/ / d / kitchenhouseaustin.com / standards
Standards compliance · kitchenhouseaustin.com
0/0 applicable standards satisfied ·100 not applicable
Security
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| Modern HTTP security headers OWASP · OWASP Secure Headers Project | n/a | — | Every supporting factor is not applicable to this site |
| HSTS Preload Chromium / Google · Chromium preload list | n/a | — | Every supporting factor is not applicable to this site |
| TLS 1.2+ baseline IETF · RFC 5246 / RFC 8446 | n/a | — | Every supporting factor is not applicable to this site |
| DNSSEC IETF · RFC 4033–4035 | n/a | — | Every supporting factor is not applicable to this site |
| CAA records IETF · RFC 8659 | n/a | — | Every supporting factor is not applicable to this site |
| Valid SSL certificate CA/Browser Forum · CA/Browser Forum Baseline | n/a | — | Every supporting factor is not applicable to this site |
| Forward secrecy IETF · TLS 1.3 mandatory | n/a | — | Every supporting factor is not applicable to this site |
| Content Security Policy Level 3 W3C · W3C Working Draft | n/a | — | Every supporting factor is not applicable to this site |
| Subresource Integrity W3C · W3C Recommendation | n/a | — | Every supporting factor is not applicable to this site |
| Cross-Origin isolation (COOP / COEP / CORP) WHATWG / W3C · HTML Living Standard | n/a | — | Every supporting factor is not applicable to this site |
| Permissions-Policy W3C · W3C Working Draft | n/a | — | Every supporting factor is not applicable to this site |
| Referrer-Policy W3C · W3C Candidate Recommendation | n/a | — | Every supporting factor is not applicable to this site |
| X-Frame-Options + frame-ancestors IETF / W3C · RFC 7034 / CSP frame-ancestors | n/a | — | Every supporting factor is not applicable to this site |
| X-Content-Type-Options: nosniff WHATWG · Fetch Standard | n/a | — | Every supporting factor is not applicable to this site |
| HTTP Strict Transport Security IETF · RFC 6797 | n/a | — | Every supporting factor is not applicable to this site |
| security.txt IETF · RFC 9116 | n/a | — | Every supporting factor is not applicable to this site |
| PCI DSS v4.0 PCI Security Standards Council · 4.0.1 | n/a | — | Every supporting factor is not applicable to this site |
| SOC 2 (Type I & Type II) AICPA · AICPA Trust Services Criteria | n/a | — | Every supporting factor is not applicable to this site |
| ISO/IEC 27001:2022 ISO/IEC · 2022 | n/a | — | Every supporting factor is not applicable to this site |
| NIST Cybersecurity Framework 2.0 NIST · 2.0 | n/a | — | US-based organizations, federal contractors, or anyone needing a cross-walk between security frameworks. |
| OWASP Top 10 (2025) OWASP Foundation · 2025 | n/a | — | Every supporting factor is not applicable to this site |
| DANE for SMTP IETF · RFC 7672 | n/a | — | Every supporting factor is not applicable to this site |
| TLS 1.3 IETF · RFC 8446 | n/a | — | Every supporting factor is not applicable to this site |
| OCSP Stapling IETF · RFC 6066 status_request | n/a | — | Every supporting factor is not applicable to this site |
| Certificate Transparency IETF · RFC 6962 / RFC 9162 | n/a | — | Every supporting factor is not applicable to this site |
Performance
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| Core Web Vitals Google · 2024 thresholds | n/a | — | Every supporting factor is not applicable to this site |
| HTTP/2 IETF · RFC 9113 | n/a | — | Every supporting factor is not applicable to this site |
| HTTP/3 IETF · RFC 9114 | n/a | — | Every supporting factor is not applicable to this site |
| Brotli / gzip compression IETF · RFC 7932 / RFC 1952 | n/a | — | Every supporting factor is not applicable to this site |
| font-display: swap W3C CSS WG · CSS Fonts Module Level 4 | n/a | — | Every supporting factor is not applicable to this site |
| Resource hints (preconnect / preload / prefetch / dns-prefetch) WHATWG · WHATWG HTML Living Standard | n/a | — | Every supporting factor is not applicable to this site |
