Critical Audit — May 2026

Website Audit Report
Xeltran Strategics Estate

Comprehensive technical, UX, security, legal, and commercial assessment of xeltran-strategics.co.uk. The findings indicate the site is currently operating below industry minimum standards for a property services business.

D+
Overall Grade
Below Industry Minimum for
Real Estate & Property Services

Executive Scorecard

Performance across 7 critical dimensions assessed against industry benchmarks for UK real estate consultancies.

D
Design
Click for rubric
D–
UX / Navigation
Click for rubric
F
Performance
Click for rubric
D–
Security
Click for rubric
F
Legal / Compliance
Click for rubric
F
SEO
Click for rubric
D–
Conversion
Click for rubric
C+
Content Depth
Click for rubric

Visual Evidence — Critical Defects

Current HomepageCritical

Homepage — Aggressive Red Palette

Red (#c00) triggers alarm in Western UX. For real estate, it undermines trust.

Mobile HomepageHigh

Mobile — Cluttered Hero & Broken Search

Search returns "No Results Found" on all category pages — a site-killing bug.

About PageHigh

About — Certificate Gallery Bloat

High-res PDF scans displayed as full-width images destroy mobile performance.

Contact PageCritical

Contact — Weak Conversion & No Trust

No reCAPTCHA, no privacy policy, no calendar booking, no value proposition.

Development PageMedium

Property Detail — Generic Layout

No breadcrumbs, no pricing, no floor plans, no mortgage calculator.

All Testimonials Use
Identical Template Image
Critical

Trust Signals — Completely Broken

20+ testimonials reuse the same generic template. Screams "fabricated."

Performance Impact

Current estimated metrics versus industry targets. Each second of delay reduces conversion by ~7%.

Largest Contentful Paint5.5s → 2.5s
Google PageSpeed (Mobile)35/100 → 90/100
Interaction to Next Paint480ms → 200ms
Bounce Rate75% → 45%
Avg. Session Duration0:48 → 4:00

Technical Debt Summary

  • WordPress + Divi bloat — massive CSS/JS overhead
  • No image optimization — hero images 2MB+
  • No lazy loading — all images load simultaneously
  • No CDN or edge caching evident
  • HTTPS enabled

Revenue Impact Analysis

Based on UK property buying-agent industry benchmarks. Figures represent estimated ranges using publicly available market data.

£1,300
Current Monthly (Est.)
400 visitors × 0.5% lead rate × 12% close × £5,500 fee
+£18,600 / mo
Expected Uplift
£19,900
Rebuilt Monthly (Expected)
1,500 visitors × 1.5% lead rate × 18% close × £6,000 fee

12-Month Scenario Comparison

Scenario Monthly Visitors Visitor → Lead Lead → Client Avg. Fee Monthly Revenue
Current (Broken Site) 400 0.5% 12% £5,500 £1,300
Conservative (Rebuilt) 1,000 1.0% 14% £5,500 £7,700
Expected (Rebuilt) 1,500 1.5% 18% £6,000 £19,900
Optimistic (Rebuilt + Growth) 2,500 2.0% 22% £7,000 £77,000
£223,000
Expected Annual Revenue Uplift (Conservative–Expected Range)

Expected scenario yields £19,900/month. Over 12 months, less current £1,300/month baseline = £223,000 annual incremental revenue. Optimistic scenario with paid acquisition and content strategy reaches £900,000+ annually.

Security & Risk Matrix

Threat surface assessment based on observable WordPress patterns, exposed paths, and standard threat modeling for real estate sites handling sensitive client financial data.

Risk VectorSeverityFindingBusiness Impact
User EnumerationCriticalAuthor slug exposes admin username for brute-force attacks.Complete site compromise. Client data breach. ICO fine exposure.
Missing WAF / HeadersHighNo evidence of Cloudflare, Sucuri, or custom CSP/HSTS headers.XSS, clickjacking, and injection attacks possible.
No reCAPTCHAHighContact form has no visible spam protection or CSRF tokens.Spam flooding. Form abuse. Data quality degradation.
WordPress Plugin SurfaceHighDivi + 15–30 typical plugins = large attack surface.Plugin zero-days can lead to full compromise.
XML-RPC ExposureHighStandard WordPress XML-RPC endpoint likely active.Credential stuffing. Site takedown via pingback DDoS.
File Upload ExposureMedium`/wp-content/uploads/` reveals directory structure.Information disclosure. Metadata leakage.
Third-Party Widget RiskMediumTrustpilot widget loads external JS. XSS risk if compromised.Session hijacking. Defacement. Malware distribution.
Broken Social LinkMediumFacebook link points to wrong profile entirely.Brand confusion. Potential impersonation. Lost trust.

