The privacy policy for websites owned by the office of Federal Student Aid covers security, links to other sites, and nonpersonal information that Federal Student Aid records.

Learn about how we use the information we collect and how we protect your information.

Privacy

Thank you for visiting Federal Student Aid's StudentAid.gov website and reviewing our privacy policy. Our policy is simple: We collect no personal information about you unless you choose to provide that information to us. We do not  sell  any personal information to a third party.

If you want to know more about how we record nonpersonal information about your visit or how we use information that you voluntarily submit, read on. You can also view the U.S. Department of Education’s privacy policy.

Otherwise, enjoy your visit!

Nonpersonal Information We Record
Cookies
      How to Opt Out or Disable Cookies
Links to Other Sites
How Collected Information Is Used
      Information from the Ombudsman Assistance Request Form
      Information from the Contact Us Page
      Information from the Site Survey
      Information from the Blog
How StudentAid.gov Uses Third-party Websites and Applications
How User Information in the "My Federal Student Aid" Section of the Website Is Protected
Security Controls


Nonpersonal Information We Record

We use cookies to collect better data on how this site is working for you. If you wish to do so, you may disable the cookies in your Web browser settings.

If you do nothing during your visit but browse through the website, read pages, or download information, our Web server will automatically record some general information about your visit.

During your visit, our Web server will record the following:

  • The Internet domain for your Internet service, such as "xcompany.com" or "xcompany.net" if you use a private Internet access account, or "yourschool.edu" if you connect from a college or university domain
  • The type of browser (such as "Mozilla Firefox version x" or "Internet Explorer version x") that you are using
  • The type of operating system that you use (such as Macintosh, Unix, or Windows)
  • The date and time you visit our site, and the Web pages that you visit on our site
  • The address of the previous website you were visiting, if you linked to us from another website

The user is not identified in the collection of nonpersonal information.

Top

 

Cookies

The Office of Management and Budget Memo M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies (PDF, 106KB), allows federal agencies to use session and persistent cookies subject to the limitations described within the guidance.

Cookies from StudentAid.gov Web pages collect information only about your browser's visit to the site; they do not collect any personal information about you.

There are two types of cookies: single-session (temporary) and multi-session (persistent).

We use temporary session cookies for such technical purposes as enabling better navigation through our site. These temporary cookies let our server know that you are continuing a visit to our site. The OMB Memo 10-22 guidance defines our use of temporary session cookies as "Usage Tier 1-Single Session." The guidance states, "This tier encompasses any use of single-session Web measurement and customization technologies." Single-session cookies last only as long as your Web browser is open. Once you close your browser, the cookie disappears.

We use persistent cookies to enable Google Analytics and Webtrends (third-party analytics providers) to differentiate between new and returning visitors to our site. Persistent cookies from Google Analytics and Webtrends remain on your computer between visits to StudentAid.gov for up to two years.

Google Analytics and Webtrends serve as tools to calculate how many individual users visited the StudentAid.gov website in a given time. Combined with total visits, these tools help us create a more comprehensive story about StudentAid.gov users and their visit patterns.

The OMB Memo 10-22 guidance defines our use of persistent cookies as "Usage Tier 2-Multi-session without Personally Identifiable Information (PII)." The guidance states, "This tier encompasses any use of multi-session web measurement and customization technologies when no PII is collected."

As mentioned above, StudentAid.gov uses third-party analytics providers (Google Analytics and Webtrends) to analyze the data collected through the session and persistent cookies. These third-party analytics providers do not receive PII through these cookies and do not combine, match, or cross-reference StudentAid.gov information with any other information. Please review Google Analytics’ privacy policy and Webtrends’ privacy policy for additional information.

Pursuant to OMB Memo 10-22 Attachment 3, these cookies collect information similar to that automatically received and stored on the servers hosting StudentAid.gov. These servers do not collect PII, and StudentAid.gov does not access or store the raw information collected through these cookies. We view aggregate statistical analyses prepared by our third-party analytics providers, but these analyses do not include any PII. We do not sell, rent, exchange, or otherwise disclose this information to individuals or organizations.

StudentAid.gov will keep data collected long enough to achieve the specified objective for which they were collected.

How to Opt Out or Disable Cookies

Your website browser’s standard setting enables cookies by default. If you do not wish to have session or persistent cookies stored on your machine, you can opt out or disable cookies in your browser. You will still have access to all information and resources throughout the StudentAid.gov website. However, turning off cookies may affect the functioning of some content within StudentAid.gov. Be aware that disabling cookies in your browser will affect cookie usage at all other websites you visit as well.

