Hotjar and Matomo Analytics Integration Guide

While Google Analytics dominates website analytics, many businesses seek alternatives that offer different capabilities or better privacy controls. Hotjar provides behavior analytics through heatmaps, session recordings, and user feedback tools, while Matomo offers privacy-focused website analytics with full data ownership. Both platforms integrate seamlessly with DigiConsent, allowing you to track user behavior compliantly while respecting privacy choices. This guide covers how to implement both Hotjar and Matomo with proper consent management.

Whether you’re using Hotjar to understand how users interact with your pages through visual tools, Matomo as a privacy-first Google Analytics alternative, or both platforms together for comprehensive insights, you’ll learn how to configure tracking codes, respect user consent, and leverage these powerful analytics tools while maintaining GDPR, CPRA, and other privacy regulation compliance.

Part 1: Hotjar Integration

Understanding Hotjar and Privacy Compliance

Hotjar is a behavior analytics platform that visualizes how users interact with your website through several tools: heatmaps show where users click and scroll, session recordings replay individual visitor sessions, conversion funnels identify where users drop off, and feedback tools collect direct user input through surveys and polls.

From a privacy perspective, Hotjar’s classification depends on how you use it and your jurisdiction. Session recordings and heatmaps track detailed user behavior, which many privacy authorities consider similar to analytics cookies requiring consent. However, because Hotjar captures screen interactions (including potentially sensitive information users type or view), some privacy experts recommend treating it as requiring explicit consent even in permissive jurisdictions.

DigiConsent typically places Hotjar in the Analytics Cookies or Functional Cookies category, depending on your use case. If you use Hotjar primarily for analytics and optimization (understanding user behavior patterns), Analytics Cookies is appropriate. If you use it for essential functionality like bug detection and user experience improvements, Functional Cookies might be more suitable. Consult your privacy advisor for your specific situation, but this guide uses Analytics Cookies as it’s the most common categorization.

Creating Your Hotjar Account and Site

Before integrating with DigiConsent, set up your Hotjar account:

1. Visit hotjar.com and click Sign Up
2. Create an account with your email address
3. Complete the onboarding questionnaire about your business and goals
4. When prompted, add your first website
5. Enter your website URL and name
6. Hotjar generates a unique Site ID for your website

After adding your site, Hotjar displays installation instructions with your tracking code. The tracking code includes your unique Site ID (a number like 1234567). You’ll need this ID for DigiConsent integration.

Installing Hotjar Through DigiConsent

Navigate to DigiConsent → Settings → Cookie Categories and select the Analytics Cookies tab. In the Analytics Cookies script field, add your Hotjar tracking code, replacing YOUR_SITE_ID with your actual Site ID:

<!-- Hotjar Tracking Code -->
<script>
  (function(h,o,t,j,a,r){
    h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};
    h._hjSettings={hjid:YOUR_SITE_ID,hjsv:6};
    a=o.getElementsByTagName('head')[0];
    r=o.createElement('script');r.async=1;
    r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;
    a.appendChild(r);
  })(window,document,'https://static.hotjar.com/c/hotjar-','.js?sv=');
</script>
<!-- End Hotjar Tracking Code -->

This is Hotjar’s standard tracking code. When added to DigiConsent’s Analytics Cookies section, the plugin automatically blocks it from executing until users accept analytics cookies. Save your DigiConsent settings to activate consent-managed Hotjar tracking.

Configuring Hotjar for Privacy

Beyond consent management, Hotjar offers built-in privacy features you should configure:

Suppressing Sensitive Data

Hotjar automatically suppresses form input fields to prevent recording passwords, credit card numbers, and other sensitive data. However, you can explicitly mark additional elements as sensitive by adding data attributes to your HTML:

<div class="user-email" data-hj-suppress>[email protected]</div>
<input type="text" class="phone-number" data-hj-suppress />

Any element with data-hj-suppress appears as asterisks (******) in recordings and heatmaps, protecting sensitive information even if users consent to tracking.

IP Address Anonymization

In Hotjar settings (Organization → Data & Privacy), enable IP address anonymization. This truncates IP addresses before storage, improving privacy compliance particularly for GDPR.

Cookie-less Tracking

Hotjar offers a cookie-less mode that uses session storage instead of cookies, though with reduced functionality (session recordings don’t persist across browsing sessions). To enable cookie-less mode, modify your tracking code:

h._hjSettings={hjid:YOUR_SITE_ID,hjsv:6,hjdisablecookies:1};

Note that even in cookie-less mode, Hotjar still requires consent under GDPR because it processes user behavior data.

