AESí Commitment To Privacy Protection For Users Of
American Education Services (AES), a division of the Pennsylvania Higher
Education Assistance Agency (PHEAA)1, is committed to preserving
the individual privacy rights of all of the users of its websites. AES
strongly believes that it has a responsibility to protect from disclosure
to unauthorized parties the personally identifying information (name,
address, date of birth, social security number, etc.) of its website users.
the individually identifying account and personal information of its website
Notice And Disclosure
AES will not sell, trade, nor disclose the personally identifying
information of its website users to any unauthorized third parties.
Because of the many different relationships PHEAA/AES has with the users
of its websites2, it is possible that disclosure of information
provided by website users might be required in the delivery of AESí services
to users in the following circumstances:
- When users have authorized the disclosure of information through
certifications on loan applications and promissory notes, the Free Application
for Federal Student Aid (FAFSA), and documents held by AES and its partners
such as schools, lenders, servicers, United States Department of Education,
and guarantors of usersí financial aid.
- When AES needs to share user information to provide services a user
- When AES needs to provide the information to its business partners
that perform services for users.
- When AES is required by law to disclose user information by order
of court, pursuant to state, local, federal, or international statute,
regulation or mandate, and in cooperation with law enforcement agencies.
Additionally, AES may use information provided by users
for the following internal purposes: providing services to users, complying
with local, state, or federal financial aid statutes and regulations,
ensuring accurate contact and billing information for users, and analyzing
the efficiency of its websites.
Under AES administration of the Federal Family Education
Loan Program (FFELP), AES requires the disclosure of Social Security numbers
by applicants for loans under FFELP. The primary use of this information
is to verify user identity, to determine user program eligibility and
benefits, to permit the servicing of user financial aid, to certify user
attendance and status at an approved higher educational institution, and
in the event necessary, to locate users. The disclosure of a userís Social
Security number by a user is mandatory for the user to participate in
The United States Department of Education has for several
years required the disclosure of individualsí Social Security numbers
on applications and other FFELP requisite documents pursuant to published
AES uses "cookies" to enhance its website users'
experiences on the AES Website. A cookie is a small file that AES transfers
users to avoid the nuisance of being asked to provide the same information
repeatedly while users move from page to page of the site. Cookies also
allow AES to ensure that only the user's web browser may exchange information
regarding the user's account with AES' servers. Most web browsers are
initially set to accept cookies. Additionally, some web browsers may be
set to prompt users before it accepts a cookie. Many of the services offered
on the AES Website might not function properly when users' set their web
browsers to reject cookies.
Users should be aware that other websites to which a
user links from the AES website may contain privacy policies, statements,
of any site other than the AES website. Users are encouraged to fully
review the privacy statements of other websites to determine whether or
not the userís use of the site comports with the userís desire to maintain
the privacy of his/her personally identifying information.
AES will not knowingly collect or retain information
submitted to it by children under the age of thirteen. If AES learns that
it unknowingly collected personally identifying information from children
under 13 years of age, it will immediately take all reasonable measures
to delete the information from its computer systems.
AES will closely monitor and restrict its employeesí
access to user account and personal information to only instances of business
Choice and Consent
users access on its website to usersí individual account, eligibility
for financial aid status, and much more personal user level information.
AES fully understands and wishes to fully serve its website users that
do not desire to have personally identifying account and status information
available on the AES website. Users may request the deletion of their
AES account information available to them on the AES website by sending
an email to email@example.com
or call 1-877-603-6010. Upon receipt
of an email from a user, AES will remove the userís account information
from its website but will continue to retain all of the information on
its computer systems as required by state and federal laws and regulations
governing financial aid.
Unless specifically notified by the user, AES will operate
as though the user consents to the userís account information being available
on its websites. Please review the sections on data security and AESí
privacy commitment for explanations of the security utilized by AES in
protecting personal account information from unauthorized disclosure.
Data Quality and Access
AES will take all reasonable steps to assure that information
about users is accurate, complete, and timely for the purposes for which
it is intended to be used. AES will take every measure to establish appropriate
processes or mechanisms so that inaccuracies or errors in usersí information
may be timely corrected by the user. AES will try to make these processes
and mechanisms as simple and easy to use as possible while providing assurances
that the erroneous and inaccurate information has been timely corrected.
The information contained on the AES website is subject to change without
prior advance notice.
When users browse the AES website and have not registered
as a user for any of AESí online services, the browsing is anonymous.
Anonymous browsing includes reading pages and downloading certain information.
Personal information such as name, address, phone number, and email address
are not collected from anonymous browsers.
Securing usersí personal information is very important to AES. Therefore,
AES has implemented several security measures to protect usersí personally
identifying information from loss, misuse, or alteration.
When users send confidential personal information to
AES via the AES website, AES requires that a secure session first be established
using Secure Socket Layer (SSL) technology. During a secure SSL session,
data passed back and forth between the userís computer and AESí servers
is secured through the use of public key cryptography. The userís computer
exchanges key information with AES computers to create a private conversation
that only the userís computer and AES systems may understand. To benefit
from SSL technology, users must use a browser with SSL capabilities.
Please note that while using the AES website, users will
be notified when entering a secure session and when leaving a secure session,
unless the setting is turned off on the user's browser. After leaving
a secure session any information transmitted to AES is not secure.
For security purposes, AES uses special software programs
to monitor traffic on its website and to identify unauthorized attempts
to upload or change information, or otherwise to cause damage to the AES
website. These programs do not collect personally identifying information
about you but they do collect information that will enable AES to identify
someone attempting to tamper with its website. AES has a zero tolerance
policy for the misuse, misappropriation, unauthorized access, tampering,
damage, destruction, or unlawful utilization of its websites and computer
systems and will seek the maximum enforcement of state, federal, and international
criminal laws against any individual engaging in such activity. Additionally,
AES will seek the maximum amount of civil damages available under the
law in such instances of the unauthorized misuse of its websites and computer
Please note that when a user sends electronic mail messages
(e-mail) to AES, the userís message will usually contain the userís return
email address. Thus, AES may utilize a userís e-mail address in responding
to a userís inquiry and the content of the userís e-mail in formulating
a response. AES will permanently record and store any substantive e-mail
received from users. E-mail is not a secure means of transmitting information.
to federal, state, local, and international laws and regulations, and
at other times to conform with technological changes, court decisions,
will be notated here when made so that you may be fully informed about
the privacy protections afforded to you by AES enabling you to make an
informed decision concerning your use of the AES website. It is recommended
the AES website.
Originally Adopted: February 2, 2001
Date last Modified: January 10, 2002
Section Modified: Choice and Consent
Description of Modification: Updates were made to the email address
and telephone number provided to users to request the deletion of their
AES account information available to them on the AES website.
Should you have any questions, concerns or desire additional information
the following means:
Mail your inquiry to:
PHEAA Electronic Commerce Division
1200 North Seventh Street
Harrisburg, PA 17102-1444
Attn: Privacy Officer
For the purposes of
and all of its divisions including but not limited to: American Education
Services (AES), Loan Servicing and Graduate Services.
2PHEAA is a guarantor, servicer, lender, and secondary market
of student loans as well as the state agency responsible for administering
the Pennsylvania State Higher Educational Assistance Grant Program and
various other state and federal higher education financial aid programs.
As such, PHEAA has very different relationships with the users of its
websites. It is important to note that PHEAA may be required, dependent
upon its relationship with website users, to share information about the
users with authorized third parties.
Copyright © 2001 PHEAA