| Modern image formats (WebP / AVIF) Per-format spec · MDN reference | n/a | — | Every supporting factor is not applicable to this site |
| Interaction to Next Paint (INP) Google · Core Web Vital (March 2024) | n/a | — | Every supporting factor is not applicable to this site |
| Largest Contentful Paint (LCP) Google · Core Web Vital | n/a | — | Every supporting factor is not applicable to this site |
| Speed Index Google / Catchpoint · Lighthouse / WebPageTest | n/a | — | Every supporting factor is not applicable to this site |
SEO
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| Schema.org structured data Schema.org / W3C · Latest | n/a | — | Every supporting factor is not applicable to this site |
| robots.txt + sitemap.xml IETF / Sitemaps.org · RFC 9309 / sitemaps.org | n/a | — | Every supporting factor is not applicable to this site |
| Open Graph + Twitter Cards Meta / X · Open Graph 2010 / Twitter Cards | n/a | — | Every supporting factor is not applicable to this site |
| Heading hierarchy WHATWG · HTML Living Standard | n/a | — | Every supporting factor is not applicable to this site |
| Canonical URLs IETF / Google · RFC 6596 + Google canonicalization | n/a | — | Every supporting factor is not applicable to this site |
| hreflang Google · Google Search Central | n/a | — | Every supporting factor is not applicable to this site |
| Robots meta + X-Robots-Tag Google · Google Search Central | n/a | — | Every supporting factor is not applicable to this site |
| Mobile viewport meta tag WHATWG / Google · WHATWG / Google mobile-friendly | n/a | — | Every supporting factor is not applicable to this site |
| BreadcrumbList structured data Schema.org / Google · schema.org / Google | n/a | — | Every supporting factor is not applicable to this site |
| FAQ / HowTo structured data Schema.org / Google · schema.org (rich results deprecated) | n/a | — | Every supporting factor is not applicable to this site |
| Google Search Essentials Google · 2022 (replaces Webmaster Guidelines) | n/a | — | Every supporting factor is not applicable to this site |
AI-readiness
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| llms.txt Answer.AI / community · Draft (2024) | n/a | — | Every supporting factor is not applicable to this site |
| AI crawler permissions Per-vendor · robots.txt convention | n/a | — | Every supporting factor is not applicable to this site |
| C2PA Content Credentials Coalition for Content Provenance and Authenticity · 2.1 (Sep 2024) | n/a | — | Every supporting factor is not applicable to this site |
| ai.txt Spawning / community · Draft (Spawning) | n/a | — | Every supporting factor is not applicable to this site |
| ai-plugin.json (well-known plugin manifest) OpenAI · v1 (OpenAI plugins, 2023) | n/a | — | Every supporting factor is not applicable to this site |
| IETF AI Preferences (aipref) IETF · Working draft (target Aug 2026) | n/a | — | Every supporting factor is not applicable to this site |
| llms-full.txt Answer.AI / community · Community convention (2024–) | n/a | — | Every supporting factor is not applicable to this site |
Privacy
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| GDPR European Commission · Regulation (EU) 2016/679 | n/a | — | Every supporting factor is not applicable to this site |
| CCPA / CPRA California Privacy Protection Agency · CPRA Amendment (2023) | n/a | — | California residents — but most sites with U.S. traffic encounter California users, so default to applying it. |
| Cookie consent baseline European Commission · ePrivacy Directive 2002/58/EC | n/a | — | Every supporting factor is not applicable to this site |
| HIPAA U.S. Department of Health & Human Services (Office for Civil Rights) · 45 CFR Parts 160 & 164 | n/a | — | U.S. healthcare providers, health plans, clearinghouses, and their business associates — anyone whose site touches protected health information. |