Testing Hotjar Integration

Verify Hotjar loads only with consent and tracks correctly:

1. Clear browser cookies or use incognito mode
2. Visit your website and reject analytics cookies
3. Open browser developer console (F12)
4. Go to Network tab and filter for “hotjar”
5. Verify no requests to hotjar.com appear
6. Clear cookies and return to your site
7. Accept analytics cookies this time
8. Refresh the page
9. Hotjar requests should now appear in Network tab
10. Go to your Hotjar dashboard and check the “Verify Installation” section
11. Within 5 minutes, Hotjar should confirm tracking is working

If Hotjar tracks before consent, check for duplicate installations in your theme files, other plugins, or Google Tag Manager.

Using Hotjar Features with Consent

Once Hotjar respects consent, leverage its key features:

• Heatmaps: Set up heatmaps for key pages (homepage, product pages, checkout) to see where users click, tap, and scroll
• Recordings: Watch anonymized session recordings to identify usability issues, confusing UI elements, or technical problems
• Funnels: Create conversion funnels to see exactly where users abandon checkout, sign-up, or other multi-step processes
• Feedback: Deploy on-page surveys asking users why they’re visiting, what problems they’re encountering, or how satisfied they are

Remember that all these tools only track users who consent to analytics cookies. Your data represents consenting users, which may differ from your total audience.

Part 2: Matomo Analytics Integration

Understanding Matomo and Privacy Compliance

Matomo (formerly Piwik) is an open-source analytics platform designed as a privacy-focused alternative to Google Analytics. Unlike Google Analytics where data is stored on Google’s servers, Matomo can be self-hosted on your own server, giving you complete data ownership. Matomo also offers a cloud-hosted version for easier setup, though self-hosting provides maximum privacy control.

Even though Matomo is privacy-focused, it still requires consent under GDPR when tracking users with cookies. However, Matomo offers a unique “cookie-less tracking” mode that anonymizes data sufficiently to potentially operate without consent in some jurisdictions. Consult your privacy advisor, but most implementations treat Matomo as an analytics cookie requiring consent.

Setting Up Matomo

You can use Matomo in two ways: cloud-hosted or self-hosted. Cloud hosting is simpler but comes with monthly fees and data stored on Matomo’s servers. Self-hosting is free (except hosting costs) and provides complete data control but requires technical setup.

Option 1: Matomo Cloud

1. Visit matomo.org and click Start Free Trial
2. Create an account and choose your plan
3. Your Matomo instance is created at yourname.matomo.cloud
4. Add your website in the Matomo dashboard
5. Navigate to Administration → Websites → Manage
6. Click Add a new website
7. Enter your website name and URL
8. Configure timezone and currency
9. Matomo generates your tracking code with a unique Site ID

Option 2: Self-Hosted Matomo

Self-hosting requires a web server with PHP and MySQL. Download Matomo from matomo.org, upload it to your server, and follow the installation wizard. The process is similar to installing WordPress. After installation, add your website and obtain the tracking code just as with cloud hosting.

Your tracking code includes two critical pieces of information: your Matomo URL (either yourname.matomo.cloud for cloud or your self-hosted domain) and your Site ID (a number like 1).

Installing Matomo Through DigiConsent

Navigate to DigiConsent → Settings → Cookie Categories and select the Analytics Cookies tab. Add your Matomo tracking code, replacing YOUR_MATOMO_URL with your actual Matomo domain and YOUR_SITE_ID with your Site ID:

<!-- Matomo -->
<script>
  var _paq = window._paq = window._paq || [];
  _paq.push(['trackPageView']);
  _paq.push(['enableLinkTracking']);
  (function() {
    var u="//YOUR_MATOMO_URL/";
    _paq.push(['setTrackerUrl', u+'matomo.php']);
    _paq.push(['setSiteId', 'YOUR_SITE_ID']);
    var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
    g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
  })();
</script>
<!-- End Matomo Code -->

For cloud hosting, YOUR_MATOMO_URL is yourname.matomo.cloud. For self-hosting, it’s your Matomo installation domain. When added to DigiConsent’s Analytics Cookies section, Matomo only loads after users accept analytics cookies.

