Hotjar is one of the most widely deployed session replay and heatmap tools. It is embedded on millions of sites, often through a tag manager, without a corresponding review of what it captures or when it starts. Lokker validates whether your Hotjar implementation fires within the correct consent perimeter and whether masking is applied to the fields that carry the most risk.
Marketing and Analytics
Hotjar is a behavioral analytics platform that provides session recording, heatmaps, scroll maps, and on-site survey tools to help teams understand how visitors navigate web pages.
Trademark
Hotjar is a trademark of Hotjar Ltd.. Lokker is not affiliated with or endorsed by Hotjar Ltd..
Risk and failure modes
Hotjar records the full visual representation of a visitor session. Without masking, that includes whatever is on the screen, including data a visitor has not submitted yet.
Hotjar captures what visitors type in form fields, not just the submitted values. Health questions, financial inputs, and contact information can all be captured in a Hotjar session recording before the visitor submits a form.
Logged-in sessions often display the user's name, account details, or order history. Hotjar records this content unless specific elements are explicitly suppressed.
Hotjar is frequently added through Google Tag Manager without a consent condition. When marketing adds it mid-campaign, the consent check often follows days or weeks later if at all.
Consent and configuration
Hotjar provides its own consent mode API and documentation for integration with CMP tools. Confirming that the integration works correctly on each page type, and that masking covers all sensitive fields, requires active testing rather than configuration review.
Hotjar's suppress recording API needs to be called before any session data is captured when the visitor has not yet consented.
Form fields containing health, financial, or authentication data need CSS-based or API-based suppression in addition to any CMP category assignment.
Hotjar surveys triggered to non-consenting visitors are a secondary risk that often receives less attention than recording suppression.
Regional compliance
European data protection authorities have issued guidance specifically addressing session replay tools, treating the captured data as personal data that requires opt-in consent under GDPR. Under California law as amended by the CPRA, opt-out rights and GPC recognition obligations apply to behavioral session data shared with third parties. In healthcare and financial contexts, additional sectoral regulations layer on top of general privacy law requirements, making session replay one of the most compliance-sensitive tool categories on most sites.
How Lokker helps
Lokker identifies Hotjar on your pages, tests whether it fires before or after consent, and flags page types where recording without masking creates material exposure.
Consent Validator runs the no-interaction, reject, and GPC flows and confirms whether Hotjar recording initializes, producing evidence of where the consent gate fails.
Explore Consent ValidatorPrivacy Edge detects Hotjar across your property portfolio, scores the session replay risk category for each site, and alerts when Hotjar appears on sensitive page types.
Explore Privacy EdgeExplore Lokker
Each product links to its full details so you can explore features, view a demo, and understand how it applies to your Hotjar deployment.
Validation
Tests whether Hotjar recording starts before consent and stops after opt-out.
Explore Consent ValidatorIntelligence
Detects Hotjar on sensitive page types and scores session replay risk across your portfolio.
Explore Privacy EdgeMarketing and Analytics
Next step
Lokker runs automated browser-level consent flows and scans the network layer to confirm whether Hotjar fires in states where it should not.