Salesforce Data Cloud

Salesforce Data Cloud

Salesforce Data Cloud is Salesforce's customer data platform for unifying first-party data across touchpoints. Website scripts capture real-time behavioral signals and identity events, contributing to unified customer profiles used for personalization, segmentation, and cross-channel marketing automation workflows.

Back to Vendor Library

Overview

Salesforce Data Cloud is Salesforce's customer data platform (CDP) designed to unify first-party data from multiple touchpoints into consolidated customer profiles. On websites, it deploys tracking scripts that capture real-time behavioral signals — page views, clicks, form submissions, and custom events — and feed them into Salesforce's identity resolution and segmentation engine. The resulting unified profiles power personalization, audience targeting, and cross-channel marketing automation.

What This Script Does

Data Cloud's web SDK (sometimes loaded via cdn.c360a.salesforce.com or similar Salesforce CDN domains) collects a comprehensive set of behavioral and identity signals:

  • Pageview and navigation events — every page visit is logged with URL, referrer, timestamp, and page metadata
  • Identity events — when visitors authenticate, submit forms, or provide identifying information, these signals are captured for identity resolution. Email addresses, user IDs, and other identifiers are transmitted to Salesforce to link anonymous browsing sessions to known profiles
  • Custom engagement events — site operators can instrument arbitrary events (video views, downloads, feature usage) that feed into the CDP
  • Device and browser metadata — user agent, screen resolution, language, and timezone data are collected for identity resolution and segmentation

The script typically sets a first-party cookie (often with a _sfdc_ prefix or custom name configured by the implementation) to maintain a consistent anonymous visitor ID across sessions. This cookie persists for 1-2 years in most configurations. Data is transmitted in real time to Salesforce Data Cloud ingestion endpoints.

The collected signals feed into Data Cloud's identity resolution engine, which uses deterministic and probabilistic matching to merge anonymous and known profiles across devices and channels. Resolved profiles are then available for segmentation, activation to ad platforms, email personalization, and other marketing automation workflows.

Consent & Compliance

Data Cloud is classified under marketing and analytics. Its core function — building unified behavioral profiles for cross-channel marketing activation — is fundamentally a marketing data processing activity. Under GDPR, this type of profiling requires explicit consent under Article 6(1)(a). The identity resolution process, which links browsing behavior to known individuals, represents a high level of data processing that cannot be justified under legitimate interest for most use cases.

The ePrivacy Directive requires consent for the persistent tracking cookies set by the web SDK, as they serve no function necessary for the service explicitly requested by the visitor.

Under CCPA/CPRA, the behavioral data collected is personal information, and transmitting it to a CDP that activates audiences for advertising purposes likely constitutes "sharing" of personal information. Businesses must provide opt-out mechanisms and disclose this data processing in their privacy notices. The cross-device identity resolution adds additional sensitivity.

Should You Block This Without Consent?

Yes. Data Cloud's web SDK exists entirely to collect behavioral data for marketing profiling and cross-channel identity resolution. It provides no functionality that is necessary for the website to operate. All scripts must be blocked until the visitor explicitly consents to marketing data collection.

Visit website

Consent Categories

Marketing
Analytics

Also Known As

salesforce cdpsalesforce data cloudcustomer data platformsfdc data cloudsalesforce identity

Industries

Computers Electronics and TechnologyProgramming and Developer Software

Tracked Domains (1)

krux.comMarketing

Frequently Asked Questions

Is consent required for Salesforce Data Cloud on my website?

Yes. Salesforce Data Cloud builds unified behavioral profiles for cross-channel marketing and identity resolution, requiring explicit consent under GDPR Article 6(1)(a). The ePrivacy Directive also mandates consent for its persistent tracking cookies. It is classified as marketing and analytics.

What data does Salesforce Data Cloud collect?

The Data Cloud web SDK collects page views, clicks, form submissions, and custom events. It captures device metadata (user agent, screen resolution, language, timezone) and sets a first-party cookie with a _sfdc_ prefix or custom name, persisting 1-2 years. Data is sent to Salesforce ingestion endpoints in real time.

How does ConsentStack handle Salesforce Data Cloud?

ConsentStack identifies Data Cloud by its SDK domains such as cdn.c360a.salesforce.com. It assigns a marketing and analytics category, blocking all scripts until the visitor explicitly consents. ConsentStack prevents identity resolution and behavioral profiling from starting before consent is obtained.

Related Vendors

Google Ads
Google Ads
Google Ads is Google's advertising platform for search, display, and remarketing campaigns. Conversion tracking scripts fire on advertiser landing pages to measure actions taken after ad clicks. The remarketing tag builds audience lists for retargeting users across Google's ad network.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Dynamics 365
Microsoft Dynamics 365
Microsoft Dynamics 365 is a suite of CRM and ERP applications that integrates with websites through tracking scripts and embedded forms. Web tracking code captures visitor behavior, page views, and form submissions to build customer profiles and score leads. Sets cookies to identify returning visitors and attribute marketing touchpoints across sessions.
Microsoft
Microsoft
Runs Clarity (session recording and heatmaps), the Microsoft Advertising UET tag (conversion tracking), and Bing's remarketing pixel. Clarity injects a recording script that captures mouse movements, clicks, and rage clicks. The UET tag fires conversion events to tie ad clicks to on-site actions across Microsoft's ad network.
Microsoft Advertising UET Tag
Microsoft Advertising UET Tag
Microsoft Advertising UET Tag is the Universal Event Tracking pixel for Microsoft's ad platform, formerly Bing Ads. The JavaScript tag fires on advertiser websites to track page views, conversions, and custom events for campaign optimization. Sets cookies to identify visitors across sessions and attribute conversions to Microsoft Search and Audience Network ad clicks.
LinkedIn Ads
LinkedIn Ads
LinkedIn Ads is LinkedIn's advertising platform for B2B marketing and professional audience targeting. Conversion tracking scripts and pixels fire on advertiser websites to measure sign-ups, downloads, and purchases driven by LinkedIn ad campaigns. Sets cookies for audience matching, retargeting list building, and cross-device attribution reporting.

Manage consent for Salesforce Data Cloud

ConsentStack automatically detects and manages Salesforce Data Cloud trackers so your site stays compliant with global privacy regulations.

Get started