What Is a Tracking Pixel? Pixels, Beacons, and How to Block Them

See what a tracking pixel actually collects, how it differs from a cookie, and how to block one in your inbox, browser, or on your own site.


by Riad Us Salehin • 3 July 2026


A tracking pixel is a tiny, often invisible 1x1 image or code snippet embedded in a web page or email. It fires a request to a remote server when it loads, letting a company log who opened or visited and what they did. It powers ad conversion tracking, retargeting, and email open tracking, and it also goes by web beacon, clear GIF, or pixel tag.

How Does a Tracking Pixel Work?

A tracking pixel works by hiding a request inside something your browser or email client loads automatically. Loading it triggers an HTTP request to the pixel's server, which logs details about that request before returning a blank or invisible image.

The sequence runs in four steps:

  1. The page or email loads with the pixel's image tag embedded in its HTML.
  2. Your browser or email client requests the image from the pixel's server, the same way it requests any other image.
  3. The request itself carries data: your IP address, device type, browser, and the exact timestamp.
  4. The server logs that request instead of storing anything on your device. The marketer then reads the log to see who opened the email or reached the page.

The pixel earns its name because the tracker is literally a single image, usually a 1x1 transparent file. That single-image trick is what makes the whole mechanism work. No consent prompt fires because, to your browser, it looks like any other tiny picture loading on the page.

Tracking Pixels vs. Cookies (and How They Work Together)

Tracking pixels and cookies both track behavior, but they store data in different places and behave differently once they fire. The table below compares them directly.

AttributeTracking pixelCookie
Where it stores dataOn the server that hosts the pixelOn your device, in the browser
Who can delete itThe visitor cannot delete it; no local file existsThe visitor can view and delete it in browser settings
Primary useConversion tracking, retargeting, email opensLogin sessions, cart contents, site preferences
Cross-device trackingYes, since it reports to a central serverLimited; tied to one browser or device

The two are not competitors, they are partners. A tracking pixel fires on page load and, in the same moment, drops a cookie into your browser. The cookie remembers who you are on return visits; the pixel keeps reporting your activity back to the server that hosts it. This pairing is why a pixel survives even after you clear your cookies. The pixel itself never lived in your browser, so there was nothing local to delete. It just fires again the next time you load the page, unless you block it before it ever runs.

What Data Does a Tracking Pixel Collect?

A tracking pixel collects the technical details attached to the HTTP request it triggers, plus whatever the marketer adds to its URL. That data includes:

  • IP address, which reveals your approximate location and network.
  • Timestamp, the exact moment the pixel fired, down to the second.
  • Device and browser details, including operating system, browser type, and screen resolution.
  • On-page or in-email actions, such as an email open, a page view, or a completed purchase. The marketer encodes the specific action into the pixel's URL as a query parameter.

The Federal Trade Commission flagged this exact combination as a privacy risk in 2023. Pixels "can be hidden from sight and can track and send all sorts of personal data" back to whoever placed them. The visitor rarely realizes it happened. That silent collection is the core tension behind every tracking-pixel privacy debate. None of this data requires you to click, type, or agree to anything; loading the page is enough.

Common Tracking Pixel Examples (Meta Pixel, Conversion, and Email Pixels)

Tracking pixels split into three common families: advertising pixels, conversion pixels, and email pixels. Each fires for a different business reason, though the underlying mechanism is identical.

  • Ad and retargeting pixels like the Meta Pixel, LinkedIn Insight Tag, and Reddit Pixel track visitor behavior. Advertisers use that data to show ads to people who already showed interest.
  • Conversion pixels fire on a specific page, usually an order confirmation, to tell an ad platform that a visitor completed a purchase or signup.
  • Email open-tracking pixels embed in a marketing or transactional email to log whether and when the recipient opened it.

The Meta Pixel is the clearest example of how this works in practice. Per Meta's own documentation, "the Meta Pixel is a piece of code that you put on your website". It lets an advertiser "measure the effectiveness of your Meta advertising". Once installed, it logs each visitor action as an "event", such as an add-to-cart or a completed purchase. Those events feed Meta's Ads Manager to build custom audiences and power retargeting. Email pixels work the same way at a smaller scale. Opening a marketing email loads the embedded image, and that single request tells the sender the email was read.

These pixels still fire, but they see far less than they once did. Apple's App Tracking Transparency prompt now drops opt-in rates to roughly 18 to 25 percent. Most iOS conversions no longer tie back to an ad click. Ad blockers hide another 25 to 40 percent of users from browser pixels.

Advertisers adapted. Meta cut its default view-through window from 28 days to 7 and moved core measurement to server-side tracking through its Conversions API. So a tracking pixel remains widely used, but as a directional signal, not the complete record it captured before 2021.

Pixel Tag vs. Web Beacon vs. Tracking Pixel: Are They the Same Thing?

Yes, pixel tag, web beacon, and tracking pixel describe the same technology. The three terms grew out of different contexts rather than different mechanisms. All three refer to a tiny image or code snippet that fires a server request on load. Every source that defines one defines the others as synonyms.

The emphasis differs slightly by where you encounter the term. "Web beacon" is the older, broader umbrella term, still common in privacy policies and legal disclosures. "Pixel tag" and "clear GIF" appear more often in email marketing contexts, where the tracker is quite literally a transparent GIF image. "Tracking pixel" is the term most people search for and the one marketers use day to day. For a deeper look at each angle, see what a pixel tag is and what a web beacon is.

Tracking Pixels, Privacy, and Consent Law

Tracking pixels are legal to use, but firing one without consent violates GDPR, ePrivacy, and CCPA/CPRA in most cases. That is because the pixel collects personal data, like your IP address, the instant it loads. The controversy is not that pixels exist; it is that they collect that data silently, before a visitor has any chance to say no.

