Sample Med Spa Tracking Risk Snapshot
A fictional med spa example showing how CIPA Risk Scanner presents tracking risk indicators, modeled exposure, priority fixes, and developer handoff notes.
Mock example. Fictional business, fictional findings. Illustrative only — not a real audit.
Business type
Med Spa (mock)
Website
https://example-medspa.test
Consent indicator
Partial — consent banner present but tags appear to fire before consent
Risk signal
ELEVATED — review recommended
Not legal advice. Not a legal conclusion. Indicates that visible tracking signals deserve technical review.
Tools detected
Meta PixelAdvertising pixel
Google Analytics 4Analytics
Google Tag ManagerTag manager
Tidio Chat WidgetChat widget
HotjarSession replay / heatmap
TikTok PixelAdvertising pixel
Modeled Exposure Index
72/100
Modeled estimate based on detected tracking indicators. Educational illustration only — not a legal or financial calculation.
Priority fix list
- Review whether Meta Pixel and TikTok Pixel should fire before visitor consent is captured.
- Confirm Google Tag Manager trigger conditions for marketing tags.
- Review session replay tool input masking on intake / appointment forms.
- Audit chat widget data collection for sensitive intake information.
Developer handoff notes
- Move Meta Pixel and TikTok Pixel firing behind a consent gate in GTM.
- Enable input masking on Hotjar for any form containing health-related fields.
- Document which tags require consent and which are strictly necessary.
- Verify consent banner choices are persisted and respected on subsequent visits.
What the $97 Snapshot would provide
- Private dashboard with the full tracker inventory above
- Modeled Exposure Index and risk signal breakdown
- Priority fix list ranked by review urgency
- Developer handoff notes ready to forward
- Print-ready report for internal review
Want this for your own website?
Run a free scan in seconds — no signup required.
Scan My Website