NCBAC™ and CRTS™ Privacy and Cookie Policy

How We Collect and Use Information

We collect the following types of information about you: 

Information you provide us directly: We ask for certain information such as your real name, birth-date, address, phone number, work address, job title, e-mail address and other demographic information when you apply for the CAC™, CAEd™ or CRTS™ exam. If you submit a query via our contact form, we collect your name, e-mail address and optionally a phone number. We may also retain any messages you send through the website. We use this information to operate, maintain, and provide to you the features and functionality of the website and our certifications. 

When we collect information: We collect your information when you apply for an exam, renew your certification, interact with us on social media, subscribe to our newsletter, receive a message from you via our Contact form, or receive an email from you.

Analytics information: We may directly collect analytics data, or use third-party analytics tools and services, to help us measure traffic and usage trends for our websites. These tools collect information sent by your browser or mobile device, including the pages you visit and other information that assists us in improving our websites. We collect and use this analytics information in aggregate form such that it cannot reasonably be manipulated to identify any particular individual user.

Cookies information: Cookies are small pieces of data that websites store on a device. Cookies can improve your browsing experience because they help websites remember preferences and understand how people use different features.

Functional and Required Cookies: NCBAC uses some necessary cookies because they allow visitors to navigate and use key features on our website. These cookies vary from site to site depending on the features it uses. For example, Functional and Required Cookies help these features work:

  • Online exam applications and checkout
  • URL redirects

You do not have to accept cookies to use our websites. If you reject cookies, certain features or resources of the NCBAC websites may not work properly or at all and you may have a degraded experience.

Although most browsers are initially set to accept cookies, you can change your browser settings to notify you when you receive a cookie or to reject cookies generally. To learn more about how to control privacy settings and cookie management, click the link for your browser below.

To learn more about cookies; how to control, disable or delete them, please visit Some third party advertising networks, like Google, allow you to opt out of or customize preferences associated with your internet browsing. For more information on how Google lets you customize these preferences, see their documentation.

Log file information: Log file information is automatically reported by your browser or mobile device each time you access our websites. When you use our websites, our servers automatically record certain log file information. These server logs may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on our websites, domain names, landing pages, pages viewed, and other such information.

Device identifiers: When you access our websites by or through a mobile device (including but not limited to smart-phones or tablets), we may access, collect, monitor and/or remotely store one or more “device identifiers,” such as a universally unique identifier (“UUID”). Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by our websites. A device identifier may convey information to us about how you browse and use our websites. A device identifier may remain persistently on your device, to enhance your navigation through our websites. Some features of our websites may not function properly if use or availability of device identifiers is impaired or disabled.

Location data: When you access our websites, we may access, collect, monitor and/or remotely store “location data,” which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your device. Location data may convey to us information about how you browse and use our websites. 

Commercial and marketing communications: We use the information we collect or receive, such as your email address, to communicate directly with you. We may send you emails containing newsletters, promotions, and special offers. If you do not want to receive such email messages, you will be given the option to opt out or change your preferences. We also use your information to send you certification-related emails (e.g., application and renewal confirmations and reminders, changes/updates to features of our websites, technical and security notices). You may opt out of Service-related emails only if you cancel your certification and specifically request to not be contacted.

If you are a current CRTS™ certificant, you may also be able to be “found” on our websites based on information that you provide for the online registry.

Use of certain service type information we collect about you: We use or may use cookies, log file, device identifiers, and location data to: (a) provide custom, personalized content and information; (b) to provide and monitor the effectiveness of our websites; (c) monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns; (d) diagnose or fix technology problems.

GDPR Compliance

At this time, NCBAC offers our certifications only in the United States and Canada. If you reside in the European Union and contact us, we will collect and store information you provide, such as your query, name, e-mail address and phone number. To request that we remove data from our system, contact us via email.

Sharing of Your Information

We don't sell, trade, or otherwise transfer to outside parties your personally-identifiable information unless we provide you with advance notice. This doesn't include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information to comply with the law, enforce our site policies, or protect ours or other's rights, property, or safety.