| COPPA U.S. Federal Trade Commission · 16 CFR Part 312 (2025 amendments) | n/a | — | U.S. sites directed at children under 13, and any general-audience site with actual knowledge it is collecting from children. |
| LGPD Autoridade Nacional de Proteção de Dados (ANPD) · Lei nº 13.709/2018 | n/a | — | Every supporting factor is not applicable to this site |
| PIPEDA Office of the Privacy Commissioner of Canada (OPC) · S.C. 2000, c. 5 | n/a | — | Commercial activity in Canada — federally regulated everywhere; private-sector everywhere except where a substantially-similar provincial law applies. |
| POPIA Information Regulator (South Africa) · Act 4 of 2013 | n/a | — | Every supporting factor is not applicable to this site |
| Australian Privacy Act + APPs Office of the Australian Information Commissioner (OAIC) · Privacy Act 1988 (Cth) — 2024 amendments | n/a | — | Australian residents — applies to APP entities (most organisations with >A$3M turnover) and to overseas businesses with an Australian link. |
| Quebec Law 25 Commission d'accès à l'information du Québec (CAI) · Bill 64 (2021), final phase 22 Sept 2024 | n/a | — | Quebec residents specifically — Law 25 displaces PIPEDA in Quebec for private-sector commercial activity. |
| Virginia CDPA Virginia Office of the Attorney General · Va. Code §§ 59.1-575 et seq. | n/a | — | Virginia residents — applies to controllers processing 100K+ Virginia consumers, or 25K+ where 50%+ of revenue comes from selling personal data. |
| Colorado Privacy Act Colorado Attorney General · Colo. Rev. Stat. §§ 6-1-1301 et seq. | n/a | — | Colorado residents — applies to controllers processing 100K+ Colorado consumers, or 25K+ where any revenue is derived from selling personal data. |
| Connecticut Data Privacy Act Connecticut Attorney General · Conn. Gen. Stat. §§ 42-515 et seq. | n/a | — | Connecticut residents — applies to controllers processing 100K+ Connecticut consumers, or 25K+ where 25%+ of revenue is from selling personal data. |
| Utah Consumer Privacy Act Utah Department of Commerce — Division of Consumer Protection · Utah Code Title 13, Chapter 61 | n/a | — | Utah residents — applies to controllers with $25M+ annual revenue that process 100K+ Utah consumers (or 25K+ if 50%+ of revenue is from selling personal data). |
| Texas Data Privacy and Security Act Texas Office of the Attorney General · Tex. Bus. & Com. Code Ch. 541 | n/a | — | Texas residents — applies to anyone conducting business in Texas or producing products/services consumed by Texas residents that processes personal data and is not an SBA-defined small business. |
| Oregon Consumer Privacy Act Oregon Department of Justice · ORS 646A.570–646A.589 | n/a | — | Oregon residents — applies to controllers processing 100K+ Oregon consumers, or 25K+ where 25%+ of revenue is from selling personal data; nonprofits are included as of 1 July 2025. |
| EU ePrivacy Regulation (withdrawn) European Commission · COM(2017) 10 final — withdrawn 2025 | n/a | — | Would have applied to providers of electronic communications services and websites with EU users — but the proposal was withdrawn before adoption. |
Accessibility
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| WCAG 2.2 Level AA W3C · 2.2 | n/a | — | Every supporting factor is not applicable to this site |
| WCAG 2.2 Level A W3C · 2.2 | n/a | — | Every supporting factor is not applicable to this site |
| Section 508 U.S. Access Board · Refresh 2018 | n/a | — | Applies to federal agencies (.gov) and any vendor selling electronic content to the U.S. government. |
| European Accessibility Act European Commission · Directive (EU) 2019/882 | n/a | — | Applies to e-commerce, banking, ICT, transport-ticketing, and digital services in the EU as of June 2025. |
| ADA Title III (digital) U.S. Department of Justice · Public Accommodation | n/a | — | U.S. consumer-facing websites of businesses considered places of public accommodation. |
| WCAG 2.1 Level AA W3C · 2.1 | n/a | — | Every supporting factor is not applicable to this site |
