Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Partytown is an open source library by Builder.io that runs third party scripts (analytics, ad pixels, tag managers) inside a web worker so they no longer block the main thread. It improves Core Web Vitals dramatically but does not change the GDPR position of the scripts it wraps. Consent obligations under ePrivacy and the GDPR remain attached to the underlying scripts. Treat Partytown as a performance optimisation, not a privacy tool.
Partytown is an open source library maintained by Builder.io. It moves third party scripts (Google Analytics, Google Tag Manager, Meta Pixel, TikTok Pixel, Hotjar, etc.) from the main JavaScript thread into a web worker, sharply reducing their impact on Core Web Vitals. Developers integrate Partytown into Next.js, Astro, Nuxt, Hugo and many other frameworks.
Partytown is sometimes presented as a way to make analytics or ad pixels GDPR compliant. This is incorrect. Partytown only changes the JavaScript execution context. The wrapped scripts still set cookies, still read browser identifiers and still send the same payloads to their respective vendors. Consent obligations remain attached to those scripts.
Article 5(3) of the ePrivacy Directive applies to any access to information stored on the user''s device. A script running in a web worker still triggers cookie reads and writes, so consent is required. The GDPR lawful basis for the wrapped scripts is also unchanged: Partytown does not transform GA4 from a consent based tracker into a legitimate interest tracker.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Configure your CMP to gate the loading of Partytown wrapped scripts in the same way you would gate them when loaded directly. Partytown supports lazy script injection so that GA4 or the Meta Pixel only loads after the user grants the relevant consent category. Use the partytown reverseProxy or forward configuration to keep first party hosting where possible.
Self host Partytown on your own origin to avoid extra third party connections, gate the wrapped scripts behind your CMP, document Partytown as a performance technique in your privacy policy without claiming compliance benefits, and apply the same DPIA, retention and transfer analysis to the wrapped scripts as you would for direct deployment.
Websites using Partytown must obtain user consent under GDPR regulations.
DPIA considerations
Partytown itself adds no DPIA trigger because it processes no data. The DPIA obligation is determined by the underlying tracking scripts. If Partytown is used to wrap GA4, Meta Pixel or other high risk advertising tags, those individual services drive the DPIA assessment.
Sample consent text
This site uses Partytown to run third party analytics and advertising scripts in a web worker for performance reasons. The underlying scripts (named below) still process your browser data and require your consent. Partytown only changes where these scripts run, not what they collect.
Third-party domains contacted
cdn.jsdelivr.netunpkg.compartytown.builder.ioCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| No cookies | none | n/a | Partytown is a JavaScript library that relocates third party scripts to a web worker. It does not set its own cookies. Cookies set by the relocated third party scripts (analytics, ads, chat) keep their original behaviour and are subject to the same consent rules as if they ran on the main thread. |
Partytown collects user analytics data — you legally need a consent banner. Try FlowConsent free.
No. Partytown is a JavaScript runtime helper. It does not collect data, does not contact a server and does not set cookies of its own. Any cookies you observe come from the third party scripts you wrap (GA4, Meta Pixel, GTM, etc.).
Yes when the wrapped scripts require it. Partytown does not change the consent obligation, only the execution context. If you wrap GA4, Meta Pixel or any advertising tracker, Article 5(3) ePrivacy still requires prior consent.
Partytown is a static client side library, so it does not require its own legal basis under GDPR. The lawful basis question applies to the scripts it wraps, not to Partytown.
No. Partytown changes only the JavaScript thread. The wrapped scripts continue to send the same payloads to the same vendors in the same locations. If GA4 transfers to the United States, that does not change because Partytown wraps it.
Not for Partytown itself. The DPIA depends entirely on the wrapped scripts. If you wrap a high risk advertising tracker, run a DPIA on that tracker.
Self host the Partytown library on your own origin, gate the wrapped scripts behind a CMP, document Partytown as a performance optimisation in your privacy policy, and ensure your CMP loads the actual tracking scripts only after consent.
No. It is complementary. Partytown improves Core Web Vitals; a CMP handles consent. You typically deploy both: the CMP gates whether scripts load, Partytown decides where they execute.
Mention Partytown briefly as a web worker library used for performance and clarify that it does not collect data. List the actual third party scripts (GA4, Meta Pixel, GTM, etc.) wrapped through Partytown with their cookies, retention and transfers.