Hotjar GDPR compliance and consent risk
Hotjar records user sessions and generates heatmaps. This page combines ConsentLens detection rules with live public scan data so you can see how often Hotjar appears, whether it fires before consent, and which compliance issues it tends to create.
7%
Of scanned sites
27 of 384 public sites include Hotjar.
0%
Fire before consent
0 detected sites fired it before a user could consent.
0%
Seen after rejection
No post-rejection evidence found in public scan data.
HIGH
Consent risk
Session replay tracker classified from ConsentLens tracker database.
How ConsentLens detects Hotjar
Domains
- static.hotjar.com
- script.hotjar.com
- vars.hotjar.com
Globals
- window.hj
Script patterns
- hotjar
ConsentLens combines these signals with request timing. If Hotjar sends a data request during the first 500ms of page load, it is treated as a pre-consent tracking risk and connected to the relevant scan evidence.
Common compliance issues
No tracker-specific issue titles are available yet. When public scans produce issues naming Hotjar, this section will show the most frequent findings.
Example public scans detecting Hotjar
| Domain | Score | Consent timing |
|---|---|---|
| beewebsystems.com | 20/100 | No early fire |
| kogifi.com | 20/100 | No early fire |
| perpetualgroup.com | 20/100 | No early fire |
| jelvix.com | 39/100 | No early fire |
| adloonix.com | 20/100 | No early fire |
| madwise.si | 20/100 | No early fire |
| silvertouch.com | 20/100 | No early fire |
| gera-it.com | 20/100 | No early fire |