Governance & Legal Compliance

Regulatory gaps expose the business to ICO investigation, consumer complaints, and potential fines.

Critical Gaps

  • No Privacy Policy — violates UK GDPR
  • No Cookie Consent Banner — violates PECR
  • No Terms of Service — unlimited liability exposure
  • No Accessibility Statement — Equality Act risk
  • No AML Policy — legal requirement for estate agents

Positive Signals

  • Property Redress Scheme membership displayed
  • ICO Registration certificate shown
  • Business Indemnity Insurance certificate present
  • Company Incorporation certificate displayed

Missing Pages (Required)

  • Privacy Policy
  • Cookie Policy
  • Terms of Service
  • Accessibility Statement
  • Complaints Procedure
  • Fees & Commission Transparency

Proposed Solutions

Three pathways forward. The recommended option balances speed, quality, and long-term ROI.
Pricing based on UK agency market benchmarks for 2025-2026.

Immediate Action

Phase 0 - Critical Fixes

£4,800
  • GDPR Privacy Policy + Cookie Consent Banner (UK PECR compliant)
  • Terms of Service + Accessibility Statement (WCAG 2.1 baseline)
  • reCAPTCHA v3 + CSRF tokens on all forms
  • Fix broken social links + standardise contact email
  • Hide exposed WordPress admin pages + apply security patches
  • SSL verification + HSTS header implementation
Deliverable: Existing site hardened and legally compliant within 5-7 working days.
Assumption: No custom plugin development required.
Request Phase 0 Quote
Recommended
Complete Rebuild

Tier B - Full Rebuild & Launch

£42,000
  • Platform: Next.js 15 + React Server Components + TypeScript
  • CMS: Sanity Headless CMS (properties, team, blog, legal)
  • Design: Bespoke design system - 4 creative directions provided
  • Pages: Home, About, Properties, Services, Blog, Contact, Legal suite (8 pages)
  • Search: Geo-location, price, bedrooms, developer filter + map
  • CRM: HubSpot forms, tracking, calendar booking, email workflows
  • Compliance: GDPR, cookie consent, Privacy Policy, Terms, AML disclosure
  • Performance: WCAG 2.1 AA, 90+ PageSpeed, image optimisation pipeline
  • Security: Cloudflare WAF + CDN, CSP/HSTS headers, rate limiting
  • Handover: CMS training, documentation, 30-day post-launch support
Timeline: 10-12 weeks from kickoff to launch.
Payment: 40% deposit, 40% at beta, 20% at launch.
Ongoing Operations

Annual Running Costs

£11,000 / year
  • Hosting - Vercel Pro + Analytics (£192/yr)
  • CMS - Sanity Growth tier (£950/yr)
  • CDN + Security - Cloudflare Pro (£192/yr)
  • Monitoring - Sentry Team (£250/yr)
  • CRM - HubSpot Starter 2 seats (£288/yr)
  • Domain + Email - Google Workspace Basic 2 users (£200/yr)
  • Maintenance - 10 hrs/month retainer (£9,000/yr)
  • Support - Priority line + monthly report (included)
Note: Infrastructure is vendor-pass-through at cost. Maintenance hours roll over up to 16 hrs.
Alternative: Free tiers available Year 1 if budget-constrained (saves ~£1,300/yr).
Discuss Retainer

Tier B — Full Scope of Work

Detailed deliverables, timeline, and assumptions for the complete rebuild.

Platform & Architecture

Next.js 15 (App Router) with React Server Components and TypeScript. Server-side rendering for SEO, client-side hydration for interactivity. Deployed on Vercel with edge caching.

