Vimeo

Vimeo

Online video platform used to host and embed professional video content without advertising. The Vimeo player loads an interactive embed and sends play, pause, and completion events to Vimeo's analytics. Unlike YouTube, Vimeo's standard embed does not use cookies for behavioral advertising on third-party sites.

Back to Vendor Library

Overview

Vimeo is a professional video hosting and streaming platform used by filmmakers, agencies, and businesses to host and embed high-quality video content. Unlike YouTube, Vimeo's standard embed does not serve behavioral advertising on third-party publisher sites, making it a more privacy-friendly choice for video embeds. Vimeo is operated by IAC and is based in New York. The platform offers tiered plans from free to enterprise, with the paid tiers removing ads entirely. Vimeo's embed API and JavaScript SDK allow developers to programmatically control playback and listen to player events.

What This Script Does

Script Files and Domains

Vimeo embeds load player assets from f.vimeocdn.com (Vimeo's CDN for player JS and CSS), player.vimeo.com (the iframe player endpoint), and fresnel.vimeo.com (analytics beacon endpoint). Video streams are delivered from skyfire.vimeo.com and Akamai CDN nodes. The Vimeo Player SDK (player.js) is loaded from player.vimeo.com/api/player.js when JavaScript API control is needed.

Iframe Embed (Standard)

The most common Vimeo integration uses an <iframe> pointing to https://player.vimeo.com/video/{video_id}. The iframe loads the player UI, buffers video segments, and operates within its own browsing context. Cookies set by the iframe are scoped to vimeo.com, not the embedding site.

Cookies Set

  • vuid — Vimeo's visitor unique identifier. Persistent, 2-year expiry. First-party to vimeo.com. Tracks playback activity across Vimeo-hosted content for analytics. Not used for advertising on third-party sites.
  • player — Session cookie storing player state (volume, quality preference). Expires on session end.
  • __utmz, __utma — Legacy Google Analytics cookies set by Vimeo on the vimeo.com domain only (not on the embedding site).

Playback Event Tracking

The player fires events to fresnel.vimeo.com/pixel for internal Vimeo analytics: play start, pause, resume, seek, percentage completions (25%, 50%, 75%, 100%), and embed impression. These analytics help video owners understand audience engagement. No advertising profiles are built from this data on third-party sites.

JavaScript SDK Events

When using the Player SDK, developers can subscribe to events: play, pause, ended, timeupdate, progress, seeked, volumechange, fullscreenchange. The SDK communicates via postMessage between the parent page and iframe.

Do Not Track Parameter

Adding ?dnt=1 to the embed URL instructs Vimeo not to set the vuid cookie and not to track the playback session. This is the recommended parameter for maximum privacy compliance.

Consent & Compliance

Category: Functional

Vimeo's standard embed falls under the functional category because it serves user-requested video content without advertising tracking. The vuid cookie is set on vimeo.com's domain, not on the embedding site's domain, limiting its cross-site tracking impact.

Under GDPR and the ePrivacy Directive, whether a Vimeo embed requires consent depends on interpretation. The German DSK (Datenschutzkonferenz) issued guidance treating third-party embeds that set cookies as requiring consent unless strictly necessary. Using ?dnt=1 significantly reduces the privacy footprint, as it prevents the vuid cookie and disables analytics beacons. The Belgian DPA and several German DPAs have held that embedding YouTube (which does serve advertising cookies) requires consent, but Vimeo without advertising is treated more leniently.

Under CCPA, Vimeo's analytics data collection does not constitute a sale of personal information, and playback data is used for video owner analytics rather than third-party advertising.

Vimeo is registered under the EU-US Data Privacy Framework for transatlantic data transfers.

Should You Block This Without Consent?

Conditional. Standard Vimeo embeds without advertising do not require consent under most practical interpretations, particularly when the ?dnt=1 parameter is used. However, under strict ePrivacy readings (e.g., German DSK guidance), any third-party cookie requires prior consent. Best practice: use ?dnt=1 in embed URLs and load the player without a consent gate in most jurisdictions, or implement a click-to-load facade for maximum compliance.

Visit website

Consent Categories

Functional

Also Known As

Vimeo embedVimeo playerVimeo cookieVimeo GDPRvideo embed cookieVimeo APIprofessional video hosting

Industries

Computers Electronics and TechnologyProgramming and Developer Software

Tracked Domains (2)

vimeo.comEssential
vimeocdn.comEssential

Frequently Asked Questions

Does embedding Vimeo require cookie consent?

Conditional. Standard Vimeo embeds set the vuid cookie (2-year visitor ID) on vimeo.com. Adding ?dnt=1 to the embed URL disables the vuid cookie and analytics beacons, allowing the player to load without consent in most jurisdictions under a functional basis.

What does Vimeo track when embedded?

Vimeo loads player assets from f.vimeocdn.com and player.vimeo.com, setting vuid (2-year, vimeo.com) and player (session state). Playback events — play, pause, seek, completion percentages — are sent to fresnel.vimeo.com for video owner analytics. No advertising cookies are set.

How does ConsentStack categorize Vimeo?

ConsentStack classifies Vimeo as functional. Using ?dnt=1 in embed URLs is strongly recommended — it disables the vuid cookie and analytics beacons. ConsentStack can load Vimeo without a consent gate when ?dnt=1 is applied, or gate it on functional consent otherwise.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for Vimeo

ConsentStack automatically detects and manages Vimeo trackers so your site stays compliant with global privacy regulations.

Get started free