Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Snap Pixel is the JavaScript advertising tag from Snap Inc. that allows European advertisers to measure conversions from Snapchat campaigns, build retargeting audiences and run Lookalike audience expansion. The pixel drops third party cookies on the visitor browser and supports the server side Snap Conversions API.
Snap Pixel is the JavaScript advertising tag from Snap Inc. (operator of Snapchat). European advertisers deploy the pixel on their website to measure ad conversions from Snapchat campaigns, build custom and Lookalike audiences and run retargeting. The Snap Conversions API also offers a server side ingestion path that complements the browser pixel.
The Snap Pixel script (sc-static.net/scevent.min.js) sets the sc_at cookie under the advertiser domain to attribute conversions, plus third party cookies on sc-static.net and snapchat.com (X-SS-Visitor, sc_x). The pixel also sends events to tr.snapchat.com. The Snap Conversions API runs server side and can supplement or replace the browser pixel.
Snap Pixel performs cross site behavioural profiling for advertising, which is non strictly necessary under Article 5(3) ePrivacy. Snap Inc. acts as a joint controller with the advertiser under Article 26 GDPR for audience and conversion measurement. The CNIL, the DSK, the AEPD and the Garante require prior explicit consent for the pixel.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Prior, freely given, specific, informed and unambiguous consent is required before the Snap Pixel fires. Snap supports the IAB Transparency and Consent Framework v2.2 and a dedicated Snapchat Consent Mode that downgrades pixel events to a privacy preserving mode when consent is denied. A consent management platform should signal the consent state before any event is sent.
Snap Inc. processes pixel events on Google Cloud and AWS US regions. Snap Inc. self certifies under the EU US Data Privacy Framework, providing an adequacy basis. Standard Contractual Clauses are included in the Snap DPA. Document the transfer in your record of processing activities and inform visitors in the privacy notice.
Sign the Snap DPA and Article 26 joint controller arrangement, register a TCF certified consent management platform, gate the Snap Pixel behind the consent string, prefer the Conversions API with hashed identifiers, document the US transfer under the EU US Data Privacy Framework and apply additional safeguards if you target minors aged 13 to 24.
Websites using Snap Pixel must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended whenever Snap Pixel is used at scale for behavioural retargeting, Lookalike audience extension or campaigns targeting minors. Snapchat audience targeting interacts with sensitive demographics (age 13 to 24) which raises additional Article 8 GDPR considerations on consent of children.
Sample consent text
We use Snap Pixel and the Snap Conversions API to measure conversions from our Snapchat ad campaigns and build retargeting audiences. Snap Inc. (United States) drops the sc_at cookie on your browser to attribute conversions and build audiences. The Snap Pixel is loaded only with your consent.
Third-party domains contacted
sc-static.nettr.snapchat.comsnapchat.combusiness.snapchat.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| sc_at | first_party | 1 year | Snap Pixel first party advertiser cookie that stores the visitor authentication token used to attribute conversions back to a Snapchat ad click or view. |
| X-SS-Visitor | third_party | 1 year | Snapchat third party visitor identifier dropped on sc-static.net and snapchat.com. Used to recognise the visitor across publisher sites running the Snap Pixel. |
| sc_x | third_party | 1 year | Snapchat third party identifier used for audience extension and cross device matching across the Snap advertising network. |
Snap Pixel places tracking cookies for advertising — comply with GDPR using FlowConsent.
The Snap Pixel sets sc_at (first party, advertiser domain, 1 year, conversion attribution) and reads or writes third party cookies on sc-static.net and snapchat.com (X-SS-Visitor, sc_x) for cross site identification.
Yes. The Snap Pixel is a cross site behavioural advertising technology. Prior, freely given, specific, informed and unambiguous consent under Article 5(3) ePrivacy and Article 6(1)(a) GDPR is required before it executes.
Consent under Article 6(1)(a) GDPR is the only lawful basis. Snap Inc. acts as a joint controller with the advertiser under Article 26 GDPR for audience and conversion measurement, requiring an Article 26 arrangement.
Yes. Snap Inc. processes data on Google Cloud and AWS US regions. Snap Inc. self certifies under the EU US Data Privacy Framework. Standard Contractual Clauses are also included in the Snap DPA.
A DPIA is recommended at scale, especially when targeting minors (Snapchat skews young), running Lookalike audiences or combining the pixel with offline conversion uploads. Document Article 8 GDPR considerations for users under 16 in the EU.
Sign the Snap DPA, conclude the Article 26 joint controller arrangement, register a TCF certified consent management platform, gate the pixel behind the consent string, prefer the Conversions API with hashed identifiers, label minors targeting clearly and document the US transfer.
Alternatives include server side conversions via the Snap Conversions API (privacy improving), and contextual networks that avoid cross site profiling such as Seedtag, Audion or programmatic guaranteed deals with EU publishers. For audience targeting, first party CRM activation is a privacy friendlier path.
Add a Snap Pixel section in the advertising category listing sc_at and the third party cookies dropped on sc-static.net and snapchat.com. Disclose joint controllership with Snap Inc., the US transfer and the EU US Data Privacy Framework certification, and link to the Snap privacy policy.