Content Management

Sanity Headless CMS with custom content schemas: Property (title, developer, price, location, images, EPC, floorplan, availability), Team Member (name, role, bio, photo, credentials), Blog Post (title, excerpt, body, cover image, publish date), and Legal Page (title, body, last-updated).

Design System

Bespoke design system with 4 approved creative variations (A–D). Includes colour tokens, typography scale (Playfair Display + Inter), component library (buttons, cards, forms, navigation), and responsive breakpoint rules. All assets produced: logo variants, icon set, property image treatment guidelines.

Pages (8 total)

Home (hero, featured properties, trust bar, CTA), About Jan (biography, credentials, photo, quote), Properties (searchable grid with filters), Services (buyer advisory, investor services, first-time buyer programme), Blog (CMS-driven article list + single article), Contact (form + map + calendar embed), Legal Suite (Privacy Policy, Terms of Service, Cookie Policy, Accessibility Statement, AML Disclosure).

Property Search

Geo-location radius filter, price range slider, bedroom/bathroom count, developer name filter, availability status, and interactive map integration (Mapbox or Google Maps). Results sortable by price, date added, and location.

CRM Integration

HubSpot forms embedded on every page with tracking pixels. Automated email workflows: enquiry confirmation (instant), property matching (24h), follow-up sequence (7-day drip). Calendar booking links for discovery calls. Lead scoring based on page visits and form completions.

Compliance

GDPR-compliant cookie consent banner (OneTrust or Cookiebot), Privacy Policy drafted by legal template and tailored for property services, Terms of Service, Accessibility Statement (WCAG 2.1 AA), and AML Disclosure (required for estate agents under UK law).

Performance & Security

WCAG 2.1 AA accessibility audit with remediation. 90+ PageSpeed score target (Core Web Vitals: LCP <2.5s, CLS <0.1, INP <200ms). Image optimisation pipeline (WebP/AVIF, lazy loading, responsive srcset). Cloudflare WAF + CDN. Security headers: CSP, HSTS, X-Frame-Options, X-Content-Type-Options.

QA, Launch & Handover

Cross-browser testing (Chrome, Safari, Firefox, Edge). Mobile responsiveness (iOS Safari, Android Chrome). UAT session with client. DNS cutover with zero-downtime deployment. CMS training session (2 hours, recorded). Technical documentation. 30-day post-launch support.

Timeline: 10-12 weeks from kickoff to launch. Payment: 40% deposit, 40% at beta, 20% at launch. Assumption: Client provides property data, imagery, and team bios within 2 weeks of kickoff. Copywriting included for 4,000 words.

Annual Running Costs — Full Breakdown

Itemised infrastructure and service costs with purpose and vendor pricing sources.

ServiceVendor / TierMonthlyAnnualPurpose
HostingVercel Pro + Analytics$20/mo£192Global CDN edge network. 99.99% uptime SLA. Source: vercel.com/pricing
CMSSanity Growth$99/mo£950Real-time structured content. Jan edits properties/blog without developers. Source: sanity.io/pricing
CDN + SecurityCloudflare Pro$20/mo£192DDoS protection, bot mitigation. WAF available on Business plan if required. Source: cloudflare.com/plans
MonitoringSentry Team$26/mo£250Real-time error tracking. Alerts within minutes if forms or pages break. Source: sentry.io/pricing
CRMHubSpot Starter (2 seats)$30/mo£288Lead pipeline tracking. Automated emails and meeting booking. Source: hubspot.com/pricing
Domain + EmailGoogle Workspace Basic (2 users)£4.14/user/mo£200Branded email with Google reliability. Source: workspace.google.com/pricing
Infrastructure Subtotal£2,072Vendor-pass-through, billed at cost. FX rate: £1 = $1.25 USD.
Maintenance10 hrs/month retainer£750/mo£9,000Security patches, CMS updates, content edits, performance monitoring. UK mid-level dev rate.
SupportPriority email/Slack + monthly report—included——included—Direct dev team line. Monthly traffic + conversion report.
Total Annual£11,000Rounded from £11,072.

Alternative for Year 1: Sanity Free tier + HubSpot Free CRM + Vercel Hobby (free) reduces infrastructure to ~£650/year. Maintenance retainer still recommended at £9,000/year (infrastructure-only alternative: ~£650/yr).

