Student AidHigher EducationNursing BasicsCareer Planning
Privacy Policy
Privacy Protection For Users
Notice And Disclosure
Choice and Consent
Data Quality and Access
Data Security
Changes to Privacy Policy
Contact Information

Return to Home

AESí Commitment To Privacy Protection For Users Of Its Website

American Education Services (AES), a division of the Pennsylvania Higher Education Assistance Agency (PHEAA)1, is committed to preserving the individual privacy rights of all of the users of its websites. AES strongly believes that it has a responsibility to protect from disclosure to unauthorized parties the personally identifying information (name, address, date of birth, social security number, etc.) of its website users. Therefore, AES has adopted and implemented a privacy policy to protect the individually identifying account and personal information of its website users.

Return to Privacy Policy Menu

Notice And Disclosure

AES will not sell, trade, nor disclose the personally identifying information of its website users to any unauthorized third parties. Because of the many different relationships PHEAA/AES has with the users of its websites2, it is possible that disclosure of information provided by website users might be required in the delivery of AESí services to users in the following circumstances:

  1. When users have authorized the disclosure of information through certifications on loan applications and promissory notes, the Free Application for Federal Student Aid (FAFSA), and documents held by AES and its partners such as schools, lenders, servicers, United States Department of Education, and guarantors of usersí financial aid.
  2. When AES needs to share user information to provide services a user has requested.
  3. When AES needs to provide the information to its business partners that perform services for users.
  4. When AES is required by law to disclose user information by order of court, pursuant to state, local, federal, or international statute, regulation or mandate, and in cooperation with law enforcement agencies.

Additionally, AES may use information provided by users for the following internal purposes: providing services to users, complying with local, state, or federal financial aid statutes and regulations, ensuring accurate contact and billing information for users, and analyzing the efficiency of its websites.

Under AES administration of the Federal Family Education Loan Program (FFELP), AES requires the disclosure of Social Security numbers by applicants for loans under FFELP. The primary use of this information is to verify user identity, to determine user program eligibility and benefits, to permit the servicing of user financial aid, to certify user attendance and status at an approved higher educational institution, and in the event necessary, to locate users. The disclosure of a userís Social Security number by a user is mandatory for the user to participate in the FFELP.

The United States Department of Education has for several years required the disclosure of individualsí Social Security numbers on applications and other FFELP requisite documents pursuant to published regulations.

AES uses "cookies" to enhance its website users' experiences on the AES Website. A cookie is a small file that AES transfers to users' computer hard drives. AES' use of cookies enables its website users to avoid the nuisance of being asked to provide the same information repeatedly while users move from page to page of the site. Cookies also allow AES to ensure that only the user's web browser may exchange information regarding the user's account with AES' servers. Most web browsers are initially set to accept cookies. Additionally, some web browsers may be set to prompt users before it accepts a cookie. Many of the services offered on the AES Website might not function properly when users' set their web browsers to reject cookies.

Users should be aware that other websites to which a user links from the AES website may contain privacy policies, statements, promises, or provisions that differ from the AES Website Privacy Policy and as such users are encouraged to review the applicable privacy policy of any site other than the AES website. Users are encouraged to fully review the privacy statements of other websites to determine whether or not the userís use of the site comports with the userís desire to maintain the privacy of his/her personally identifying information.

AES will not knowingly collect or retain information submitted to it by children under the age of thirteen. If AES learns that it unknowingly collected personally identifying information from children under 13 years of age, it will immediately take all reasonable measures to delete the information from its computer systems.

AES will closely monitor and restrict its employeesí access to user account and personal information to only instances of business necessity.

Return to Privacy Policy Menu

Choice and Consent

AES provides users access on its website to usersí individual account, eligibility for financial aid status, and much more personal user level information. AES fully understands and wishes to fully serve its website users that do not desire to have personally identifying account and status information available on the AES website. Users may request the deletion of their AES account information available to them on the AES website by sending an email to or call 1-877-603-6010. Upon receipt of an email from a user, AES will remove the userís account information from its website but will continue to retain all of the information on its computer systems as required by state and federal laws and regulations governing financial aid.

Unless specifically notified by the user, AES will operate as though the user consents to the userís account information being available on its websites. Please review the sections on data security and AESí privacy commitment for explanations of the security utilized by AES in protecting personal account information from unauthorized disclosure.

