Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Probance is a French marketing automation and predictive personalisation platform that profiles visitors across web, email and SMS channels and requires GDPR consent before any behavioural cookie or identifier is set.
Probance is a French marketing automation suite founded in 2008 and headquartered near Paris. It combines a customer data platform, predictive scoring, and a campaign engine to orchestrate emails, SMS, push notifications and on site personalisation. Retailers, banks and publishers use Probance to score the propensity of each contact, recommend products, and trigger automated journeys. Because the platform processes browsing events, transactions and identity attributes, it relies on cookies and event tracking that fall under GDPR and ePrivacy consent rules.
The Probance JavaScript tag stores first party cookies on a reverse subdomain of the customer (typically pb.example.com) such as _pb_visitor_id and _pb_session, plus an ESP cookie when triggered by an email click. Server side, Probance receives URL paths, search queries, product views, cart events, transactional data, declared attributes, IP, user agent and email or SMS engagement. Identity is built progressively from anonymous browsing to a logged in profile, allowing predictive segmentation and recommendation models. From a GDPR perspective these data points are personal data because they identify or single out an individual.
Probance is a marketing personalisation tool, so identifiers it sets are not strictly necessary under Article 5(3) ePrivacy. The CNIL in France, the BfDI in Germany, the AEPD in Spain and the ICO in the UK all require prior, freely given, specific and informed consent before such identifiers are stored or read. The matching legal basis under Article 6(1)(a) GDPR is consent. Profiling for personalised marketing also calls for a DPIA when carried out at the scale typical of e commerce or media operators.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Probance hosts personal data in the European Union and contractually limits onward transfers. This is one of the platform key differentiators in the European market, especially for clients seeking French data residency. Customers should still review the latest sub processor list, the DPA, and confirm whether any optional integration (for example a US email deliverability provider) introduces a third country transfer that requires SCCs and a transfer impact assessment.
Block the Probance tag in a CMP until the user opts in for marketing or personalisation. Map Probance under personalisation, marketing or advertising purposes, never strictly necessary. Keep proof of consent for the legally required period (13 months in France for cookie consent, often longer for the underlying CRM record). Document Probance in your record of processing activities, run a DPIA, and align retention rules between the website tag, the CRM and the personalisation engine to avoid orphan profiles.
Websites using Probance must obtain user consent under GDPR regulations.
DPIA considerations
High risk DPIA recommended due to systematic visitor profiling across channels, behavioural scoring, predictive segmentation and large scale personal data processing for marketing automation.
Sample consent text
We use Probance (marketing automation and behavioural personalisation, French publisher hosting in the EU) which sets identifiers on your device to score your activity and personalise emails, SMS and on site content. Without your consent these identifiers are not set or read.
Third-party domains contacted
probance.comprobancemail.comprobance-tracker.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| _pb_visitor_id | first_party | 13 months | Persistent visitor identifier used to recognise a returning user, link sessions and feed predictive scoring models. |
| _pb_session | first_party | session | Session correlation identifier that groups events of the current browsing session. |
| _pb_esp_uid | first_party | 13 months | Email service provider marker set after a click from a Probance email, used to attribute on site behaviour to a known contact. |
Probance places tracking cookies for advertising — comply with GDPR using FlowConsent.
Probance writes first party cookies on a reverse subdomain configured for the customer (such as pb.example.com). Typical names include _pb_visitor_id (visitor identifier), _pb_session (session correlation), and additional ESP markers when an email link drives the visit. Lifetime is usually around 13 months for the visitor cookie.
Yes. Probance is a marketing personalisation platform, so its identifiers are not strictly necessary. Article 5(3) of the ePrivacy Directive, as enforced by the CNIL, the BfDI, the AEPD and the ICO, requires prior, freely given, specific and informed consent before any cookie is set or read. A CMP must block the tag until the user accepts.
Article 6(1)(a) GDPR (consent) is the appropriate basis for behavioural profiling and personalised marketing. Article 6(1)(f) (legitimate interest) cannot be used to bypass the ePrivacy consent requirement, although it can support certain back office data flows once consent has been collected.
Probance hosts its data in the European Union and contractually restricts onward transfers, which is one of its key differentiators against US competitors. Customers should still review the latest sub processor list and the DPA to confirm whether any optional integration (for example a deliverability provider) introduces a third country transfer requiring SCCs and a TIA.
A DPIA is recommended when Probance is rolled out at typical e commerce or media scale because it involves systematic profiling, behavioural scoring, predictive segmentation and large volumes of personal data. The CNIL DPIA list explicitly includes large scale profiling for marketing.
Block the Probance tag in a CMP until consent is captured. Map the service under personalisation, marketing or advertising. Store consent proof for the legally required period. Document Probance in your record of processing activities, run a DPIA, ensure CRM retention rules align with website tag rules to avoid orphan profiles, and verify the deletion API is wired into your right to erasure workflow.
Comparable European marketing automation and personalisation platforms include Splio, Actito, Brevo, Selligent (Marigold) and Emarsys (SAP). For a CDP first approach Tealium or BlueConic provide stronger data engineering primitives. Choice depends on regulatory comfort with EU residency, channel coverage and predictive modelling needs.
List the Probance cookies (_pb_visitor_id, _pb_session, plus the ESP cookie), state the personalisation and marketing automation purpose, mention the categories of data processed (browsing events, transactions, declared identity attributes, IP, user agent), name Probance as processor with EU hosting, and link to the right to object, the right to erasure and the consent withdrawal mechanism.