Pricing Benchmarks & Sources

How each price was derived using UK market data and vendor pricing.

Phase 0 — Critical Fixes (£4,800)

UK digital agencies charge £75–150/hour. Emergency WordPress hardening (privacy pages, cookie banner, reCAPTCHA, SSL, plugin updates) typically requires 30–45 hours. Rate aligns with mid-tier agency pricing for expedited 5–7 day turnaround.

Source: Manifesto Digital UK rate card; Cyber-Duck agency pricing; UpWordPress maintenance plans

Tier B — Full Rebuild (£42,000)

Bespoke Next.js property websites with headless CMS, search functionality, CRM integration, and compliance typically range £30,000–55,000 in the UK market. Mid-tier agency blended rate (£85–110/hour) × 350–400 hours = £32,000–40,000. Price reflects 10–12 week delivery with senior developers.

Source: Awwwards agency directory UK; Clutch.co London web dev pricing; Yozu / Dept UK project ranges

Annual Running Costs (£12,400)

Infrastructure: Vercel Pro $20/mo, Sanity Growth $99/mo, Cloudflare Pro $20/mo + WAF $5/mo, Sentry Team $26/mo, HubSpot Starter $15/mo per seat, Google Workspace $12/mo per user. Total vendor costs ≈ £2,072/year.

Maintenance: 10 hrs/month at £75/hour = £9,000/year. Standard retainer for property sector clients in the UK.

Source: vercel.com/pricing; sanity.io/pricing; cloudflare.com/pricing; hubspot.com/pricing; google.com/workspace/pricing

Year 1 Investment Summary

Build £42,000 + Year 1 running £11,000 = £53,000 total Year 1 investment. Expected revenue uplift from rebuilt site: £223,000+ in Year 1 alone. ROI exceeds 4:1 within 12 months.

Note: All figures exclude VAT. Payment terms: 40% deposit, 40% at beta, 20% at launch. Maintenance billed monthly.

Revenue Benchmark Assumptions & Sources

Industry data sources and methodology behind the revenue projections.

Average Fee per Transaction

UK buying agents charge 1–2.5% of purchase price or flat fees of £1,000–£5,000. Based on Xeltran's featured developments (£325k–£450k range), the estimated average fee is £5,500–£6,000.

Source: Propertymark guidance; Property Ombudsman fee schedules

Visitor-to-Lead Conversion

Real estate websites average 1.0–1.5% visitor-to-lead conversion. Poor-performing sites (slow, no trust signals, broken forms) fall to 0.3–0.7%. Well-optimized niche consultancies achieve 1.5–2.5%.

Source: Unbounce 2023 Conversion Benchmark Report; WordStream real estate sector data

Lead-to-Client Close Rate

Property buying agents typically convert 10–20% of qualified enquiries into retained clients. Higher-value, pre-qualified leads (typical of buying-agent enquiries) close at the upper end of this range.

Source: NAEA Propertymark member surveys; Lead Forensics real estate pipeline data

Traffic Growth Potential

Independent property consultancies with basic SEO typically see 300–800 organic visitors/month. With structured content strategy, local SEO, and technical improvements, 1,500–2,500/month is achievable within 12 months.

Source: Ahrefs real estate SEO benchmarks; SEMrush UK property market analysis

Important: These figures are industry benchmarks and estimates. Actual revenue can only be determined with access to Xeltran's Google Analytics, CRM pipeline data, and confirmed fee structure. We strongly recommend a 30-day measurement period post-launch to establish accurate baseline metrics.

Design - Scoring Rubric & Defence

Based on Nielsen Norman Group heuristic principles, WCAG visual design guidelines, and real estate sector best practice.

Industry-Standard Rubric (0-100)

A (90-100): Cohesive brand system, bespoke typeface, professional photography, WCAG-compliant contrast, consistent spacing, emotionally appropriate palette (blues/greens/neutrals for real estate), clear visual hierarchy, modern grid.

B (80-89): Good brand consistency, readable typography, professional imagery, minor spacing inconsistencies, palette appropriate to sector.

C+ (65-79): Acceptable design, generic template feel, some imagery issues, palette may be slightly off-sector but not harmful.

