Compliance
AlumnIQ can provide documentation for compliance with the following standards:
SOC2 Type 2 (NDA required)
HECVAT (NDA required)
Please file a ticket to request any of the non-public resources. Some contain sensitive information about our infrastructure, security practices, and development practices.
Cookie Inventory
These are the only cookies AlumnIQ injects into client responses by design. If a customer chooses to use the GA4/GTM functionality, additional Google cookies will be inserted into the request/response payload.
IQ-PUBLIC
Core
Necessary
client domain
session
Session Id (for public-facing pages)
IQ-ADMIN
Admin
Necessary
client domain
session
Session Id (for admin users only)
IQCLIENTID
Event Registration
Necessary
client domain
session
Persist in-progress registration across multiple browsing sessions. (If user closes the tab, they don't have to lose their progress)
cookieconsent_status
Core
Functional
client domain
1 week
Tracks that you've consented to our cookies, to avoid showing cookie banner on every pageview
aws-waf-token
Giving
Necessary
client domain
4 days
WAF challenge to avoid scripted attacks against giving credit card forms
alumniq-online-giving
Giving
Necessary
client domain
session
Session Id (for legacy giving)
[varies]
[varies]
Necessary
spreedly.com/braintreepayments.com/blackbaud.com (and derivatives)
varies
Payment Service Providers (Spreedly, Braintree, Blackbaud) add cookies they consider strictly necessary for the purposes of processing transactions. No options for exclusion are available.
Last updated