a Pro license key, the plugin validates it with the PhoenixForge license server.
* Service URL: https://phoenixforge-licenses.phoenixforge.workers.dev
* Privacy Policy: https://phoenixforge.io/privacy
* Terms of Service: https://phoenixforge.io/terms
* Data sent: License key, site URL
* When: On license activation, deactivation, and daily revalidation

= PhoenixForge Update Server =
The plugin checks for new versions from the PhoenixForge update server. This is disabled in WordPress.org distributed builds.
* Service URL: https://phoenixforge-updates.phoenixforge.workers.dev
* Privacy Policy: https://phoenixforge.io/privacy
* Terms of Service: https://phoenixforge.io/terms
* Data sent: Plugin slug and current version
* When: During WordPress update checks (approximately every 12 hours)

= Outbound Webhooks (Pro Feature) =
Pro users can optionally configure webhook URLs to send event data to services like Zapier, Make, or n8n.
* Only active when explicitly configured by the site administrator
* Data sent: Event type, site URL, and event-specific data
* Destination URL is entirely user-controlled

== Changelog ==

= 2.0.0 =
* Initial public release
* GDPR compliance scanning
* WCAG accessibility checks
* EU CRA baseline scanning
* Compliance reporting

== Upgrade Notice ==

= 2.0.0 =
Initial release.