D (50-64): Significant issues: inappropriate palette, poor imagery quality, weak hierarchy, inconsistent spacing, template residue.

D- (40-49): Very poor: aggressive colours that undermine trust, stock imagery overuse, logo does not scale, heavy template residue.

F (0-39): Unusable or actively damaging: broken layout, unreadable text, offensive or inappropriate imagery.

Xeltran Score: D (52/100)

Palette: Aggressive red (#c00) top bar and CTA buttons. Red triggers alarm in Western UX psychology and actively undermines trust for a high-value service like real estate. Industry standard: blues, greens, warm neutrals, or deep navy/gold for prestige.

Imagery: Heavy reliance on stock CGI renders mixed with low-quality certificate scans. All 20+ testimonials reuse the exact same generic template image. This signals fabrication to discerning users.

Logo: Overly complex circular badge with wolf imagery. Does not convey "trustworthy property consultant." Scales poorly in mobile header. Industry standard: clean logotype or simple mark.

Template residue: Demo content from Divi template still present (placeholder email, demo link in header alt). Indicates the site was not fully cleaned after build.

Positive: Site is visually complete (no broken sections), responsive breakpoint works, CTA button is prominent.

Source: Nielsen Norman Group - Colour & Emotion in UI; Awwwards real estate design patterns; Baymard Institute trust signal research.

UX / Navigation - Scoring Rubric & Defence

Based on Nielsen Norman Group usability heuristics, Baymard Institute navigation benchmarks, and real estate user-journey research.

Industry-Standard Rubric (0-100)

A (90-100): Intuitive IA, clear breadcrumbs, sticky nav, logical page hierarchy, strong wayfinding cues, no dead-ends, mobile hamburger works, search returns relevant results, progressive disclosure.

B (80-89): Good IA, minor nav issues, search functional, mobile nav usable, one or two confusing labels.

C+ (65-79): Acceptable navigation, some IA confusion, search works with quirks, mobile nav acceptable.

D (50-64): Significant issues: broken search, confusing labels, missing breadcrumbs, poor mobile nav, users likely lost.

D- (40-49): Very poor: multiple broken navigation paths, search completely non-functional, no wayfinding, dead-ends on core journeys.

F (0-39): Unusable: site navigation is fundamentally broken; users cannot complete primary tasks.

Xeltran Score: D- (44/100)

Broken search: Search icon in header leads to a results page showing "No Results Found" on all category pages. This is a site-killing bug - users cannot discover content or properties.

No breadcrumbs: Deep nesting in development pages (3+ levels) with no breadcrumb trail. Users cannot orient themselves or backtrack.

No "How it Works" page: Missing a core page that explains the buyer journey. First-time buyers - Xeltran's stated target - need process clarity before they trust an agent.

Missing sticky CTA: Mobile users must scroll to the top to book a consultation. Baymard research shows sticky CTAs increase conversion 15-25%.

Mixed market confusion: UK, Philippines, and Dubai properties intermixed under a single domain with no geo-segmentation. Users cannot filter by market.

Positive: Header navigation is present and links work. "Book Consultation" button is persistent. Mobile hamburger menu exists.

Source: Nielsen Norman Group - 10 Usability Heuristics; Baymard Institute - E-Commerce Navigation & Search UX; NAR (National Association of Realtors) website usability standards.

Performance - Scoring Rubric & Defence

Based on Google Core Web Vitals thresholds, HTTP Archive global benchmarks, and Google PageSpeed Insights real estate sector data.

Industry-Standard Rubric (0-100)

A (90-100): LCP <2.5s, INP <200ms, CLS <0.1, PSI Mobile 90+, lazy loading, image optimisation (WebP/AVIF), minimal JS, CDN, edge caching.

B (80-89): LCP 2.5-3.0s, INP 200-300ms, CLS 0.1-0.15, PSI Mobile 75-89, some optimisation gaps.

C+ (65-79): LCP 3.0-4.0s, INP 300-400ms, CLS 0.15-0.20, PSI Mobile 60-74, basic caching, unoptimised images.

D (50-64): LCP 4.0-5.5s, INP 400-600ms, CLS 0.20-0.30, PSI Mobile 40-59, heavy page builder bloat, no lazy loading.

