Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Hyperia is a B2B audience intelligence and advertising activation platform headquartered in the Czech Republic. It identifies the companies visiting a website through IP to company resolution and activates audiences on programmatic ad networks. Browser based identifiers are placed on visitor devices when the activation script runs, which makes Hyperia subject to GDPR consent rules and the ePrivacy Directive in Europe. Its EU based infrastructure simplifies the international transfer angle.
Hyperia is a Czech B2B audience intelligence and ad activation platform. It tells advertisers which companies visit their website by mapping IP addresses to corporate entities, then enables retargeting and prospecting campaigns through ad network integrations (Google Ads, LinkedIn Ads, programmatic DSPs). Marketers use Hyperia to qualify warm B2B traffic and trigger account based marketing flows.
Hyperia drops a first party tracking cookie (hyp_uid, hyp_session) when its activation script loads. Server side it captures IP address, user agent, referring URL and visited pages. Through reverse IP lookup, the IP is matched against a corporate IP database to derive a company name. Audience IDs are pushed to ad networks for activation.
IP to company resolution alone may be lawful under legitimate interest if no individual identifier is stored client side. As soon as Hyperia drops a tracking cookie or pushes an audience ID into ad networks, it becomes a third party tracker that requires prior consent under Article 5(3) ePrivacy and Article 6(1)(a) GDPR. The EDPB clarified in the connected vehicles guidance that any browser write demands consent.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Configure your CMP to gate the Hyperia activation script behind explicit advertising consent. The IP to company server side enrichment can run before consent provided no cookie is dropped and no personal data is exported to third parties. Reject must be as easy as accept and audience activation must reflect the consent status in real time.
Hyperia is operated from the Czech Republic with EU cloud infrastructure. Data stays in the EEA. When audiences are pushed to US based ad networks (Google, LinkedIn, Meta), those onward transfers rely on the Data Privacy Framework or SCCs of the receiving partner.
Sign the Hyperia DPA, configure server side IP enrichment to run pre consent only when no cookie is dropped, gate the activation script through your CMP, document Hyperia in the record of processing, configure short retention windows and run an annual audit of audience exports to ad networks.
Websites using Hyperia must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended when Hyperia is combined with re identification across multiple sites or when its data is exported to ad networks. The risk is the inferred profiling of visitors based on company affiliation and the persistent storage of cross site identifiers.
Sample consent text
We use Hyperia to identify the businesses interested in our services and to deliver tailored advertising. With your consent, this places third party cookies on your device for audience activation. You can manage your preferences in the cookie settings.
Third-party domains contacted
hyperia.iocdn.hyperia.ioapi.hyperia.ioCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| hyp_uid | persistent | 12 months | First party cookie storing the unique Hyperia visitor identifier used for cross visit recognition and audience building. |
| hyp_session | session | Session | Session cookie tying the current visit context to the visitor record while the activation script is active. |
| hyp_act | persistent | 6 months | Stores audience activation flags pushed to ad networks, used to deduplicate audience assignment events. |
Hyperia places tracking cookies for advertising — comply with GDPR using FlowConsent.
Hyperia drops a first party tracking cookie (hyp_uid, hyp_session) when its activation script loads. Server side it stores IP address, user agent, referrer and visited pages.
Yes when the activation script writes a cookie or pushes an audience ID to ad networks. Pure server side IP to company resolution without browser write may rely on legitimate interest.
Article 6(1)(a) GDPR (consent) for browser identifiers and audience activation. Article 6(1)(f) (legitimate interest) is acceptable only for the IP to company server side enrichment with proportionality and balancing test documented.
Hyperia infrastructure is in the EU. Onward transfers happen only when audiences are activated in US ad networks; those transfers rely on Data Privacy Framework or SCCs of the receiving partner.
A DPIA is recommended when Hyperia is combined with cross site re identification or when audiences are exported to multiple ad networks. The aggregated profiling can amount to systematic large scale processing.
Sign the DPA, gate the activation script through your CMP, configure server side enrichment to drop no cookie pre consent, document Hyperia in the record of processing, perform a balancing test for legitimate interest and audit audience exports yearly.
Alternatives include Leadfeeder (FI), Albacross (SE), Dealfront (DE) and Lead Forensics (UK). All apply IP to company resolution but with varying activation features and compliance positions.
List Hyperia as a B2B audience intelligence and ad activation processor with cookies hyp_uid and hyp_session, retention, EU data residency, possible onward transfers to ad networks, and link to the Hyperia privacy notice.