GDPR and the Facebook Pixel

As per today’s practices you can’t really help but using Facebook as part of your marketing strategy.

However, the question that arises since the 25th of May is who is responsible for obtaining consent.

In their FAQ section, Facebook says that according to their terms, companies implementing Facebook tools must comply with applicable laws when they use such tools. That means that companies operating in the EU should obtaining prior informed consent for the storing and access of cookies or other information on the end user’s device.

Who’s the controller and who’s the processor?

Facebook will act as a data controller when they spin off a lookalike audience based on your custom audience for instance, but it will act as a processor on your behalf when you place Facebook pixel on your website. These two situations are very common, but the latter implies that you must make sure you have a legal ground for processing that data (explicit consent from your website visitors).

“When you use the Facebook pixel, you have to comply with the GDPR. Our Terms provide that companies implementing our tools must comply with applicable laws when they use our tools. For companies operating in the EU, this includes having a valid legal basis to process data and under laws applying to cookies, obtaining prior informed consent for the storing of and access to cookies or other information on a person's device.”

Just keep in mind that if you have the Facebook pixel code installed on your website, you are responsible for getting consent to process user data before firing the pixel.

Georgiana Bedivan

Head of Compliance

We've struggled to understand GDPR so you won't have to. Learn from our experience →

We've asked a Data Protection Authority for answers on digital processing...

Since everyone is scared by penalties, we wrote and asked the Romanian Data Protection Authority (ANSPDCP) some questions about how GDPR will apply to the online processing. Here's what they had to say...

read more

What's wrong with cookie consent?

The common misbelief is that compliance on digital properties equals cookie consent. But the truth is that GDPR is not about cookies, but about who set those cookies and what for.

read more

10 steps to make your site compliant

Some have tried with cookie consent, others with implicit consent like "by continuing to use this website...", and others simply closed their sites to European citizens.

read more

What makes valid consent under GDPR?

Consent is just one of six lawful bases to process personal data, as listed in the GDPR. It may not always be necessary, but when it is, you have to make sure it is properly obtained and stored.

read more

Data controller vs. processor? Who's who

Although GDPR’s definition of the two may seem simple and concise, marketers are still having a hard time trying to figure out who’s what, especially when it comes to automated processing technologies.

read more

Profiling and automated decisions under GDPR

As site owners’ challenge these days is to ensure compliance on digital assets, you should know that most of the apps and technologies you use for marketing purposes do profiling.

read more

GDPR myths and misconceptions

Starting with May 25th, a lot of misinformation regarding GDPR has been spread so understanding the basic principles of this new regulation and how to get compliant proved to be overwhelming.

read more

Using Facebook pixel on your site?

As per today’s practices you can’t really help but using Facebook as part of your marketing strategy. However, the question that arises since the 25th of May is who is responsible for obtaining consent.

read more

Looking for the right consent solution?

Discover Avandor Consent

see features & benefits →

Need help navigating GDPR compliance?

We're happy to assist you with free advice

get in touch →

Your details:

Your interest:

Your Message:

by submitting this form you consent to our use of your data

For more information or a demo call +4072 893-9780 or get in touch.