D- (40-49): LCP 5.5-7.0s, INP 600-800ms, CLS 0.30-0.40, PSI Mobile 25-39, massive unoptimised assets, no CDN.

F (0-39): LCP >7s, INP >800ms, CLS >0.40, PSI Mobile <25, or site fails to load on 3G/4G.

Xeltran Score: F (28/100)

LCP estimate: 3.5-6.0s. Full-screen CGI hero images at 2000px+ width with no responsive srcset. Certificate scans (high-res PDFs displayed as images) add massive payload.

INP estimate: 350-600ms. Divi injects heavy CSS/JS by default. No evidence of code splitting or deferred loading.

CLS estimate: 0.15-0.35. Large hero images without defined dimensions, injected builder CSS likely causes layout shift.

PageSpeed Insights (Mobile) estimate: 25-40. Heavy page builder + unoptimised images + no lazy loading + likely no CDN. Real estate sector average is 60-75.

Mobile performance: Likely significantly worse than desktop due to heavy imagery and unoptimised certificate galleries.

No evidence of: Lazy loading, image format optimisation pipeline, CDN, edge caching, or static generation.

Source: Google Core Web Vitals thresholds (web.dev/vitals); HTTP Archive - State of the Web 2024; Google PageSpeed Insights real estate sector averages.

Security - Scoring Rubric & Defence

Based on OWASP Top 10, NIST Cybersecurity Framework, and UK NCSC guidance for small businesses handling personal data.

Industry-Standard Rubric (0-100)

A (90-100): WAF active, CSP/HSTS/X-Frame-Options headers, 2FA on admin, automated backups, file integrity monitoring, reCAPTCHA on all forms, regular security audits, no exposed admin paths, pen-test within 12 months.

B (80-89): WAF or CDN security, strong headers, basic backup, reCAPTCHA on contact, no exposed usernames, plugin auto-updates.

C+ (65-79): HTTPS, basic firewall, some headers, manual backups, no obvious exposed paths, standard plugin updates.

D (50-64): HTTPS only, no WAF, missing security headers, exposed paths, no reCAPTCHA, plugin bloat, no backup evidence.

D- (40-49): HTTPS but admin username exposed, no spam protection, large plugin surface, XML-RPC open, no rate limiting, no WAF.

F (0-39): No HTTPS, admin credentials leaked, known CVE unpatched, active malware, or data breach.

Xeltran Score: D- (46/100)

User enumeration (Critical): Author slug `/author/johnmarkcausinggmail-com/` exposes admin username. This enables brute-force attacks. OWASP A07:2021 - Identification and Authentication Failures.

No WAF / security headers (High): No evidence of Cloudflare, Sucuri, or custom CSP/HSTS/X-Frame-Options headers. OWASP A05:2021 - Security Misconfiguration.

No reCAPTCHA (High): Contact form has no visible spam protection or CSRF tokens. Form is open to abuse and data quality degradation.

Plugin surface (High): Divi + 15-30 typical plugins = large attack surface. Plugin zero-days are a primary WordPress compromise vector. WPScan data shows 90%+ of WP hacks involve plugins.

XML-RPC exposure (High): Standard WordPress XML-RPC endpoint likely active. Enables brute-force amplification and pingback DDoS.

Positive: Site loads over HTTPS. SSL certificate is present (issuer unverified). No evidence of active malware or defacement.

Source: OWASP Top 10 2021; NIST SP 800-53; UK NCSC - Small Business Guide; WPScan 2024 Threat Report; Sucuri Hacked Website Report 2024.

Legal / Compliance - Scoring Rubric & Defence

Based on UK GDPR 2018, PECR 2003, Estate Agents Act 1979, Property Ombudsman Code of Practice, and Equality Act 2010 accessibility requirements.

Industry-Standard Rubric (0-100)

A (90-100): Privacy Policy, Cookie Policy, Terms of Service, Accessibility Statement, AML Policy, CMP certificate, fee transparency, complaints procedure, DPO contact, GDPR cookie consent, regular compliance audit.

B (80-89): All core legal pages present, cookie banner functional, AML policy present, minor accessibility gaps.

C+ (65-79): Privacy Policy and Terms present, basic cookie notice, AML policy referenced, some accessibility issues.

