Dun & Bradstreet

Overview

Dun & Bradstreet (D&B) is a commercial data and analytics company maintaining the world's largest commercial database, covering over 500 million business entities globally. In the context of website tracking, D&B's visitor intelligence products identify anonymous B2B website visitors by matching IP addresses to company records in its database. This enables sales and marketing teams to see which companies are visiting their website, even when individual visitors do not identify themselves.

What This Script Does

D&B's visitor intelligence scripts (often deployed through D&B Rev.Up ABX or legacy Lattice/Bombora integrations) load JavaScript from D&B-operated domains. The primary tag captures the visitor's IP address and transmits it to D&B's servers for reverse IP lookup against its commercial database.

When a match is found, D&B enriches the visitor record with firmographic data including company name, DUNS number, industry classification (SIC/NAICS codes), employee count, annual revenue range, and headquarters location. This data is returned to the website operator's CRM or marketing automation platform for lead scoring and account-based marketing workflows.

The scripts set cookies to track visitor sessions and return visits. A persistent visitor identifier cookie (typically with a one-year expiry) enables D&B to link multiple visits from the same browser, building a timeline of engagement from a specific company. Additional cookies may store segment identifiers that classify the visitor into intent categories based on browsing behavior patterns.

Data collected includes IP addresses, pages visited, visit duration, referral sources, and device metadata (user agent, screen resolution). This behavioral data is combined with firmographic enrichment to generate intent signals — indicators that a company is actively researching topics relevant to the website operator's products.

Consent & Compliance

Dun & Bradstreet is classified as analytics and marketing. It performs visitor identification and behavioral profiling for lead generation and targeted marketing purposes.

Under GDPR and the ePrivacy Directive, D&B's IP-based visitor identification and persistent tracking cookies require explicit prior consent. Even though IP-to-company matching targets organizations rather than individuals, IP addresses are personal data under GDPR, and the persistent cookies used for cross-session tracking are non-essential. The profiling of visitor behavior for lead scoring constitutes processing for direct marketing purposes, which requires a valid legal basis.

Under CCPA/CPRA, the collection and enrichment of visitor data for sales and marketing purposes constitutes processing of personal information. If enriched visitor data is shared with third parties or used for cross-context profiling, it qualifies as "sharing" under CPRA, requiring opt-out mechanisms and GPC signal compliance.

Should You Block This Without Consent?

Yes. Dun & Bradstreet performs IP-based visitor identification and behavioral tracking for marketing and sales intelligence. It sets persistent cookies and builds visitor profiles enriched with commercial data. These activities are non-essential and require affirmative consent before the scripts load.