Configuring Matomo for Enhanced Privacy

Matomo includes extensive privacy features you should configure:

Anonymizing IP Addresses

In Matomo dashboard, go to Administration → Privacy → Anonymize Visitors’ Data. Enable IP address anonymization with at least 2 bytes masked (e.g., 192.168.xxx.xxx becomes 192.168.0.0). This is particularly important for GDPR compliance.

Respecting Do Not Track

Enable Do Not Track support so Matomo respects browser DNT signals. In Privacy settings, enable “Support Do Not Track preference.” Users with DNT enabled won’t be tracked even if they accept cookies.

Cookie-less Tracking

Matomo can track without cookies by generating a unique identifier from IP address, user agent, and other non-persistent data. Enable this in Privacy settings under “Privacy Features.” Note that cookie-less tracking is less accurate but may not require consent in some jurisdictions when combined with other privacy measures.

To enable cookie-less tracking, add this line before other tracking code in your script:

_paq.push(['disableCookies']);

Data Retention Policies

Configure how long Matomo retains visitor data. Navigate to Administration → Privacy → Data Retention. Set appropriate retention periods for your jurisdiction:

• Raw data: Delete after 180 days or less
• Aggregated reports: Keep indefinitely (already anonymized)
• Logs: Delete after 180 days

Testing Matomo Integration

1. Clear cookies or use incognito mode
2. Visit your website and reject analytics cookies
3. Open browser console Network tab
4. Filter for your Matomo domain
5. Verify no Matomo requests appear
6. Accept analytics cookies
7. Matomo tracking requests should now appear
8. Visit your Matomo dashboard
9. Go to Visitors → Real-time
10. Your current visit should appear within seconds

Matomo’s real-time view updates instantly, making it easy to verify tracking works correctly.

Advanced Matomo Features

Event Tracking

Track specific user actions beyond page views:

_paq.push(['trackEvent', 'Category', 'Action', 'Name', Value]);

// Example: Track button click
_paq.push(['trackEvent', 'Download', 'PDF', 'Product Guide', 1]);

E-commerce Tracking

For WooCommerce or other e-commerce platforms, Matomo offers detailed e-commerce tracking:

// Track purchase
_paq.push(['trackEcommerceOrder',
  'ORDER-123',  // Order ID
  99.99,        // Grand Total
  79.99,        // Subtotal
  5.00,         // Tax
  15.00         // Shipping
]);

Goal Tracking

Define goals in Matomo dashboard (Administration → Goals) and track conversions when users complete important actions like form submissions or reaching thank you pages.

Matomo WordPress Plugin

For WordPress users, Matomo offers an official plugin that installs Matomo directly within WordPress, eliminating the need for separate hosting. Install “Matomo Analytics” from the WordPress plugin repository. This plugin can work alongside DigiConsent—configure the Matomo plugin to not automatically add tracking code, then add the code through DigiConsent’s consent management as described above.

Comparing Hotjar and Matomo Use Cases

Both platforms serve different analytics needs:

Use Hotjar when you need:

• Visual understanding of user behavior (heatmaps, recordings)
• Qualitative insights through surveys and feedback
• Usability testing and UX optimization
• Quick identification of confusing page elements
• Conversion rate optimization insights

Use Matomo when you need:

• Comprehensive website analytics (page views, bounce rates, sources)
• Complete data ownership and control
• Privacy-first analytics alternative to Google
• Detailed e-commerce tracking
• Goal and conversion funnel analysis
• Custom reporting and segmentation

Many businesses use both: Matomo for overall analytics and trend analysis, Hotjar for specific usability investigations and optimization projects. Both integrate seamlessly with DigiConsent, enabling compliant tracking across your entire analytics stack.

Best Practices for Alternative Analytics Platforms

• Document your choice: Include details about Hotjar and Matomo in your privacy policy, explaining what data they collect and how you use it
• Regular privacy reviews: Periodically audit what data you’re collecting and whether it’s all necessary
• Test consent regularly: After plugin or theme updates, verify tracking still respects consent choices
• Use privacy features: Enable all available privacy protections (IP anonymization, data retention limits, etc.)
• Train your team: Ensure everyone accessing analytics understands privacy requirements and proper data handling
• Monitor consent rates: Track analytics cookie acceptance in DigiConsent’s dashboard and optimize consent messaging if rates are low

Hotjar and Matomo provide powerful alternatives to mainstream analytics platforms while respecting user privacy. By integrating them through DigiConsent’s consent management, you maintain GDPR and privacy regulation compliance while gaining valuable insights into user behavior, website performance, and optimization opportunities—all while keeping users in control of their data.