Skip to main content
All guides
Serious KVKK m.5 · GDPR Art. 6 · Art. 26 (joint controller) · Social pixel

Load the Meta (Facebook) Pixel only after consent

The Meta Pixel tracks visitors for advertising and builds custom audiences. Firing it on page load shares behaviour with Meta before consent — and Meta is a joint controller for that data.

Why it matters

Advertising pixels are the clearest example of non-essential tracking that needs prior consent. Because you and Meta are joint controllers (GDPR Art. 26), a pre-consent pixel exposes both the identifiers it drops and the fact that no valid basis existed when it fired.

How to fix it

Never call fbq('init') or fbq('track') on load. Initialise the pixel inside your consent callback, and if the visitor rejects, do not load connect.facebook.net at all.

<!-- Do NOT init on load. Only inside the Accept handler: -->
function onConsentAccepted() {
  !function(f,b,e,v,n,t,s){/* standard Meta snippet */}(window,document,'script','https://connect.facebook.net/en_US/fbevents.js');
  fbq('init', 'YOUR_PIXEL_ID');
  fbq('track', 'PageView');
}

Does your site have this issue?

Run a free scan to find out in seconds.

Official sources

Links to primary legislation for reference. PrivaScan is not affiliated with these bodies; this is information, not legal advice.

Related guides

These guides cover automated checks for trackers, cookies and data flows. A full privacy review also needs legal input.