ConsentLens
Session replayHigh consent risk

Hotjar GDPR compliance and consent risk

Hotjar records user sessions and generates heatmaps. This page combines ConsentLens detection rules with live public scan data so you can see how often Hotjar appears, whether it fires before consent, and which compliance issues it tends to create.

7%

Of scanned sites

27 of 384 public sites include Hotjar.

0%

Fire before consent

0 detected sites fired it before a user could consent.

0%

Seen after rejection

No post-rejection evidence found in public scan data.

HIGH

Consent risk

Session replay tracker classified from ConsentLens tracker database.

How ConsentLens detects Hotjar

Domains

  • static.hotjar.com
  • script.hotjar.com
  • vars.hotjar.com

Globals

  • window.hj

Script patterns

  • hotjar

ConsentLens combines these signals with request timing. If Hotjar sends a data request during the first 500ms of page load, it is treated as a pre-consent tracking risk and connected to the relevant scan evidence.

Common compliance issues

No tracker-specific issue titles are available yet. When public scans produce issues naming Hotjar, this section will show the most frequent findings.

Example public scans detecting Hotjar

DomainScoreConsent timing
beewebsystems.com20/100No early fire
kogifi.com20/100No early fire
perpetualgroup.com20/100No early fire
jelvix.com39/100No early fire
adloonix.com20/100No early fire
madwise.si20/100No early fire
silvertouch.com20/100No early fire
gera-it.com20/100No early fire
Report issue