Cookie and Web Technologies Notice

Effective Date July 10, 2025

This Cookie and Web Technologies Notice explains how we collect, use, and disclose information from and about you when you visit or interact with our websites. Please visit our Privacy Center, including our Privacy Statement, for more information about our privacy practices.

Scope

We use several web technologies to gather information, including cookies, browser storage, HTTP request headers, and other technologies such as web server logs and third-party tags in the form of beacons/pixels and scripts, as well as web analytics tools (collectively, “Cookies and Related Technologies”). This Notice describes the information within Cookies and Related Technologies, how we use them, and how you can manage them.

Helpful Definitions 

• Cookie. A small text file stored on a user’s device to help websites remember information about a user’s visit.
• Browser Storage. Local and session storage that function like cookies.
• Web Beacon/Pixel. Clear graphic image (typically 1 pixel in size) that is delivered through a web browser or HTML email, used to monitor website engagement.
• HTTP Request Headers/User Agent Strings. Metadata sent from a browser to web servers, often identifying content type, caching policy, preferred language, browser name and version, operating system and version, device type, rendering engine, platform architecture, and compatibility flags.
• Service Workers. Enable offline access by storing HTTP responses and other assets offline (similar to cookies).
• Web Logs. Records of server interactions.

Types of Data We Collect Through Cookies and Related Technologies

The information within Cookies and Related Technologies may include:

• Internet Protocol (IP) addresses
• Browser and operating system
• Source of visit (i.e., referring/exit pages and traffic sources)
• Pages/files viewed
• Time and date of visit
• Clickstream data (page name/link name)
• Browsing session information (session ID, ApplicationID, URL, server, etc.)
• Cookie consent status
• Device information (e.g., device ID, type, model, carrier, manufacturer)
• Location (e.g., city, state)

For users that are logged in to their College Board account, the information captured while logged in may include the following: 

• Role (e.g., student, educator)
• College Board account ID
• Graduation year
• Job title

Each time a new user visits our website, we store a unique, anonymous ID on the device (e.g., browser) that allows us to later “stitch” visits together and aggregate counts of visitors to our sites.

How We Use This Data

We use Cookies and Related Technologies to deliver and improve our programs and services, and to display relevant content, products, services, and advertising, including:

• Remember Settings. This makes browsing more efficient on subsequent visits by using your preferences to customize the content and/or layout of our site(s).
• Authentication. Authenticating your log in and establishing your logged in status on our website.
• Enhance Security. Securing our site and identifying and investigation malicious or fraudulent activity.
• Tracking Site Usage. Tracking users’ movements around the site for analytics of trends, administering and improving the site, and gathering demographic information about our user base.
• Personalization. Recognizing you online by identifying the devices you use, to better understand our users’ activity and improve our personalization.
• Measure Engagement. Recording which messaging you have seen and whether you engaged with the messaging about College Board’s programs and services.

Communications and Engagement

If you sign up to receive information about College Board programs we may share de-identified, hashed information with select third parties to deliver relevant content about our educational programs and services. How this works:

• Google. We use a standard Google pixel on our website that helps attribute user behavior back to Google Ads engagement campaigns about our programs and includes the DoubleClick cookie set by Google to help measure campaign effectiveness.
• Meta. We leverage Meta's conversions API (CAPI) to send a limited set of server-side event data directly to Meta, bypassing browser-based tracking. The data sent includes user agent, action source, event name, event time, event source URL, event ID, and IP address.
• SNAP. We leverage Snap’s conversions API (CAPI) to send a limited set of server-side event data directly to Snap, bypassing browser-based tracking. The data sent includes user agent, event name, event page URL, and IP address. 

We do not share personally identifiable information with any of these platforms, and they can only use what limited data we share to provide services to us. You can opt out of these communications in your account settings page at my.collegeboard.org/profile by clicking on Subscriptions. When we share usage data from our site with third parties to improve the efficiency and quality of our engagement and outreach, that data is anonymous.

Authorized Third-Party Tools

We also use Cookies and Related Technologies to enable our authorized third-party tools, including:

• Adobe Analytics/Customer Journey Analytics: Tracks the performance of our web properties, measuring usage levels, sources, and patterns, technical performance, and search behavior to enable an optimized experience.
• Adobe Target: User A/B testing and personalization.
• YouTube: Embedded video content; collects browser data. (Information is collected directly and automatically by YouTube and its partners; College Board does not participate in these data transmissions. College Board does not provide any personally identifiable information to YouTube. You can learn more about Google’s practices and control your settings on the service at YouTube policies.)
• Aimtell: Browser-based push notification management about College Board programs and services and users’ opportunities to provide feedback on their experiences on our web properties.
• Appcues: In-product tours and surveys.
• Helpfulness Survey: Feedback collection per page.
• LiveAgent (Salesforce): Customer service chat and support.
• New Relic and Keyper: Performance monitoring.
• OneTrust: Cookie consent preferences.
• Ambassador: Referral tracking for our BigFuture Ambassador program.
• Amazon Web Services (AWS): Hosting infrastructure.
• Akamai: CDN (content delivery network), security services, and site acceleration.
• Cloudflare: Security services.
• jQuery: User interface enhancement (logging by CDN provider).
• Salesforce/Force: Customer relationship management (CRM) and case tracking.
• Gstatic: Static content for performance and security.

Cookie Consent and Management

We respect your choices and are committed to providing you with a transparent and secure browsing experience. There are several ways you may manage your choices.

• Cookie Settings on College Board Websites: Depending on their function and intended purpose, our cookies can be assigned to 1 of 4 categories: strictly necessary, performance, functional, and marketing. After you make selections through our cookie banner, you can manage options at any time through a “Manage Cookies” link at the footer of a College Board webpage or a floating cookie icon.
• GPC: College Board honors the Global Privacy Control (GPC) universal opt-out mechanism, which removes pixels that may lead to targeted advertising based on users’ behavior on our website.
• Browser/Device Settings: Most web browsers provide controls that let you block or delete cookies. Generally, you can go to your browser’s Help section and see instructions for blocking or deleting cookies. However, certain features College Board uses on its site depend on cookies and disabling cookies may limit functionality. You may also be able to limit interest-based advertising through the settings on your mobile device by selecting “limit ad tracking” (iOS) or “opt out of interest-based ads” (Android).
• Manage Ad Preferences: To manage ad preferences, visit:
  • NAI Consumer Opt Out
  • Digital Advertising Alliance Your Ad Choices site
  • Your Online Choices (EU)
  • Digital Advertising Alliance of Canada
  • Your Ad App Choices

Be aware that these opt-outs are device- and browser-specific.

Contact Us

If you have any questions about this Notice or our privacy and data security practices, please contact us at [email protected].