Top

 

Links to Other Sites

Our policy discloses the privacy practices for StudentAid.gov. But StudentAid.gov provides links to other websites. When you leave StudentAid.gov, you will be going to sites that are beyond our control. We try to ensure that links that leave our site are clearly labeled. These other sites may send their own cookies to users, collect data, or solicit personal information. The privacy policies and procedures described here for StudentAid.gov do not apply to any external links. We encourage you to read the privacy policies of any site you link to from ours, especially if you share any personal information. Be informed. You are the person best qualified to protect your own privacy.

Top

 

How Collected Information Is Used

Information from the Ombudsman Assistance Request Form

If you decide to complete our Ombudsman Assistance Request Form, you may choose to include your e-mail address or telephone number so that we can contact you. If you include personally identifiable information in the form because you want us to address issues specific to your situation, we may use that information in contacting authorized third parties (schools, Federal Family Education Loan Program lenders, federal loan servicers, guaranty agencies, and private collection agencies contracted by Federal Student Aid). The Federal Student Aid Ombudsman Group maintains a system of records notice that permits private information to be disclosed to these authorized third parties when it is necessary to obtain further information about your complaint, request for assistance, or other inquiry, before it can be resolved.

Also, you should understand that this form is not necessarily secure against interception. If your communication is very sensitive, or includes personal information such as data from your tax return or student loan account, you may prefer to send it by postal mail. To do this, use the following address:

U.S. Department of Education
FSA Ombudsman Group
830 First Street, N.E.
Fourth Floor
Washington, DC 20202-5144

Fax: 202-275-0549

Information from the Contact Us Page

If you decide to send us an e-mail via our Contact Us page, the message will contain your return e-mail address. If you include personally identifiable information in your e-mail because you want us to address issues specific to your situation, we may use that information in responding to your request. This information is not maintained in a Privacy Act system of records.

Also, e-mail is not necessarily secure against interception. Please send only information necessary to help us process your request.

Information from the Site Survey

The Leave Us Feedback form helps us determine the effectiveness of StudentAid.gov as a customer service tool and its potential role in improving the delivery of Federal Student Aid’s information and services. If you provide personally identifiable information, we will not retain it in a system of record.

It should take you approximately five minutes to complete the survey form, including reading instructions, gathering information, filling out the form, and reviewing it. Completing the form is entirely voluntary. Our authority to collect the information is under OMB control number 1845-0045.

Information from the Blog

The Federal Student Aid Blog allows you to voluntarily submit personal information (such as your name or e-mail address) when you are signing up for e-mail alerts, sharing a post with friends, or posting comments on our blog. In these cases, all submitted information is used solely for the purposes for which it is intended. 

However, when you submit a comment on the Federal Student Aid Blog, please do not include any personally identifiable information, such as your Social Security number or e-mail address, within the body of your comment. Comments containing personally identifiable information will be removed.

If you choose to provide us with personal information by submitting a question or request for information, we will use the information provided to respond to your message.

Top

 

How StudentAid.gov Uses Third-party Websites and Applications

As a response to OMB Memo M-10-06, Open Government Directive, StudentAid.gov uses a variety of technologies and social media services to communicate and interact with citizens. These third-party website and application (TPWA) tools include popular social networking and media sites, open-source software communities, and more. Examples include Facebook, Twitter, and YouTube.

TPWAs are not exclusively operated or controlled by StudentAid.gov. Users of TPWAs often share information with the general public, user community, and/or third-party websites, which may use this information in a variety of ways. TPWAs could also cause personally identifiable information (PII) to become available or accessible to StudentAid.gov and the public, regardless of whether the PII is explicitly asked for or collected by us.

For more information on third-party websites and applications, you can review our social media guidelines.

Top

 

How User Information in the “My Federal Student Aid” Section of the Website Is Protected

My Federal Student Aid provides access to your federal student aid information in the National Student Loan Data System (NSLDS®). You can access this secure session by logging in with your FSA ID. For more information, view the U.S. Department of Education’s privacy policy.

Top

 

Security Controls

In accordance with the Federal Information Security Management Act of 2002 (FISMA), StudentAid.gov must receive a signed Authority to Operate (ATO) from a designated senior Federal Student Aid official. The ATO process includes a rigorous assessment of security controls, a plan of action and milestones to remediate any identified deficiencies, and a continuous monitoring program to address threats in real time. StudentAid.gov received its initial ATO on July 12, 2012, and continues to maintain this ATO in accordance with federal security requirements.

FISMA controls implemented by StudentAid.gov comprise a combination of management, operational, and technical controls, and include the following control families: access control, awareness and training, audit and accountability, security assessment and authorization, configuration management, contingency planning, identification and authentication, incident response, maintenance, media protection, physical and environmental protection, planning, personnel security, risk assessment, system and services acquisition, system and communications protection, system and information integrity, and program management.

For site security purposes and to make sure this service remains available to all users, this government computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information or otherwise cause damage. Unauthorized attempts to upload or change information on this site are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act. Server logs are scheduled for regular destruction in accordance with the National Archives and Records Administration General Schedule 20.

Top