Who we may share your information with: We may share your information with third-party business partners (such as a commercial CRM) for the purpose of providing Service to you. Third party business partners will be given limited access to your information as is reasonably necessary to deliver the Service, and we will require that such third parties comply with this Privacy Policy, or operate under a similar privacy policy.

Who can see your email address: If you enter an email address, you will enable communication from our websites and if you are a current CRTS™, potentially from prospective clients/customers. If you reply to prospective clients/customers, your email address will be shared with these users. 

What happens in the event of a change of control: We may buy or sell/divest/transfer the company (including any shares in the company), or any combination of its products, services, assets and/or businesses. Your information such as names and email addresses, certification status and other user information related to the Service may be among the items sold or otherwise transferred in these types of transactions. We may also sell, assign or otherwise transfer such information in the course of corporate divestitures, mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, similar transactions or proceedings involving all or a portion of the company.

Instances where we are required to share your information: NCBAC will disclose your information where required to do so by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our Terms of Use or to protect the security, quality or integrity of our Service; and/or (c) to exercise or protect the rights, property, or personal safety of NCBAC, our Users, or others.

Sharing certain service type information we collect about you: We may share certain service type information, including information obtained through tools such as cookies, log files, device identifiers, and location data (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.): (i) with our third-party business partners for the purposes described in the section above on “How We Collect and Use Information.” We may also aggregate or otherwise strip data of all personally identifying characteristics and may share that aggregated, anonymized data with third parties.

How We Store and Protect Your Information

Storage and Processing: Your information collected through our websites may be stored and processed in the United States or any other country in which NCBAC or its subsidiaries, affiliates, or service providers maintain facilities. NCBAC may transfer information that we collect about you, including personal information, to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which NCBAC or its parent, subsidiaries, affiliates, or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

Keeping your information safe: NCBAC cares about the security of your information, and uses commercially reasonable safeguards to preserve the integrity and security of all information collected through our websites. To protect your privacy and security, we take reasonable steps (such as encrypting traffic via SSL, requesting a unique password for the CRTS™ registry) before granting you access to a certification exam or online account. You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications from NCBAC, at all times. However, NCBAC cannot ensure or warrant the security of any information you transmit to NCBAC or guarantee that information on the Service may not be accessed, disclosed, altered, or destroyed. Your privacy settings may also be affected by changes to the functionality of third party sites and services that you add to the NCBAC Service, such as social networks. NCBAC is not responsible for the functionality or security measures of any third party.

Compromise of information: In the event that any information under our control is compromised as a result of a breach of security, NCBAC will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

Your Choices about Your Information

You control your account information and settings: You may update your account information and email-communication preferences at any time by notifying us via email. We make every effort to promptly process all unsubscribe requests. 

Opting out of collection of your information for Tracking / Advertising: Please refer to your mobile device or browser’s technical information for instructions on how to delete and disable cookies, and other tracking/recording tools. Depending on your type of device, it may not be possible to delete or disable tracking mechanisms on your mobile device. Note that disabling cookies and/or other tracking tools prevents NCBAC or its business partners from tracking your browser’s activities in relation to our websites. However, doing so may disable many of the features available through our websites. If you have any questions about opting out of the collection of cookies and other tracking/recording tools, you can contact us directly by email.

How long we keep your private profile information: Following termination of your certification, NCBAC may retain your private profile information for a commercially reasonable time for backup, archival, or audit purposes. For the avoidance of doubt, any information that you choose to make public on our websites may not be removable.

Children’s Privacy

NCBAC does not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to register as certification candidates. our websites and their content are not directed at children under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us by email.

Links to Other Websites and Services

We are not responsible for the practices employed by websites or services linked to or from our websites, including the information or content contained therein. Please remember that when you use a link to go from our websites to another website, our Privacy Policy does not apply to third-party websites or services. Your browsing and interaction on any third-party website or service, including those that have a link or advertisement on our website, are subject to that third party’s own rules and policies. In addition, you agree that we are not responsible and we do not control over any third-parties that you authorize to access your User Content. If you are using a third-party website or service (like Facebook, Google groups, or an IRC chatroom) and you allow such a third-party access to you User Content you do so at your own risk. This Privacy Policy does not apply to information we collect by other means (including offline) or from other sources other than through the Service.