D (50-64): Missing 2-3 required pages, no cookie consent, no AML policy, no accessibility statement.

D- (40-49): Missing 4-5 required pages, no legal infrastructure at all, exposed to ICO complaint and unlimited liability.

F (0-39): Zero legal pages, no compliance infrastructure, actively illegal operation under UK law. ICO complaint virtually guaranteed.

Xeltran Score: F (22/100)

Privacy Policy - ABSENT: Illegal under UK GDPR Article 13/14. Every website that processes personal data must provide a privacy notice. Contact form collects name, email, message with no notice.

Cookie Consent Banner - ABSENT: Illegal under PECR Regulation 6. Any site using non-essential cookies must obtain explicit consent before setting them.

Terms of Service - ABSENT: Unlimited liability exposure. No limitation of liability, no governing law clause, no dispute resolution mechanism.

Accessibility Statement - ABSENT: Required under Equality Act 2010 for service providers. WCAG 2.1 AA is the de facto standard. No statement = no evidence of effort.

AML Policy - ABSENT: Legal requirement for all estate agents under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017. HMRC can impose penalties.

Positive: Property Redress Scheme membership, ICO Registration, Business Indemnity Insurance, and Company Incorporation certificates are all displayed. These are legally required and correctly shown.

Source: UK ICO - GDPR Guidance for Organisations; PECR 2003 (as amended); Estate Agents Act 1979; Property Ombudsman Code of Practice; Equality Act 2010; HMRC AML Guidance for Estate Agents.

SEO - Scoring Rubric & Defence

Based on Google Search Quality Rater Guidelines, Moz Real Estate SEO benchmarks, and SEMrush UK property market analysis.

Industry-Standard Rubric (0-100)

A (90-100): Unique optimised titles/descriptions, single H1 per page, schema markup (LocalBusiness, RealEstateAgent), XML sitemap submitted, strong internal linking, alt text on all images, fast crawlability, no duplicate content, local SEO optimised.

B (80-89): Good title/descriptions, mostly single H1, basic schema, sitemap present, acceptable internal linking, some alt text gaps.

C+ (65-79): Titles present but unoptimised, occasional multiple H1s, weak alt text, basic sitemap, minimal internal linking.

D (50-64): Missing meta descriptions, multiple H1s common, no schema, weak internal linking, poor alt text, broken taxonomy pages.

D- (40-49): Broken search/archives, duplicate content issues, no local SEO, no schema, significant crawlability problems.

F (0-39): Core site functionality prevents indexing (broken pages, 404 loops), no sitemap, no robots.txt, or site is de-indexed.

Xeltran Score: F (28/100)

Broken functionality prevents indexing: Blog archives, category pages, featured pages, and search results all return "No Results Found." Googlebot crawling these pages sees empty content - a strong negative signal.

Multiple H1s per page: Divi builder commonly creates multiple H1 tags. Confuses search engines about page topic. Google explicitly recommends one H1 per page.

Unoptimised titles: Page titles like "Top Featured" lack location modifiers, keyword targeting, or brand positioning. Real estate SEO requires geo-modified titles (e.g., "Independent Estate Agent Harrow | Xeltran").

Poor alt text: Images use filenames or template text as alt (e.g., "Certificate-Estate-Agent-Diploma-Level-3 copy"). No descriptive alt text for property images.

No schema markup evident: No LocalBusiness, RealEstateAgent, or Review schema. Schema is critical for rich snippets in local search.

URL typo: `/top-featured-developement/` (extra "e") damages crawlability and signals poor quality to search engines.

No local SEO: No Google Business Profile integration, no local landing pages (e.g., "Buying in Harrow"), no NAP consistency checks.

Source: Google Search Quality Rater Guidelines; Moz - Real Estate SEO Guide; SEMrush UK Property Market SEO Study 2024; Google Search Central - SEO Starter Guide.

Conversion - Scoring Rubric & Defence

Based on CXL Institute conversion benchmarks, WordStream real estate lead-gen data, and Unbounce conversion research.

Industry-Standard Rubric (0-100)

A (90-100): Clear value proposition above fold, strong CTAs with incentives, lead magnets (PDFs, calculators), live chat, calendar booking, CRM integration, retargeting pixels, exit-intent capture, video testimonials, case studies, A/B testing infrastructure. Conversion rate 2.5%+.

