Effective December 14, 2019

LeverEdge Privacy Policy

This Privacy Policy describes how your Personal Information is collected, used, and shared when you visit or submit information from https://leveredge.org (the “Site”).

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information, as defined below.

1. WHAT INFORMATION DO WE COLLECT ABOUT YOU?

Information you provide us.

When you voluntarily submit any form through the Site, we collect certain Personal Information from you, which can include one or more of the following:

  • Your Name
  • Your Email Address
  • Your School / University Information
  • Your Educational Program Information
  • Your Graduation Year
  • Your Immigration Status
  • Your Social Security Number
  • If you have a Cosigner
  • Your Cosigner’s Immigration Status
  • Your Credit Score
  • Your Cosigner’s Credit Score
  • Your Annual Income
  • Your Loan Balance
  • If you have a job offer
  • If you are employed

We refer to this Personal Information as “Order Information.”

Information we collect automatically about you.

When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
  • “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
2. HOW DO WE USE YOUR PERSONAL INFORMATION?

We use the Order Information that we collect generally to fulfill any requests or orders placed through the Site. We use this Order Information to:

  • Negotiate with lenders;
  • Communicate with you;
  • Screen our requests/orders for potential risk or fraud; and
  • Provide you with information or advertising relating to our products or services.

We use the Device Information that we collect to help us screen for potential risk and fraud, and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).

3. HOW DO WE SHARE YOUR PERSONAL INFORMATION?

We share your Personal Information with third parties to help us collect and use your Personal Information, as described above. For example,

  • We share your information with many lenders when we engage in negotiations with them.
  • We use a third-party (currently TypeForm) to collect order information from you.
  • We authorize the collection of Personally Identifiable Information from our users for third party use through advertising technologies.
  • We use Google Analytics to help us understand how our customers use the Site–you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Third parties may retain or use your Personal Information whether or not you use their services. We are not responsible for the privacy practices of third parties. You should contact these Partners directly concerning their privacy practices.

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

4. HOW DO WE STORE INFORMATION?

We use Amazon Web Services Infrastructure, Google Drive infrastructure, MailChimp infrastructure, TypeForm infrastructure and computers owned by LeverEdge Association or employee/managers of LeverEdge Association to store, process, and transfer your information collected through our Site and Service. While we are not responsible for the privacy practices of third parties, we only partner with third parties that maintain commercial reasonable privacy and security practices. You can read more about the privacy policy of third parties we use here:

  • Amazon Web Services – https://aws.amazon.com/privacy/ and https://aws.amazon.com/compliance/data-privacy-faq/
  • Google Drive – https://policies.google.com/privacy
  • MailChimp – https://mailchimp.com/legal/privacy/
  • TypeForm – https://www.typeform.com/help/category/billing/ (See Privacy + Security Section)

5. HOW DO WE PROTECT YOUR INFORMATION?

We maintain commercially reasonable physical, administrative and technological safeguards to preserve the integrity and security of all information collected. We use authentication and encryption code and protocols to encrypt your information in transit and storage. Despite these safeguards, no website, database, or system is completely secure, so we recommend that you take additional measures to protect yourself and your information, including by ensuring that you have enabled the latest security features on your devices, closing browsers after use, and installing up-to-date anti-virus software.In the event that any information under our control is compromised, and we become aware of such a compromise, we will take commercially reasonable steps to investigate. If appropriate, we will also take commercially reasonable steps to notify those individuals whose information may have been compromised in accordance with applicable laws and regulations.

6. WHAT ABOUT CHILDREN’S PERSONAL INFORMATION?

We do not market our services or products to , and do not intentionally collect Personal Information from, children under the age of 13. If we receive actual knowledge that we have collected Personal Information from a child under the age of 13, we will promptly remove the data from our system using commercial reasonable means.

7. WHAT IF I AM IN THE EUROPEAN ECONOMIC AREA?

We do not market our services to residents in Europe, nor do we have a place of business in Europe. We are thus not subject to Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of Personal Information and free movement of such Information, known as the General Data Protection Regulation (“GDPR”).

If you reside in the European Economic Area (EEA), please be aware that if you voluntarily provide us any personal information, that information will be transferred from the EU to data centers located in the United States for processing.

Although we are not subject to the GDPR, nevertheless we will honor your data privacy rights upon request. If you are a resident of the EEA, you have the right, as applicable under the GDPR, to the following:

  • Request an accounting of Personal Information that we possess that pertains to you in an electronically portable format (e.g., electronic copies of information attached to an email).
  • Request that we correct or update Personal Information that pertains to you.
  • Request that we delete Personal Information that pertains to you.
  • Fully or partially withdraw your consent to the collection, processing, and/or transfer of your Personal Information.

If you believe we are unlawfully possessing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find contact details here: https://edpb.europa.eu/about-edpb/board/members_en.

To request an accounting of your Personal Information, a correction or update to your Personal Information, deletion of your Personal Information, or to withdraw your consent to the collection, processing, and/or transfer of your Personal Information, please contact us at [EMAIL]. Once we have received notification that you withdraw your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are legitimate grounds for further processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

8. HOW DO WE RETAIN OR SHARE INFORMATION OF PERSONS WHO ARE NO LONGER CUSTOMERS?

We retain information, including Personally Identifiable Information for as long as permitted by applicable law. We may retain aggregated data indefinitely. Aggregated data is information in which you can no longer be identified, and thus is no longer Personal Information as that term is defined in this Policy and under applicable laws and regulations.

9. WHAT ABOUT BEHAVIORAL ADVERSTISING?

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by:

  • FACEBOOK – https://www.facebook.com/settings/?tab=ads
  • GOOGLE – https://www.google.com/settings/ads/anonymous
  • BING – https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

10. HOW CAN USERS CAN REVIEW AND REQUEST CHANGES TO THEIR INFORMATION?

If you would like to update Order Information that you have provided us, you may contact us through one of the means listed in the “Contact Us” section below. Note that certain information is required to respond and process requests/orders/inquiries; requests to delete required information may result in our inability to respond and process requests/orders/inquiries.

Data shared with some third parties as described above, (such as lenders), will not be modified or deleted via a request to LeverEdge Association. Please contact third parties directly to update any information provided to them. We may require up to 12 months to share a list of third parties with whom we have shared your data with.

We are unable to respond to or act on requests to modify Device Information.

11. DO WE HONOR DO NOT TRACK SIGNALS?

We do not honor “do not track” signals and will track, use cookies, or use advertising when a “do not track” mechanism is in place.

12. CHANGES

We may add to, delete, or change the terms of this Privacy Policy from time to time by posting a notice of the change (or an amended Privacy Policy) at this Site and updating the “effective” date at the top of this page.

13. CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at privacy@leveredge.org or by mail using the details provided below:

6 Soldiers Field Park APT 505,
Boston,
MA, 02163,
United States

Nikhil Agarwal is designated as the employee responsible for the information security program at LeverEdge Association. Nikhil Agarwal can be contacted via email at privacy@leveredge.org for any privacy related concerns.