Return to Privacy Policy Menu

Data Quality and Access

AES will take all reasonable steps to assure that information about users is accurate, complete, and timely for the purposes for which it is intended to be used. AES will take every measure to establish appropriate processes or mechanisms so that inaccuracies or errors in usersí information may be timely corrected by the user. AES will try to make these processes and mechanisms as simple and easy to use as possible while providing assurances that the erroneous and inaccurate information has been timely corrected. The information contained on the AES website is subject to change without prior advance notice.

When users browse the AES website and have not registered as a user for any of AESí online services, the browsing is anonymous. Anonymous browsing includes reading pages and downloading certain information. Personal information such as name, address, phone number, and email address are not collected from anonymous browsers.

Return to Privacy Policy Menu

Data Security

Securing usersí personal information is very important to AES. Therefore, AES has implemented several security measures to protect usersí personally identifying information from loss, misuse, or alteration.

When users send confidential personal information to AES via the AES website, AES requires that a secure session first be established using Secure Socket Layer (SSL) technology. During a secure SSL session, data passed back and forth between the userís computer and AESí servers is secured through the use of public key cryptography. The userís computer exchanges key information with AES computers to create a private conversation that only the userís computer and AES systems may understand. To benefit from SSL technology, users must use a browser with SSL capabilities.

Please note that while using the AES website, users will be notified when entering a secure session and when leaving a secure session, unless the setting is turned off on the user's browser. After leaving a secure session any information transmitted to AES is not secure.

For security purposes, AES uses special software programs to monitor traffic on its website and to identify unauthorized attempts to upload or change information, or otherwise to cause damage to the AES website. These programs do not collect personally identifying information about you but they do collect information that will enable AES to identify someone attempting to tamper with its website. AES has a zero tolerance policy for the misuse, misappropriation, unauthorized access, tampering, damage, destruction, or unlawful utilization of its websites and computer systems and will seek the maximum enforcement of state, federal, and international criminal laws against any individual engaging in such activity. Additionally, AES will seek the maximum amount of civil damages available under the law in such instances of the unauthorized misuse of its websites and computer systems.

Please note that when a user sends electronic mail messages (e-mail) to AES, the userís message will usually contain the userís return email address. Thus, AES may utilize a userís e-mail address in responding to a userís inquiry and the content of the userís e-mail in formulating a response. AES will permanently record and store any substantive e-mail received from users. E-mail is not a secure means of transmitting information.

Return to Privacy Policy Menu

Changes to AES' Privacy Policy

The AES Website Privacy Policy may be modified when necessary to conform to federal, state, local, and international laws and regulations, and at other times to conform with technological changes, court decisions, and changes in agency policy. Changes to the AES Website Privacy Policy will be notated here when made so that you may be fully informed about the privacy protections afforded to you by AES enabling you to make an informed decision concerning your use of the AES website. It is recommended that you check the AES Website Privacy Policy each time that you visit the AES website.

Originally Adopted: February 2, 2001

Date last Modified: January 10, 2002

Section Modified: Choice and Consent

Description of Modification: Updates were made to the email address and telephone number provided to users to request the deletion of their AES account information available to them on the AES website.

Return to Privacy Policy Menu

Contact Information

Should you have any questions, concerns or desire additional information concerning the AES Website Privacy Policy please contact AES by one of the following means:


Phone: 1-877-603-6010

Mail your inquiry to:

PHEAA Electronic Commerce Division
1200 North Seventh Street
Harrisburg, PA 17102-1444
Attn: Privacy Officer

Return to Privacy Policy Menu

1For the purposes of the AES Website Privacy Policy, any reference to PHEAA or AES means PHEAA and all of its divisions including but not limited to: American Education Services (AES), Loan Servicing and Graduate Services.

2PHEAA is a guarantor, servicer, lender, and secondary market of student loans as well as the state agency responsible for administering the Pennsylvania State Higher Educational Assistance Grant Program and various other state and federal higher education financial aid programs. As such, PHEAA has very different relationships with the users of its websites. It is important to note that PHEAA may be required, dependent upon its relationship with website users, to share information about the users with authorized third parties.

Copyright © 2001 PHEAA

Home | Nursing Basics | Career Planning | Higher Education | Student Aid | Other Resources | About Us | Contact Us
Privacy Policy | Site Map | © Copyright 2003