Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
SniperFast is an Italian B2B visitor identification platform that uses IP intelligence and behavioural tracking to reveal which companies are visiting your website. It is positioned as a lead generation tool for B2B sales teams. SniperFast loads a JavaScript pixel on the publisher site, sets first party cookies, captures IP and browsing behaviour, and enriches the data with company information from external databases.
SniperFast is an Italian visitor identification platform aimed at B2B sales teams. The product helps publishers reveal which companies (and sometimes which individuals) are browsing their website, enabling targeted outreach. SniperFast deploys a JavaScript pixel that watches visitor activity, then performs an IP to company lookup using its own and third party B2B databases.
SniperFast writes first party cookies on the publisher domain to identify visitors across sessions. It collects IP address, user agent, full URL of every page viewed, scroll behaviour, time on page, navigation path, downloads, form interactions and exit pages. The data is then enriched with company information (name, industry, headcount, location, sometimes individual contacts) from B2B intelligence databases.
Visitor identification tools have been singled out by EU regulators (CNIL, ICO and the Italian Garante) as requiring prior consent under Article 5(3) ePrivacy. The cookie placement plus IP enrichment plus contact suggestions go well beyond strict necessity. Even when positioned as B2B, the data can identify natural persons (e.g. a small company with one employee) and falls under GDPR. The Italian Garante has specifically issued guidance on such tools in 2023, expecting consent and clear information.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Treat SniperFast as a Marketing or Analytics & Marketing category and block the pixel until the visitor opts in. Some publishers attempt to rely on legitimate interest for B2B IP enrichment without consent, but most EU supervisory authorities push back on this argument for visitor identification beyond aggregated analytics. If you do rely on legitimate interest, document a strong balancing test and offer a clear opt out at the first page load.
SniperFast is hosted in the EU, which is a strong selling point compared to US based competitors like Leadfeeder, Visitor Queue and Albacross. Limited sub-processors (email delivery, error reporting) may sit in the US and should be reviewed in the SniperFast sub-processor list before activation. No systematic third country transfer occurs in the default configuration.
Sign the SniperFast DPA, gate the pixel behind your consent management platform, list SniperFast in your cookie policy, document the processing and the IP enrichment chain in your record of processing activities, run a DPIA (mandatory in most cases), avoid using the most invasive features (individual contact suggestions) without a strong basis, set short retention for visitor records, and offer visitors an easy way to opt out and exercise their rights.
Websites using SniperFast must obtain user consent under GDPR regulations.
DPIA considerations
SniperFast processes visitor IP, user agent, referrer, full URL of every page viewed, time on page, navigation path, scroll depth and form interactions. It then enriches the IP with company name, industry, headcount, location and contact suggestions from third party B2B databases. Key DPIA considerations: (1) although marketed as B2B and IP based, this is profiling under GDPR; (2) identifying companies via IP can reveal the visitor employer, which is personal data when the visitor is identifiable from the company context; (3) ICO and CNIL have issued specific guidance treating IP enrichment tools as requiring consent under ePrivacy; (4) some plans expose individual contact suggestions from purchased B2B databases, which is closer to direct marketing; (5) retention of visitor records can be extensive. A DPIA is mandatory.
Sample consent text
We use SniperFast to better understand which companies visit our B2B website. SniperFast places cookies on your device, processes your IP address and browsing behaviour, and may enrich this data with public company information. You can withdraw your consent at any time via our cookie settings.
Third-party domains contacted
sniperfast.comcdn.sniperfast.comapi.sniperfast.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| sf_visitor | Marketing | 1 year | Persistent visitor identifier used by SniperFast to recognise returning visitors and attribute multi visit behaviour to the same company profile. |
| sf_session | Marketing | Session | Session identifier used to group page views and interactions within a single browsing session for analysis. |
| sf_pv | Marketing | 30 days | Records the count of pages viewed by the visitor to support engagement scoring and lead qualification. |
SniperFast collects user analytics data — you legally need a consent banner. Try FlowConsent free.
SniperFast writes first party cookies on the publisher domain to identify returning visitors and link them to a company profile. These cookies typically have a long lifetime (months to a year) to support multi visit attribution.
Yes. The pixel sets non strictly necessary cookies and triggers IP enrichment, both of which are within scope of Article 5(3) of the ePrivacy Directive and Article 6 of the GDPR. The Italian Garante and other EU supervisory authorities consider visitor identification tools as requiring prior consent.
Practically no for the cookie placement (ePrivacy is consent based and not subject to a balancing test), and very difficult to defend for the subsequent IP enrichment and profiling. If you do attempt legitimate interest for the GDPR side, you must document a robust balancing test, offer an opt out at first page load and avoid contact suggestions.
By default, no. SniperFast is hosted in the EU. Limited sub-processors (email delivery, error reporting) may be in the US. Check the SniperFast sub-processor list before deployment and document any transfers in your record of processing activities.
Yes in most cases. The combination of cookie tracking, IP enrichment, profiling and possibly individual contact suggestions falls within the EDPB criteria for mandatory DPIA. Document the DPIA before go live.
Sign the SniperFast DPA, gate the pixel behind your consent management platform, list SniperFast in your cookie policy, run a DPIA, document the processing in your record of processing activities, set short retention for visitor records, avoid the most invasive features (individual contact suggestions) without strong justification, and offer easy opt out and access rights.
Other B2B visitor identification tools include Leadfeeder (Finland with US infrastructure), Albacross (Sweden), Visitor Queue (Canada), Dealfront (Germany, formerly Leadfeeder + Echobot) and Lead Forensics (UK). Choose based on EU residency, sub-processor list, retention controls and whether individual contact suggestions are exposed.
List SniperFast by name as a Marketing or Analytics & Marketing service, the cookies set, the data collected (IP, behaviour, page URLs, time on page), the IP enrichment chain (with third party B2B databases), the hosting region (EU), the retention period, the sub-processors and a link to the SniperFast privacy notice.