This section describes the categories of information we collect and how we use that information. We collect the following categories of information (collectively, "Information"):
Our website may be used to initiate and complete loan applications. We will collect information provided by you that is required by lender partners to process each application (collectively, "Loan Application Information"). We will use Loan Application Information to evaluate, process, and underwrite the application on behalf of our lender partners. We will also retain and use Loan Application Information, including to establish and administer loan accounts, for fraud protection, and to satisfy certain regulatory requirements.
We may use or provide to third parties certain Loan Application Information for analysis purposes. For example, we may use such Loan Application Information to analyze the effectiveness of loan solicitations or underwriting. Loan Application Information used or shared in this manner will not contain your personally identifiable information.
Adobe Flash Player (and similar applications) use technology to remember settings, preferences and usage similar to browser cookies but these are managed through a different interface than the one provided by your web browser. This technology creates locally stored objects (LSOs). Depending on the settings of your computer or mobile device ("Device"), we may also collect Device make, model, screen resolution, plug-in information, language preference, browser type and language; country and timezone in which the Device is located; and metadata stored on the Device. This information is collected through cookies and/or LSOs.
We may use a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs) for some website and email interactions. This technology is used to inform us of what content is effective so we can better manage and target our marketing content. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users. In contrast to cookies, which are stored on a user's computer hard drive, clear gifs are embedded invisibly on web pages or in emails and are about the size of the period at the end of this sentence. We use clear gifs or pixels in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. We tie the information gathered by clear gifs in emails to User Supplied Information (see Section 2.d. below) profiles.
After receiving a submitted loan application, we may ask you to complete a survey. You are not required to complete the survey. We use the information provided in survey responses to improve our products and services.
You may be asked to supply contact information in order to receive information or materials that you request, to request being added to an e-mail list, or to participate in a contest or sweepstakes. We will collect information from you including name, email address and education information (collectively, "User Supplied Information").
Except where prohibited by law, we may use the email address provided to deliver marketing communications to you or to communicate information, tools, products and service offerings, including loan products funded by our lender partners. When we send marketing communications via email, we provide unsubscribe options within our emails so that you can opt-out of receiving future marketing communications via email.
This section describes how we share the Information we collect. The following are the ways we disclose or share Information:
a. Access to Information by Employees. Cognition Financial and employees of Cognition Financial have access to Information. Cognition Financial policy requires each employee to agree to keep all Information confidential.
c. Access to Information by Service Providers. We may share Information with service providers with whom we have contracted to perform services on our behalf or behalf our lender partners, such as companies that help process and service loans, and, where permitted by law, companies that market products and services. We may use third-party service providers to store Information and facilitate communication with you. All contracted third-party service providers are contractually required to safeguard all Information.
d. Sharing Aggregated Information. We may share aggregated Information that is not identified with any particular individual with our business partners and our affiliates.
e. Sharing Loan Application Information With Cosigners. If two applicants apply for a loan together as student borrower and cosigner, each applicant will have access to the other's Loan Application Information.
f. Sharing Information with Schools. We may share Loan Application Information and related Information with your school for the purposes of processing a loan application and administering the loan account.
g. Sharing User Supplied Information with Non-Affiliates. . We may share User Supplied Information with non-affiliated entities including lenders, schools or service providers that offer financial products.
Cognition Financial neither intends to collect, nor knowingly collects, any information from or about children. It is possible that a minor child impersonating a parent or other adult may provide the child's name, address, phone number, fax number, email address and/or social security number in an attempt to submit a loan application. Cognition Financial cannot always determine if a visitor to our websites or the sender of an e-mail is a minor child.
All Information gathered on this website is encrypted during transmission stored within secure databases and protected by firewalls and other security features. As effective as current encryption technology is, however, no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that Information which you supply will not be intercepted while being transmitted to us over the Internet.
California residents have the right to request a copy of the categories or specific pieces of Information a business has collected about them, to request deletion of certain Information or to opt-out of the sale of their information. Prior to processing your request and to protect your Information, we will perform reasonable processes to verify your identity which will require you to provide certain information for us to confirm against independent sources.
To submit a request to access your Information we hold about you or to submit a deletion request for certain Information please visit our Data Privacy page. To opt-out of the sale of your Information please visit our For CA Residents: Do Not Sell My Personal Information page.
In addition to your privacy rights to request or delete your Information, the CCPA also provides you with the right:
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov. We periodically review and verify our compliance with the Privacy Shield Principles and are committed to remedy any issues arising out of failure to comply with the Privacy Shield Principles. We acknowledge that our failure to provide an annual self-certification to the U.S. Department of Commerce will remove us from the Department's list of Privacy Shield participants.
b. Access. EU Residents whose Information is covered by GDPR have the right to request that we correct, amend, limit use of or delete the Information if it is inaccurate or processed in violation of the Privacy Shield Principles. Notwithstanding the foregoing, these access rights may not apply in some cases, including where we must comply with legal requirements or if the burden or expense is disproportionate to the risks to your privacy or if the rights of someone other than the individual requesting access are or could be violated. Please submit requests for access, correction, amendment or deletion to email@example.com.
c. Recourse, Enforcement, and Liability. In compliance with the Privacy Shield Principles, we commit to resolve complaints from EU or Swiss residents about our collection or use of your Information transferred to the United States pursuant to the Privacy Shield Principles. EU and Swiss residents with inquiries or complaints regarding our compliance with the Privacy Shield Principles should first contact us at firstname.lastname@example.org. The Federal Trade Commission has jurisdiction over Cognition Financial's compliance with the Privacy Shield.
We have further committed to refer unresolved Privacy Shield complaints to the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus, an alternative dispute resolution provider located in the United States. If you do not receive a timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information or to file a complaint. This service is provided at no cost to you.
If a complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.