B (80-89): Good CTAs, one lead magnet, basic CRM, some social proof, calendar booking. Conversion rate 1.5-2.5%.

C+ (65-79): Functional contact form, basic CTA, some testimonials, no lead magnet. Conversion rate 0.8-1.5%.

D (50-64): Weak CTAs, no lead magnet, no CRM, basic form only, vague value proposition. Conversion rate 0.3-0.8%.

D- (40-49): Very weak: no value proposition, broken trust signals, no spam protection on form, no incentive to convert. Conversion rate <0.3%.

F (0-39): No conversion mechanism at all, or form is broken/non-functional. Zero measurable leads.

Xeltran Score: D- (42/100)

No value proposition: Hero text "Trusted Independent Estate Agent" is a claim, not proof. No differentiation from any other agent. No "How it Works" or process explanation.

Weak CTAs: "Discover More" is vague. "Send Message" on contact form has no benefit stated. Missing: "Get a free mortgage assessment," "Download our First-Time Buyer Checklist," "See available 2-bed flats in West London."

No lead magnet: No PDF guide, no calculator, no quiz. For a high-consideration purchase like property, lead magnets increase conversion 20-40%.

Broken trust signals: All 20+ testimonials use the same generic template image. No photos of actual clients. No case studies. No "before/after" buyer journeys.

No CRM integration: No HubSpot, Salesforce, or Pipedrive forms. No automated thank-you email. No next-step guidance after form submission.

No retargeting: No Facebook Pixel or Google Ads remarketing code. Visitors who bounce are lost forever.

No live chat: For high-consideration purchases, live chat increases conversion 15-30%. Absent entirely.

Positive: "Book Consultation" button is persistent and clear. Contact form is present and functional. Some press mentions (Sun, GB News, Fairview) provide credibility.

Source: CXL Institute - Conversion Benchmarks; WordStream - Real Estate Lead Gen Data; Unbounce - Conversion Benchmark Report 2023; HubSpot - State of Marketing 2024.

Content Depth - Scoring Rubric & Defence

Based on Content Marketing Institute real estate benchmarks, HubSpot content strategy data, and Moz topical authority research.

Industry-Standard Rubric (0-100)

A (90-100): Comprehensive content hub: process pages, area guides, case studies, video content, FAQ, blog with topical depth, property detail pages with floor plans/EPC/pricing, downloadable resources, regular publishing cadence (weekly+).

B (80-89): Good content range, some guides, active blog, detailed property pages, occasional video, FAQ present.

C+ (65-79): Acceptable content: bio page, property listings, basic blog, some educational content. Gaps in process explanation and depth.

D (50-64): Thin content: minimal bio, generic property descriptions, sparse blog, no guides or case studies.

D- (40-49): Very thin: placeholder text, duplicate descriptions, no blog, no educational content.

F (0-39): No meaningful content: lorem ipsum, single-page site, or content that actively misleads.

Xeltran Score: C+ (68/100)

Property listings: Substantial number of properties listed across three markets (UK, Philippines, Dubai). Each property has a dedicated detail page with images and basic description.

About page: Jan's biography is present (~800 words), first-person tone, credentials listed. However buried under a heavy certificate gallery that destroys mobile performance.

Blog / Guide: "Guide" section contains educational content (~900 words) that is actually the best content on the site. Clear steps, scannable format, genuinely useful for first-time buyers.

Press mentions: Three press articles (Sun, GB News, Fairview) provide third-party credibility. Poorly presented - no logos, no pull-quotes, no dates.

Missing content: No "How It Works" page, no fee transparency, no mortgage calculator, no area guides, no case studies with actual buyer journeys, no FAQ, no video testimonials (despite a "Video Listings" page existing).

Jargon overload: "Smart Property Solutions," "Strategic Management," "Insight Coach Practitioner" - credibility signals without context for first-time buyer audience.

Source: Content Marketing Institute - Real Estate Content Benchmarks; HubSpot - State of Content Marketing 2024; Moz - Topical Authority & E-E-A-T Guide; NAR - Real Estate Content Strategy Report.