Overview
Behaviour analytics platform providing session recordings, heatmaps, and on-site surveys. Captures mouse movements, clicks, scrolls, and form inputs in real time. Now part of Contentsquare. Among the highest-risk analytics tags - session recordings can inadvertently capture sensitive personal data displayed on screen.
Detection Capabilities
- Signature count
- 6
- Detection methods
- network
Performance Impact
Performance Impact
- Script size
- 55 KB
- Requests per page
- 6
Common Mistakes
- 1 Not configuring input field suppression - passwords, card numbers, and personal details can be captured by default
- 2 Deploying without explicit consent, treating it as basic analytics when session recordings are more intrusive processing
- 3 Leaving default data retention periods that may exceed what is necessary for the stated purpose
- 4 Not informing users their sessions are recorded - violates GDPR transparency requirements (Articles 13/14)
- 5 Using on pages with sensitive data (health, financial) without a data protection impact assessment
Compliance Considerations
Sets first-party cookies (_hj* cookies) and transmits session recording data to Hotjar servers.
Consent: Explicit consent typically required under ePrivacy - session recordings go beyond what is strictly necessary for providing the service. Categorise under a dedicated consent category.
Data capture: Records mouse movements, clicks, scrolls, and form inputs. Sensitive fields must be actively suppressed - default behaviour records all visible page content.
Privacy notice: Must explicitly mention session recording technology. A DPIA is recommended before deploying on pages handling sensitive data.
Data location: EU data centres (AWS Ireland) for EU customers - verify in your Hotjar DPA.
Related Services
CrazyEgg
High CrazyEgg
CrazyEgg is a website optimisation tool that provides heatmaps, scroll maps, click reports, and session recordings to help organisations understand how users interact with their web pages. It captures detailed interaction data including mouse movements, click positions, and scroll depth, which is visualised through overlay reports on page screenshots. CrazyEgg is often deployed by marketing and UX teams seeking quick visual insights without the complexity of full analytics platforms. Like all session recording tools, it carries elevated data protection risk because it can inadvertently capture personal data displayed on screen or entered into form fields.
2 detection signatures
Fullstory
High Fullstory
Digital experience analytics platform providing session replay, heatmaps, and event analytics. Captures user interactions including clicks, scrolls, and form inputs to analyse user behaviour and identify friction points.
1 detection signature
Glassbox
High Glassbox
Digital experience analytics platform providing session replay, interaction maps, and struggle detection. Captures user sessions to identify UX issues, conversion blockers, and application errors across web and mobile.
1 detection signature
LogRocket
High LogRocket
Session replay and product analytics platform. Records user sessions including DOM changes, network requests, and console logs. Provides error tracking, performance monitoring, and user journey analysis.
1 detection signature
Need help governing Hotjar?
Our governance diagnostic identifies compliance gaps across your entire tag estate.
Start your Governance Diagnostic