Advertising marketing

TikTok Pixel — consent fix

TikTok Pixel (analytics.tiktok.com/i18n/pixel/events.js) loads before consent and sets _ttp (TikTok tracking pixel, 13 months). It sends page views and conversion events to TikTok before consent.

Domains

  • analytics.tiktok.com
  • business-api.tiktok.com
  • ads.tiktok.com

Cookies

  • _ttp
  • tt_sessionid
  • tt_pixel_session_index

The TikTok Pixel (events.js) sets the _ttp tracking cookie on your visitors' devices, which remains valid for 13 months. Additionally, it immediately sends page views and potential conversion data to TikTok's servers. If this happens before the visitor has agreed to marketing cookies on your cookie banner, it is in violation of the GDPR and risks enforcement by regulators.

Why the TikTok Pixel loads too early

The TikTok Pixel is usually installed via Google Tag Manager (GTM). Unlike Google's own tools, the standard TikTok tag does not have a foolproof out-of-the-box integration with Google Consent Mode v2. If the trigger in GTM is set to All Pages, the script fires every time, regardless of what the cookie banner dictates.

The Fix: Block the TikTok Pixel until consent

To make the TikTok Pixel GDPR-compliant, the script must only load after the visitor has explicitly given consent for marketing (marketing_storage). The best way to manage this is in GTM.

1. Use an Exception Trigger in GTM (Recommended)

Follow these steps in your GTM workspace:

  1. Open your TikTok Pixel Tag.
  2. Go to the Triggering section.
  3. Click Add Exception.
  4. Click the + icon to create a new trigger.
  5. Choose the trigger type Custom Event.
  6. For Event name, enter .* and check the box for Use regex matching.
  7. Select Some Custom Events.
  8. Set the condition: Consent State — marketing_storage does not equal granted (or ad_storage, depending on your CMP).
  9. Save the trigger and publish your changes.

2. The TikTok Consent API (Advanced / HTML integration)

If you pasted the TikTok Pixel directly into your website code without GTM, you can use the TikTok Consent API. This ensures that the script loads, but does not set cookies or send events until you give the green light.

Immediately after initialising the ttq code, add the following to pause tracking:

// Pause tracking by default (before consent is given)
ttq.consent(false);

As soon as your specific Cookie Management Platform (CMP) registers an acceptance, execute the following:

// Resume tracking (after consent)
ttq.consent(true);

How to Verify the Fix

Use your browser's Network tab to see if the script is truly being blocked.

  1. Open your website in an incognito window.
  2. Ignore the cookie banner (do not click anything).
  3. Open Developer Tools (F12) and navigate to the Network tab.
  4. Search for tiktok.com. There must be absolutely no scripts or data connections (such as calls to analytics.tiktok.com) visible.

Not sure if the fix worked, or want to verify that no other scripts are leaking data? Run a free scan with ConsentChecker.eu for instant confirmation.

Sources

No CMP yet?

A Cookie Management Platform (CMP) handles consent automatically for TikTok Pixel and other trackers — including the correct GTM integration.

Cookiebot → CookieYes → CookieFirst → Complianz → Borlabs Cookie → Enzuzo → ConsentOS →

Check your own site

Scan your website for free to see if TikTok Pixel (or other trackers) loads before consent.

Start free scan →