If you're using Microsoft Clarity to analyze user behavior on your website, you're likely using features such as session recordings, click heatmaps, and scroll tracking. All these features rely on cookies.
However, cookies and other tracking technologies used by websites are strictly regulated by rules like the GDPR and eprivacy Directive.
So, what exactly are Microsoft Clarity cookies, what do they track, and are they GDPR-compliant? This guide will help you to answer these questions.
What Is Microsoft Clarity?
Microsoft Clarity is a free analytics tool that helps website owners understand how users engage with their site. It captures real-time data like mouse movements, clicks, scrolling, session length, and page navigation, and provides insights into user behavior through features like heatmaps and session replays.
This could be a very valuable tool for understanding and improving user experience or identifying bugs. Microsoft Clarity depends heavily on tracking user sessions accurately.
What Are Microsoft Clarity Cookies?
Microsoft Clarity cookies help website owners understand how people behave on their sites.
These cookies collect data about website users, including how they arrived on the site, which pages they viewed, the time spent on each page, their preferred language, the location from which they came, and other relevant information.
Microsoft Clarity sets several cookies in users’ browsers. These cookies are used to:
- Distinguish unique users across sessions
- Group multiple page views into a single session
- Identify returning visitors
- Optimize performance and data accuracy
- Detect possible website bugs or friction points.
Microsoft Clarity uses features like heatmaps and session recordings, that help site owners understand which pages are the most visited, which parts of a page receive the most attention, and where users tend to drop off.
These cookies don’t track individuals and don’t store personally identifiable information (PII) like names or emails. The goal of Microsoft Clarity cookies is to improve the user experience by tracking behavioral data over time and looking for insights.
Microsoft Clarity cookies are considered non-essential cookies under data privacy laws like the GDPR and eprivacy Directive. They monitor user behavior, and are not necessary for a website to function normally. This means you must inform users that you use these cookies and get explicit consent before setting them.
Types of Common Microsoft Clarity Cookies
Microsoft Clarity sets a few different cookies (https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-list) in your browser to track your behavior.
Here are some of the standard cookies that Clarity uses:
- _clck
This cookie remembers a unique Microsoft Clarity user ID and preferences. It helps Clarity recognize returning visitors and keep their settings consistent.
Duration: 1 year. - _clsk
This cookie combines multiple page views into a single Microsoft Clarity session. This provides a comprehensive view of the user's visit.
Duration: 1 day. - CLID
It identifies the first time Clarity saw this user on any site using Clarity.
Duration: 1 year. - ANONCHK
It indicates whether a browser ID (MUID) is transferred to another Microsoft cookie used for ad performance. For Clarity, this is always set to 0.
Duration: 10 minutes. - MR
This cookie tells Microsoft whether to refresh the MUID, used by Microsoft for analytics and advertising.
Duration: 7 days. - MUID
It is Microsoft user identifier used to identify unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics, and other operational purposes.
Duration: 1 year. - SM
It is used in synchronizing the MUID across Microsoft domains.
Some of these cookies, like MUID, may be shared across Microsoft services, which means they could be considered Third-Party Cookies.
Not sure if your website uses cookies? Scan your website for free and see what cookies, including Microsoft Clarity cookies, your website uses:
Do Microsoft Clarity Cookies Require Consent Under GDPR?
Microsoft Clarity cookies track user behavior across a website, such as mouse movements, clicks, navigation patterns, session length, and returning visits.
While these cookies don’t collect personally identifiable information (PII), they do collect behavioral data. Behavioral data is considered personal data under GDPR because it can be used to distinguish a user indirectly.
Thus, in the EU, EEA, the UK, and Switzerland, websites must get explicit consent from users to use Microsoft Clarity cookies before setting them on users’ devices.
Microsoft Clarity has many built-in privacy features, including:
- It automatically masks sensitive data like real names, passwords and credit card fields.
- It blocks personally identifiable data.
- It uses IP address anonymization.
- It does not use fingerprinting to track users.
- It offers data retention settings.
Still, if you use Clarity and want to comply with the GDPR and other privacy laws, it’s your responsibility to:
- Notify users about Microsoft Clarity cookies in your Cookie Policy and Privacy Policy.
- Ask for consent before loading Microsoft Clarity cookies.
- Provide an easy way to opt out or withdraw consent.
- Configure privacy settings within Clarity.
- Use a Consent Management Platform (CMP) to block Clarity cookies until the user agrees.
Should I Use Microsoft Clarity Cookies?
Absolutely. Microsoft Clarity is a powerful analytics tool for understanding user behavior and improving your site. It uses Microsoft Clarity cookies to deliver insight on user behavior. Microsoft Clarity is GDPR-compliant, but you must configure it correctly.
Microsoft Clarity offers numerous privacy features that help to comply with the GDPR, but it does not automatically ensure compliance. The user is responsible for configuring Microsoft Clarity to be GDPR-compliant, meaning that no Personally Identifiable Information (PII) is captured.
You are responsible for the right configuration of Microsoft Clarity. To comply with privacy laws when using Clarity cookies, make sure you:
- Use a Consent Management Platform (CMP) to block Microsoft Clarity cookies until the user grants consent.
