The Tracking Pixel is currently in alpha . The data collected may change between releases.
A reference of all data the Tracking Pixel collects, organized by category. Useful for privacy reviews, legal assessments, and technical audits.
Cookies The pixel sets first-party cookies only. No third-party cookies are created.
Cookie Name Lifetime Scope Purpose Anonymous Device ID imtbl_anon_id2 years First-party, current hostname Persistent anonymous device identifier (UUID v4). Shared between the pixel and web SDK. SameSite=Lax, Secure on HTTPS. Session ID _imtbl_sid30 minutes (rolling) First-party, current hostname Session continuity across page loads. Expires after 30 minutes of inactivity.
The pixel reads (but does not write) existing third-party cookies if present, for cross-platform identity stitching:
Cookie Source Purpose _gaGoogle Analytics Google Analytics client ID _fbcMeta (Facebook) Facebook click ID _fbpMeta (Facebook) Facebook browser ID
Device Fingerprint Signals These signals are collected automatically when consent is anonymous or full.
Signal Source Example User agent navigator.userAgentMozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)...Screen resolution screen.width × screen.height1920×1080Timezone Intl.DateTimeFormat().resolvedOptions().timeZoneAmerica/New_YorkBrowser language navigator.languageen-USIP address Server-side from request headers Used for geo lookup then hashed. Raw IP is never stored.
Attribution Signals Captured automatically from the URL and browser on every page load.
Signal Source Example UTM parameters URL query string utm_source, utm_medium, utm_campaign, utm_term, utm_contentGoogle click ID URL query string gclidMeta click ID URL query string fbclidTikTok click ID URL query string ttclidMicrosoft click ID URL query string msclkidDisplay & Video 360 click ID URL query string dclidLinkedIn click ID URL query string li_fat_idReferrer document.referrerThe referring page URL Landing page window.location.href (first page in session)Entry point URL Referral code URL query string referral_code parameter if present
Auto-Tracked Events pageFires on every page load.
Properties: All attribution signals above, sessionId, third-party IDs (gaClientId, fbClickId, fbBrowserId), touchpoint_type: 'click'.session_startFires when a new session begins (no active _imtbl_sid cookie).
Properties: sessionId.session_endFires on page unload (visibilitychange to hidden / pagehide).
Properties: sessionId, duration (seconds since session start).Fires on HTML form submission.
Properties: formAction, formId, formName, fieldNames. At full consent only: emailHash (SHA-256, hashed client-side before transmission).link_clickedFires on outbound link clicks (external domains only).
Properties: linkUrl, linkText, elementId, outbound: true.Consent Level Matrix What is collected at each consent level:
Data category noneanonymousfullScript loaded Yes Yes Yes Cookies set None imtbl_anon_id, _imtbl_sidimtbl_anon_id, _imtbl_sidPage view events No Yes Yes Session events No Yes Yes Device fingerprint No Yes Yes Attribution signals No Yes Yes Form submissions No Yes (no email) Yes (with hashed email) Outbound link clicks No Yes Yes Third-party ID stitching No Yes Yes
What the Pixel Does NOT Collect
No cross-domain tracking (first-party cookies only)
No session replay or screen recording
No heatmaps or mouse movement tracking
No scroll depth tracking
No custom event tracking (use the Web SDK for that)
No A/B testing or feature flags
No server-side rendering support
No impression or view-through tracking (click-through only)
No raw email addresses (only SHA-256 hashed, only at full consent)
No raw IP addresses stored (hashed server-side after geo lookup)
Next Steps
Quickstart Install the pixel on your site
Configuration Reference All init options and command queue methods
