TikTok

Overview

TikTok Pixel is the conversion tracking and audience management tool for advertisers running campaigns on TikTok's advertising platform. Operated by ByteDance, TikTok's parent company, the pixel fires on advertiser websites to capture standard e-commerce and lead generation events. The data powers campaign optimization through TikTok's machine learning-based delivery system, enables lookalike and retargeting audience creation, and feeds attribution reporting in TikTok Ads Manager. TikTok is the second-largest short-form video platform globally, making its ad pixel one of the more widely deployed marketing scripts on retail and consumer-facing websites.

What This Script Does

Script Files and Domains

The main pixel script loads from analytics.tiktok.com/i18n/pixel/events.js. Outbound data requests are made to analytics.tiktok.com and business-api.tiktok.com. The script is typically initialized via a base code snippet injected into <head> and then event-specific calls fire on user interactions.

Cookies Set

• _ttp — TikTok's primary cross-site tracking cookie. Persistent, 13-month expiry. Third-party cookie that persists the visitor's unique identifier used for attribution and audience building.
• _tt_enable_cookie — Boolean flag storing the user's cookie consent choice within TikTok's own interface.
• tt_sessionId — Session-scoped identifier for grouping events within a single browsing session.

Standard Events Captured

The pixel captures: PageView (fires on every page), ViewContent (product detail pages), AddToCart, InitiateCheckout, AddPaymentInfo, Purchase (with order value, currency, content IDs), CompleteRegistration, Lead, Search, and Contact. Each event payload includes the event name, timestamp, page URL, referrer, and user agent.

Advanced Matching

When enabled, the pixel transmits hashed (SHA-256) user identifiers — email address, phone number, and external user ID — alongside event data. This improves attribution accuracy by matching site visitors to TikTok accounts even when cookies are unavailable (e.g., cross-device scenarios). Hashing is client-side before transmission.

Pixel + Events API (Server-Side)

Many TikTok advertisers implement both the browser pixel and the TikTok Events API (server-to-server). The browser pixel handles real-time event capture while the server-side API closes attribution gaps caused by ad blockers and browser privacy features.

Audience Building

Visitor data feeds into Custom Audiences (retargeting) and Lookalike Audiences. TikTok's algorithm uses behavioral patterns from pixel events to find high-intent users similar to converters.

Consent & Compliance

Category: Marketing

TikTok participates in IAB TCF 2.2 as a registered vendor. Relevant purposes exercised include Purpose 1 (Store/access information on device), Purpose 3 (Create personalised ads profile), Purpose 4 (Select personalised ads), and Purpose 7 (Measure ad performance). Special Feature 1 (precise geolocation) is also declared.

Under GDPR, the TikTok Pixel requires explicit opt-in consent. It sets persistent third-party cookies, transmits behavioral data to ByteDance's servers, and involves international data transfers to servers in the US and Singapore. The Irish DPC opened an inquiry into TikTok's data transfer practices in 2023. TikTok is listed under the EU-US Data Privacy Framework (DPF) for US transfers.

Under CCPA/CPRA, behavioral data shared with TikTok for advertising optimization constitutes "sharing" of personal information for cross-context behavioral advertising. The "Do Not Sell or Share" opt-out must be honored before firing the pixel for California residents.

ePrivacy: The _ttp cookie is not strictly necessary and requires prior consent.

Should You Block This Without Consent?

Yes. The TikTok Pixel sets persistent tracking cookies, transmits behavioral data to ByteDance servers internationally, and performs audience profiling for advertising. It provides no site functionality for the end user. Block until explicit marketing consent is obtained.