The Ultimate GDPR Compliance Directory for Tracking Scripts
A centralized resource for auditing popular third-party scripts. Find out exactly what cookies they drop, when they require consent, and how to test your website's compliance.
Why Script Compliance Matters
In the modern web, almost no website operates without third-party scripts. Whether it's Google Analytics tracking your visitors, Facebook Pixel measuring ad conversions, or Hotjar recording user sessions, these tools are essential for growth. However, they introduce immense legal risk under the General Data Protection Regulation (GDPR) and the ePrivacy Directive.
When you drop a third-party script on your website, you are often enabling cross-site tracking, dropping persistent cookies, and sharing personal data with massive tech conglomerates. Data protection authorities across Europe are actively scanning websites and issuing fines for non-compliant tracking setups. The most common violation? **Firing tracking scripts before the user explicitly gives consent.**
We created this directory to give developers, marketers, and agency owners a clear, actionable breakdown of the rules surrounding the most popular tools. Each guide explains the legal categorization, the specific cookies involved, and step-by-step instructions on how to audit your site.
Choose a Script to Audit
Google Analytics 4
Understand Consent Mode v2, the `_ga` cookies, and how to verify that GA4 waits for explicit analytics consent before tracking.
Read the Guide →Facebook / Meta Pixel
The Facebook Pixel is pure advertising technology. Learn how to block `_fbp` cookies and stop pre-consent data leakage.
Read the Guide →Hotjar
Session recordings and heatmaps capture massive amounts of behavior. Ensure your `_hjSessionUser_` cookies are strictly gated by consent.
Read the Guide →TikTok Pixel
TikTok tracking is heavily scrutinized in Europe. Audit your site to ensure `_ttp` identifiers are never fired illegally.
Read the Guide →