GPC Compliance Audit Report
Scanned Feb 28, 2026 at 21:47 UTC · Chromium 122.0.6261.94
Under California's CCPA/CPRA enforcement (Cal. Civ. Code §1798.185), failure to honor GPC signals can result in fines of $2,500 per unintentional violation or $7,500 per intentional violation. With 38 non-compliant tracker requests per page load across returning visitors, cumulative exposure could exceed $10,000+/month.
Each finding shows a tracker that continued firing after the browser sent Sec-GPC: 1.
Meta Pixel fired PageView + ViewContent events despite GPC=1. 14 network requests to connect.facebook.net observed.
GA4 measurement protocol sent page_view and user engagement hits. No GPC signal check detected in gtag config.
Hotjar loaded full session recording script and began capturing DOM mutations. No GPC opt-out integration found.
TikTok base pixel and PageView event fired. Pixel does not read navigator.globalPrivacyControl.
Segment loaded and identified anonymous user. integrations.All config does not reference GPC.
External font loading is not a tracking concern but does leak IP to Google servers.
Check navigator.globalPrivacyControl and suppress non-essential trackers when the value is truthy.
Add GPC-aware trigger conditions in Google Tag Manager or your tag orchestration layer.
Subscribe to monthly monitoring to catch regressions from tag updates or new vendor integrations.
Get a real compliance audit of your site with actionable evidence.