ConsentPixel – Privacy · Verified

🗄️ Feature · Evidence & audit

Proof of consent that holds up — and can't be edited.

The strongest defense to a tracking claim is consent obtained before tracking, and proven after the fact. ConsentPixel records every consent decision immutably — timestamp, banner version, regulation, geography — in a log that even our own service role can't alter. If a demand letter arrives, the evidence is already built.

No credit card · From $8.99/mo · Immutable by design

Immutable
A database-level trigger blocks any update or delete — even our own service role can't alter a record
Full context
Every decision stored with timestamp, banner version, regulation, and geography — not just yes/no
Exportable
Produce the whole log as CSV or JSON on demand — the documentation a defense turns on

In tracking litigation, the argument almost always comes down to consent: was it obtained, before tracking, and can you prove it? A consent record you can produce — timestamped and tamper-proof — is the difference between "we think consent was given" and evidence that shows it.

Why the consent log matters most

The strongest defense to a CIPA or wiretap-style claim is that the visitor consented before any tracking began. The practical difficulty is proving that after the fact — sometimes months later, when a demand letter arrives. A cookie banner that captures consent but doesn't record it defensibly leaves you asserting consent without documentation. ConsentPixel's consent log is built to be that documentation: every decision, recorded as it happens, in a form you can hand to counsel.

What each record holds

A consent log is only useful if it captures enough context to be meaningful later. Each record stores not just the decision but the circumstances around it:

⏱️

Timestamp

Exactly when the visitor made their choice — the detail that anchors a "consent before tracking" argument.

🔖

Banner version

Which version of your banner they saw, so you can show precisely what was disclosed and how the choice was presented.

📜

Regulation

The regulation in force for that visitor — GDPR opt-in, CCPA opt-out — so the record reflects the right legal model.

🌍

Geography

Where the visitor was, which determines which rules applied and why the banner behaved the way it did.

Accept, reject, and withdrawal are all recorded — because withdrawal matters as much as consent. When a visitor withdraws, the log captures it and the trackers stop, so your recorded state and your actual behavior match.

How immutability works

A record you could quietly edit isn't evidence — so the consent log is genuinely append-only, enforced at the database level. A BEFORE UPDATE OR DELETE trigger blocks any attempt to change or remove a consent record — and critically, it blocks that even for our own service role. Neither you, nor ConsentPixel, can alter a logged decision after the fact. That's what makes it defensible: its integrity doesn't depend on trust, it's structurally enforced.

Why this design: an audit record's value is exactly its tamper-resistance. If anyone — including the vendor — could rewrite history, the log would prove nothing. By making immutability a hard database constraint rather than a policy, the consent log stays credible as evidence.

Exporting your evidence

The log isn't a black box. You can export the full consent record as CSV or JSON whenever you need it — to hand to your attorney if a demand letter arrives, to satisfy an audit request, or simply to review. Because each record is self-describing (decision, timestamp, banner version, regulation, geography), the export stands on its own as documentation of who consented to what, when, and under which rules.

Start building your record today

Scan your site, install the pixel, and the consent log begins recording from your very first visitor — so the evidence is already there if you ever need it. About 10 seconds to scan, no account.

Scan your site free →

The consent defense, documented

Put together, the consent log is what turns ConsentPixel from a banner into a defense. The block-by-default enforcement stops trackers firing before consent; the log proves that consent was properly obtained when tracking did run. If a CIPA claim ever arrives, that combination — enforcement plus an immutable record — is exactly the posture defense counsel looks for. You're not reconstructing what happened after the fact; the timestamped, tamper-proof record is already built.

How to use it in a matter is a legal judgment. ConsentPixel provides the record; whether and how to rely on it in any specific dispute is a decision for your attorney. This is general information, not legal advice.

Frequently asked questions

What does the consent log record?
Every consent decision — accept, reject, and withdrawal — along with the context that makes it meaningful later: the timestamp, the banner version the visitor saw, the regulation in force (GDPR opt-in, CCPA opt-out), and the visitor's geography. It's not just a yes/no; it's a self-describing record of who consented to what, when, and under which rules.
What makes the log tamper-proof?
Immutability is enforced at the database level. A trigger blocks any attempt to update or delete a consent record — and it blocks that even for ConsentPixel's own service role. Neither you nor we can alter a logged decision after the fact, which is exactly what makes the record credible as evidence rather than something that could have been rewritten.
Can I export the consent records?
Yes. You can export the full consent log as CSV or JSON on demand — to hand to your attorney if a demand letter arrives, to satisfy an audit, or to review. Because each record is self-describing, the export stands on its own as documentation.
How does the log help with a CIPA claim?
The strongest defense to a CIPA tracking claim is consent obtained before tracking began, and the hard part is proving it afterward. The consent log gives you a timestamped, tamper-proof record of exactly that, so instead of asserting consent was given you have a specific record to produce. How to use it in any matter is a legal judgment for your attorney. This is general information, not legal advice.
Is the consent log kept separate from other data?
Yes. The consent log is the clean, immutable source of truth for real consent decisions. Other observability features — like leak detection — write to entirely separate diagnostics stores, so nothing dilutes or clutters the consent record itself.

Build the evidence before you need it

An immutable, exportable record of every consent decision — the documentation a defense turns on. Start free, and your log records from the first visitor.

No credit card · From $8.99/mo · Consent log included on all plans

The consent log is an automated record-keeping feature. It provides documentation of consent decisions; it is not legal advice, and whether and how to rely on it in any dispute is a decision for qualified counsel.

Scroll to Top