ConsentMark
Free Scan
Adobe Target logo
PersonalisationHigh complexity

Adobe Target

by adobe

All product names, logos, and trademarks are the property of their respective owners. Their inclusion here is for identification purposes only and does not imply endorsement by Obscurity Ltd.

Sets cookies
Yes
Sends PII
No
Cross-site tracking
No
Consent required
Functional
Cookies
mboxat_checkmboxEdgeCluster

Overview

Enterprise personalisation tag that integrates with the broader Adobe Experience Cloud ecosystem, creating a complex web of data flows across Adobe Analytics, Audience Manager, and the Experience Platform. Collects behavioural data to deliver individualised content and uses AI-driven allocation, which may constitute automated decision-making under GDPR Article 22. The depth of integration means that deploying Adobe Target often expands the organisation's data processing footprint well beyond what a standalone A/B testing tool would require.

Detection capabilities

Signature count
1
Detection methods
network
Property types
hostnamepathnameparam

Performance impact

Performance Impact

Script size
80 KB
Requests per page
1

Common mistakes

  • 1Not understanding the data flows between Adobe Target and other Adobe Experience Cloud products (Analytics, Audience Manager), which can result in personal data being shared across services without proper consent
  • 2Deploying Adobe Target's at.js library without configuring it to respect the CMP consent state, allowing experiments to fire and set cookies before consent is obtained
  • 3Using Automated Personalisation or Auto-Target features that rely on machine learning profiling without conducting a DPIA or assessing GDPR Article 22 implications
  • 4Failing to configure first-party cookie domains correctly, leading to third-party cookie behaviour that is blocked by browser privacy features and triggers additional consent requirements
  • 5Not auditing the mbox and at_check cookies that Adobe Target sets, which are often missed in cookie inventories because they are less well-known than analytics cookies

Compliance considerations

Adobe Target sets first-party cookies (mbox, at_check) and transmits visitor behaviour data to Adobe's edge network. Under GDPR, this constitutes personal data processing requiring consent, particularly when integrated with Adobe Analytics or Audience Manager where data is enriched with cross-service identifiers. Adobe offers EU data processing through its EMEA data centres and provides a comprehensive DPA, but organisations must verify their specific Adobe contract covers Target and all integrated services. The AI-powered personalisation features (Automated Personalisation, Auto-Target) involve profiling that may trigger GDPR Article 22 obligations regarding automated decision-making. Organisations should map the full data flow across their Adobe stack, ensure consent signals propagate correctly to all Adobe services, and conduct a DPIA for any personalisation programmes that use behavioural profiling.

Scan your site for adobe

Run a free Consentmark scan to see how adobe is loading on your site, whether it respects consent, and where governance gaps exist across your wider tag estate.

Start a free scan