GDPR and the ePrivacy Directive require an EU visitor's opt-in consent before most marketing or analytics pixels fire. This is the same standard that applies to non-essential cookies. CCPA and CPRA apply an opt-out model for US visitors instead. The pixel can fire by default, but the visitor must be able to stop it and request their data not be sold. Both frameworks treat pixel-collected data (IP address, device details, behavioral events) as personal data. That is why GDPR and CCPA tie pixel firing to cookie consent, not just to a privacy inconvenience.

The ethics of pixel tracking get sharper scrutiny in specific contexts. Sysadmins on Reddit have debated whether mandatory tracking pixels in company email signatures cross a line. Every recipient gets tracked regardless of whether they agreed to it. That debate mirrors the broader legal question: consent has to be informed and specific, not just implied because a pixel is common practice.

How to Block Tracking Pixels

You can block tracking pixels in three places: your email client, your browser, or your own site if you run one. Each approach targets a different point where the pixel would otherwise fire.

Block Tracking Pixels in Your Email

Since a tracking pixel needs to load as an image, disabling automatic image loading stops it before it fires.

  • Gmail: go to Settings, then See all settings, then General. Under Images, select "Ask before displaying external images".
  • Apple Mail (iOS/Mac): go to Settings, then Mail, then Privacy Protection. Enable "Protect Mail Activity" or "Block All Remote Content". Protect Mail Activity loads images on receipt, not on open, and masks your IP address.
  • Outlook: go to File, then Options, then Trust Center, then Automatic Download, and check "Don't download pictures automatically in HTML email messages".
  • Mozilla Thunderbird: go to Settings, then Privacy & Security, and uncheck "Allow remote content in messages".
  • Extensions: PixelBlock and Ugly Email both flag and block tracking pixels inside Gmail directly in your browser.

Block Tracking Pixels in Your Browser

Browser-level protection blocks the pixel wherever it appears, not just in email.

  • Set Firefox's Tracking Protection to Strict, which blocks tracking content including tracking pixels by default.
  • Install uBlock Origin, which blocks additional trackers once Firefox's built-in privacy filters are enabled.
  • Safari's Intelligent Tracking Prevention applies similar blocking automatically.

Block Tracking Pixels on Your Own Website (Before Consent)

If you run a website, the pixels loading on your own pages are your responsibility under GDPR and ePrivacy, not just your visitors'. The fix runs in two steps. First, scan your site to find every cookie, tracker, script, and iframe that loads. Then block the non-essential ones, including marketing pixels like the Meta Pixel, until the visitor actually consents. Blocking before consent is a core part of cookie compliance, not an optional extra.

How Consently Blocks Tracking Pixels Before They Fire

Consently's automatic scanner finds every tracker, script, and pixel on your site. Its cookie auto-blocking then holds the non-essential ones, including marketing pixels like the Meta Pixel, until a visitor actually consents.

That matters because the consent-law obligation above applies to every site owner running ad or analytics pixels. It is not just for site owners who read privacy law for fun. Consently's scanner runs an initial full-site scan plus weekly scheduled scans. It categorizes what it finds so you know exactly which pixels, scripts, and cookies are firing and why.

Two features do the actual work. Cookie Auto-Blocking stops non-essential cookies, scripts, and iframes, the exact category a marketing pixel falls into, from loading until your visitor accepts. The automatic scanner detects those trackers in the first place, so you are not guessing which third-party tags are quietly firing on your pages. Together, they mean a visitor in a region requiring opt-in only sees pixels like the Meta Pixel fire after they say yes.

See how Consently blocks tracking pixels before they fire and try it on your own site with a free 14-day trial.

FAQs

What is a tracking pixel?

A tracking pixel is a tiny, often invisible 1x1 image or code snippet that fires a server request when it loads. That request lets a company log who opened an email or visited a page, and when.

Are tracking pixels illegal?

No, tracking pixels are not illegal on their own. They become a compliance violation when they collect personal data, like your IP address, without the consent that GDPR, ePrivacy, or CCPA/CPRA requires.

How can I tell if an email has a tracking pixel?

Check the email's raw source or header for a reference to a 1x1 image hosted on an external server. Browser extensions like PixelBlock or Ugly Email flag them automatically in Gmail.

What does a tracking pixel look like?

A tracking pixel is a 1x1 transparent image, so it is invisible in the rendered page or email. In the underlying HTML, it appears as a tiny <img> tag pointing to a tracking server's URL, often with extra query parameters attached.

Is a tracking pixel the same as a cookie?

No. A tracking pixel sends data to an external server and stores nothing on your device. A cookie is a small text file stored locally in your browser that you can view or delete. The two often work together: a pixel fires and drops a cookie, then the cookie remembers you while the pixel reports your activity.

Can tracking pixels be blocked?

Yes. Disabling automatic image loading in your email client stops email pixels. Browser tracking protection and extensions like uBlock Origin stop pixels while browsing. Site owners can also block pixels on their own pages until a visitor consents.

Are tracking pixels still used?

Yes, tracking pixels are still widely used, but they capture less than they once did. Apple's App Tracking Transparency and ad blockers now hide 25 to 40 percent of users. Most advertisers pair pixels with server-side tracking for reliable measurement.

AUTHOR

Riad Us Salehin is the content lead at Dorik. He is a passionate content creator who lets the work speak for itself. Focused on taking brands and causes to the next level.

Read More

Subscribe to Consently
Newsletter

Subscribe to our newsletter to stay updated with latest articles from our blog.

Built with ❤️ by the team @ Dorik.com 

GET IN TOUCH

Any questions? Feel free to chat with us or reach out to us at

For any queries:
support@consently.net

Follow us:


©2026 Dorik, Inc. All rights reserved.