I loaded a Meta or LinkedIn pixel without consent, now what?
Disable immediately, log the event internally, and assess whether it is a breach. This is a common, often structural violation.
Try this first
- 1Disable the pixel via tag manager or the page template. Verify in the browser console that it is gone.
- 2Assess impact: how long it ran, what data was forwarded, to which parties. IP and browsing behaviour already count as personal data.
- 3Decide whether this is a breach under GDPR. Unauthorised transfer of personal data can be one. When in doubt: notify as a precaution.
- 4Fix your consent-management platform so it cannot recur. Categorise "marketing" explicitly and block scripts until consent.
- 5Document what happened and which measures you took. The AP wants exactly this on inspection.
When to bring us in
High traffic or sensitive content (health, financial, children)? Get legal counsel involved for the impact analysis.
See also
- Does NIS2 apply to my company?Two questions decide it: are you in a listed sector, and do you meet the threshold from Recommendation 2003/361/EC (more than 50 FTE and more than EUR 10M turnover or balance sheet). Below that you are only indirectly in scope, via your customers. The threshold determines whether you are an important or essential entity depending on sector.
- What changes with the Dutch Cyber Security Act?The Cyberbeveiligingswet is the Dutch implementation of NIS2. Track NCSC for the exact effective date and the lower regulations.
- Am I personally liable as a director under NIS2?Yes. The board is accountable for approving and overseeing the cyber measures. Severe negligence can become personal.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.