- Disclose all relevant cookie information in your Cookie Policy or Privacy Policy.
- Ask for consent before loading Microsoft Clarity cookies.
- Provide an easy way to opt out or withdraw consent.
- Regularly audit your site for new cookies introduced by Clarity or other tools.
CookieScript Cookie Scanner is a professional tool to detect cookies on a site. It regularly scans websites for cookies and automatically lists them on the cookie declaration table.
What Is Microsoft’s Consent API?
Microsoft introduced the Clarity Consent API to facilitate cookie compliance. Microsoft’s Consent API is a JavaScript-based interface that allows website owners to tell Microsoft whether the user has given consent for:
- Analytics cookies.
- Personalized advertising.
- Data sharing across Microsoft services.
By default, Microsoft Clarity starts tracking user activity as soon as Microsoft Clarity cookies load. However, by implementing the Consent API, you can block Microsoft Clarity cookies and user tracking until the user has provided explicit consent, typically through your website’s Cookie Banner.
Therefore, if your website uses or plans to use Microsoft Clarity, integrating the Consent API is essential in reaching compliance with the GDPR.
The best practice for implementing Microsoft’s Consent API is by integrating it with your CMP.
How to Configure Microsoft Clarity to be GDPR-Compliant?
To configure Microsoft Clarity for GDPR compliance, you must:
- Disable Microsoft Clarity cookies until you obtain Cookie Consent.
- Integrate Microsoft Clarity with a Consent Management Platform (CMP).
How to disable Microsoft Clarity cookies?
To comply with the GDPR and other privacy laws, you must disable Microsoft Clarity cookies until you get Cookie Consent.
To prevent Microsoft Clarity from setting cookies before you obtain Cookie Consent, perform these steps:
- Log in to your Clarity account.
- Go to Settings > Setup.
- Under Advanced Settings, turn off the Cookies option.
How to integrate Microsoft Clarity with a Consent Management Platform (CMP)?
To manage user consent effectively, you should integrate Microsoft Clarity with a Consent Management Platform (CMP). This allows you to configure the CMP to trigger Microsoft Clarity cookies only after you obtain Cookie Consent from users.
Select a CMP that integrates with Microsoft Clarity’s API.
CookieScript is a professional CMP that has the following features:
- Integration with Microsoft Clarity’s API.
- Integration with Google Consent Mode v2
- Integration with IAB TCF v2.2
- CookieScript API
- Integration with CMS like Joomla, Shopify, WordPress, etc.
- Google-certified CMP
- A full consent management solution, allowing to collect and store user consent.
- Complies with privacy laws such as GDPR, ePrivacy Directive, etc.
- Complies with Google's EU User Consent Policy
- Cookie Scanner
- Privacy Policy Generator
- Automatic blocking of third-party scripts
- Privacy-laws compliant Cookie Banner.
In 2024, CookieScript CMP was ranked by users as the best CMP on a peer-reviewed site G2.
Frequently Asked Questions
What Are Microsoft Clarity Cookies?
Microsoft Clarity cookies are small text files stored on users’ devices that help website owners understand how people behave on their sites. These cookies collect data about website users: how they landed on the site, which pages they viewed, how long they spent on each page, their language preference, which location the user came from, and other data. You need cookie consent to use these cookies on your website. Use CookieScript Cookie Scanner to detect Microsoft Clarity cookies.
Do I need user consent to use Microsoft Clarity cookies?
In the EU, UK, or EEA, you need user consent before setting up Microsoft Clarity cookies. These cookies are non-essential, so privacy laws such as GDPR require them to be blocked until the user gives explicit consent. In the U.S., most data privacy laws do not require consent, but you must disclose these cookies and provide options to opt out of these cookies. Use CookieScript CMP to manage Microsoft Clarity cookies in the EEA and the U.S.
Should I Use Microsoft Clarity Cookies?
Absolutely. Microsoft Clarity is a powerful analytics tool for understanding user behavior and improving your site, but you must configure it correctly. The user is responsible for configuring Microsoft Clarity to be GDPR-compliant, meaning that no Personally Identifiable Information (PII) is captured. Use CookieScript CMP to manage Microsoft Clarity cookies in the EEA and the U.S.
What Is Microsoft’s Consent API?
Microsoft’s Consent API is a JavaScript-based interface that allows website owners to tell Microsoft whether the user has given consent for Microsoft Clarity cookies. By implementing the Consent API, you can block Microsoft Clarity cookies and user tracking until the user has provided explicit consent. Thus, integrating the Consent API is essential in reaching compliance with the GDPR. The easiest way to implement Microsoft’s Consent API is by integrating it with your CMP like CookieScript.
How to turn off Microsoft Clarity cookies?
To comply with the GDPR and other privacy laws, you must disable Microsoft Clarity cookies until you get cookie consent. Log in to your Clarity account, go to Settings > Setup. Under Advanced Settings, turn off the Cookies option. Use CookieScript CMP to manage Microsoft Clarity cookies.