| WCAG 2.1 Level A W3C · 2.1 | n/a | — | Every supporting factor is not applicable to this site |
| Accessibility for Ontarians with Disabilities Act Ministry for Seniors and Accessibility (Ontario) · 2005 (IASR) | n/a | — | Public-sector organizations of any size and private/nonprofit organizations with 50+ employees operating in Ontario. |
| Accessible Canada Act Accessibility Standards Canada · S.C. 2019, c. 10 | n/a | — | Federally regulated entities in Canada — federal departments, banks, telecoms, broadcasters, interprovincial transport. |
| Référentiel Général d'Amélioration de l'Accessibilité DINUM (Direction interministérielle du numérique) · 4.1.2 | n/a | — | French public sector and large private organizations (>€250M revenue or operating digital services to the public in France). |
| Barrierefreie-Informationstechnik-Verordnung 2.0 Bundesministerium für Arbeit und Soziales · 2019 amendment | n/a | — | German federal public-sector websites, mobile apps, intranets, and extranets. |
| JIS X 8341-3:2016 Japanese Industrial Standards Committee · 2016 | n/a | — | Every supporting factor is not applicable to this site |
| Korean Web Content Accessibility Guidelines 2.2 Ministry of Science and ICT (South Korea) · 2.2 | n/a | — | Every supporting factor is not applicable to this site |
| Israeli Standard 5568 Standards Institution of Israel · 2013 | n/a | — | Every supporting factor is not applicable to this site |
| 21st Century Communications and Video Accessibility Act Federal Communications Commission · Pub. L. 111–260 (2010) | n/a | — | U.S.-facing services that distribute video previously aired on TV, or that provide advanced communications services (VoIP, video calls, messaging). |
| Public Sector Bodies Accessibility Regulations 2018 Government Digital Service · SI 2018/952 | n/a | — | UK public-sector bodies — government departments, local councils, NHS trusts, universities, and most public-funded organizations. |
| UK Equality Act 2010 (digital provisions) Equality and Human Rights Commission · 2010 c. 15 | n/a | — | Any organization providing services to the UK public — including online services, e-commerce, and SaaS. |
| WAI-ARIA Authoring Practices Guide W3C Web Accessibility Initiative · Editor's Draft | n/a | — | Every supporting factor is not applicable to this site |
Email health
| Standard | Verdict | Factors | Note |
|---|---|---|---|
| DMARC IETF · RFC 7489 | n/a | — | Every supporting factor is not applicable to this site |
| SPF IETF · RFC 7208 | n/a | — | Every supporting factor is not applicable to this site |
| DKIM IETF · RFC 6376 | n/a | — | Every supporting factor is not applicable to this site |
| BIMI AuthIndicators Working Group · Working draft | n/a | — | Every supporting factor is not applicable to this site |
| MTA-STS IETF · RFC 8461 | n/a | — | Every supporting factor is not applicable to this site |
| SMTP TLS Reporting (TLS-RPT) IETF · RFC 8460 | n/a | — | Every supporting factor is not applicable to this site |
| Authenticated Received Chain (ARC) IETF · RFC 8617 | n/a | — | Every supporting factor is not applicable to this site |
| DMARC Failure Reports (RUF) IETF · RFC 7489 §7.3 | n/a | — | Every supporting factor is not applicable to this site |
| DKIM key rotation IETF / M3AAWG · RFC 6376 + M3AAWG BCP | n/a | — | Every supporting factor is not applicable to this site |
| SPF 10-DNS-lookup limit IETF · RFC 7208 §4.6.4 | n/a | — | Every supporting factor is not applicable to this site |
| Bulk-sender requirements (Apple / Google / Yahoo) Google / Yahoo / Apple · Effective Feb 2024 | n/a | — | Every supporting factor is not applicable to this site |
| Mailbox provider feedback loops (FBL) Yahoo / Microsoft / Google · Per-provider | n/a | — | Every supporting factor is not applicable to this site |
Standards are evaluated against the current scan. See the standards library for the canonical reference, or back to the dossier.