How to enable Heatmap and Session recording on consent?

You can configure Matomo to enable Heatmaps and Session Recordings only after a user has given consent. First, you will need to implement a method for users to provide or withdraw consent, which can be through a consent management platform (CMP) or custom logic in your website.

Once user consent handling is in place, Matomo’s built-in consent methods can be used to control when Heatmaps and Session Recordings are activated. Follow the steps below to configure this behaviour:

1. To deactivate Heatmaps and Session Recording, add _paq.push(['HeatmapSessionRecording::disable']); in your tracking code.
2. To require user cookie consent before storing and using any cookies, add _paq.push(['requireCookieConsent']);
3. To remember cookie consent was given for all subsequent page views and visits, add _paq.push(['rememberCookieConsentGiven']);.
4. Once the user has given consent to process their data use _paq.push(['setCookieConsentGiven']); and to activate Heatmaps and Session Recording by inserting the script _paq.push(['HeatmapSessionRecording::enable']);.
5. Visitors should be able to withdraw consent at any point, in which case cookie consent must be removed. You can do this by using _paq.push(['forgetCookieConsentGiven']);. Note: Remember to disable the Heatmap and Session Recording feature, as explained in Step 1.

After implementing the above steps, test your configuration to confirm that Heatmaps and Session Recordings activate only when user consent is granted. If consent is withdrawn, the feature should immediately deactivate to ensure compliance. Explore the Matomo Privacy guides.