Tracking pixels (also called conversion pixels or tags) are small code snippets that services like Facebook, LinkedIn, TikTok, Pinterest, and Twitter embed on your site to track visitor behavior. Under GDPR, loading these pixels without explicit user consent is a violation — even if the user doesn't interact with them. Here's how to find and manage them.
What Tracking Pixels Do
Each tracking pixel sends data back to the respective platform when a page loads:
- Facebook Pixel (Meta Pixel) — Tracks page views, conversions, and creates retargeting audiences. Sends data to Facebook/Meta.
- LinkedIn Insight Tag — Tracks conversions from LinkedIn ads and collects demographics data.
- TikTok Pixel — Measures ad performance and builds audiences on TikTok.
- Twitter/X Pixel — Tracks conversions from Twitter ads.
- Pinterest Tag — Measures actions visitors take on your site after seeing Pinterest content.
The GDPR Problem
Under GDPR (and similar laws like ePrivacy), tracking pixels:
- Collect personal data (IP address, browsing behavior) without consent.
- Transfer data to servers outside the EU (particularly to US-based companies).
- Set cookies for tracking purposes before consent is given.
The correct approach: block all tracking pixels until the user explicitly consents.
Method 1: Conditional Loading with a Cookie Consent Plugin
The recommended approach is to integrate tracking pixels with your cookie consent tool:
- Use a consent management platform (CMP) like Cookiebot, Complianz, or Real Cookie Banner.
- Categorize tracking pixels as "Marketing" cookies.
- The CMP blocks the pixel scripts until the user opts in.
- After consent, the scripts load normally.
Method 2: Google Tag Manager with Consent Mode
If you use Google Tag Manager (GTM) to manage your tracking pixels:
- Set up Google Consent Mode v2 in your GTM container.
- Configure each tag's firing trigger to require marketing consent.
- Connect your CMP to GTM so consent signals are passed automatically.
- Tags only fire after the user grants consent.
Method 3: Complete Removal
If you don't need tracking pixels at all, remove them entirely:
- Check your theme — Some themes include tracking pixel fields in their settings. Remove the pixel IDs.
- Check plugins — Plugins like "PixelYourSite", "Insert Headers and Footers", or ad plugins often inject tracking pixels. Deactivate and remove them.
- Check header/footer code — Look in Appearance → Theme Editor (or your child theme's
functions.php) for manually added script tags. - Check Google Tag Manager — If you use GTM, remove the tracking tags from your container.
How to Find Hidden Tracking Pixels
Some tracking pixels are hard to spot because they are:
- Loaded by plugins you didn't configure (e.g., WooCommerce extensions)
- Embedded in third-party widgets (e.g., social sharing buttons)
- Added by your theme as "features"
Use InspectWP to scan your site — it detects Facebook Pixel, LinkedIn Insight Tag, TikTok Pixel, Twitter Pixel, Pinterest Tag, and other third-party tracking scripts automatically.
After Removal — Verify
- Run InspectWP again to confirm all pixels have been removed or are consent-gated.
- Check your browser's developer tools (Network tab) for outbound requests to tracking domains like
connect.facebook.net,snap.licdn.com,analytics.tiktok.com. - Test with cookies cleared and consent denied — no tracking requests should fire.