Moneythink and DecidED Privacy Policy

Last updated: February 6, 2023

  1. Introduction

Moneythink is committed to respecting and protecting the personal privacy of our users. We recognize that you may be concerned about the information you provide to us and how we treat that information.

Moneythink (“we” or “us”) provides this privacy policy (this “Privacy Policy”) to inform users about our policies and procedures regarding the collection, use, processing, deletion, security, and disclosure of Personally Identifiable Information (as defined herein) received from users of our Services (as defined in the Moneythink Website & DecidED Terms of Service (“Terms of Service”). We are committed to ensuring that we process your Personally Identifiable Information in accordance with applicable data protection legislation and privacy laws. Your use of the Services means that you accept and agree to this Privacy Policy. Please do not use the Services if you do not accept this Privacy Policy. 

  1. Changes to Privacy Policy

We may, in our sole discretion, modify or revise this Privacy Policy at any time. Such changes or updates are effective immediately after we give notice of the change or update, which we may do by revising the “Last Updated” date of this Privacy Policy or by otherwise posting to the applicable Website and/or DecidED (as defined in the Terms of Service), or by email, conventional mail and/or by any other means that provides reasonable notice. If registered with any of the Services, you must provide us with your correct email address and make sure that email from Moneythink is not filtered from your inbox by your ISP or email software. You agree that your use of the Services, after the date any such notice is posted or that you otherwise receive notice, means that you accept and agree to be bound by such modifications or revisions to the Privacy Policy. You are responsible for checking this page from time to time so that you are aware of any changes, as they are binding on you. You agree that we shall not be liable to you for any damages that might result from any changes to the Privacy Policy.

  1. Information collected

The nature of the Personally Identifiable Information we collect from or about you depends on the nature of, and purposes for, your interactions with the Services. “Personally Identifiable Information” means your name, street address, telephone number, e-mail address, credit card number, or user or account name or number, or any other piece of information provided by you (or a Partner (as defined in the Terms of Service)) to Moneythink that, individually or when combined with other personal or identifying information, allows the identification of a person or is otherwise considered personally identifiable information or personal data protected under any applicable law. We may collect the following Personally Identifiable Information when you access or use the Services:

(a) Personally Identifiable Information you provide when you complete forms available in connection with the Services, or otherwise submit information to us through the Services (e.g., when you upload an award letter to DecidED (as defined in the Terms of Service));

(b) Personally Identifiable Information that a Partner (as defined in the Terms of Service) may provide about you in connection with your use of the Services;

(c) Personally Identifiable Information you provide when you contact us; and

(d) Details of visits to the Services, including the volume of traffic received, logs, and the resources that you have accessed.

The categories of Personally Identifiable Information we collect from or about you may include the following: 

  • Identifiers, such as name, contact details, financial information, and address (including physical address, email address, and Internet Protocol (“IP”) address); 
  • Protected classification characteristics under state or federal law that you may provide to us when you complete forms available in connection with the Services or otherwise submit information to us through the Services; and
  • Internet or other electronic network activity information, such as information regarding your use of the Services (e.g., cookies, browsing history and/or search history), as well as information you provide to us when you correspond with us in relation to your inquiries.

We may also collect IP addresses or click-stream data. An IP address is a number that is automatically assigned to your computer whenever you access the Internet. Our computers identify your computer by its IP address. When you request pages from the Services, our computers log your IP address.

  1. How do we obtain your Personally Identifiable Information?

In connection with operating the Services, we may obtain your Personally Identifiable Information from the following sources:

  • Information from your communications with us, your (or a Partner’s (as defined in the Terms of Service)) submissions through the Services, or your interaction with other services that we are offering, including any updates to such information provided by you or a Partner (as defined in the Terms of Service); and 
  • Information captured by the Services, including registration information, contact information, information provided by you through online forms, and any information captured via cookies.

We may combine Personally Identifiable Information that you (or a Partner (as defined in the Terms of Service)) provide to us with information that we collect from or about you from publicly available sources. This may include information collected in an online or offline context.

  1. How we use your information

We may use your Personally Identifiable Information for one or more of the following business purposes:

  • To understand your needs, deliver services (including the Services) to you and others, and provide you and others with better service;
  • To improve the Services and to notify you about changes to the Services; 
  • To communicate with you, including responding to requests for information submitted by you through the Services, or to notify you of publications that may be of interest to you;
  • To keep a record of your relationship with us;
  • For ongoing operations, administrative, accounting, reporting, marketing, and other processes;
  • To audit and verify the quality and effectiveness of the Services and compliance, including over time;
  • To detect security incidents and to protect against malicious, deceptive, fraudulent, or illegal activity; and
  • To generally comply with U.S., state, local, and non-U.S. laws, rules, and regulations.

Additionally, we may use your Personally Identifiable Information to keep you informed of our services and publications if you have provided your consent for us to do so, or where we have an existing relationship with you and we wish to contact you about such services or publications. You may opt-in to certain kinds of marketing communications by contacting us and you may unsubscribe to certain types of marketing communications we send to you by email by clicking on the “opt-out” or “unsubscribe” link provided in all our marketing emails.

We collect IP addresses and click-stream data for purposes including:

  • To perform system administration;
  • To improve the Services; and
  • To report aggregate information internally to sponsors or Partners, and publicly in public interest reports on college costs and affordability. Click-stream data is information collected by our computers when you request pages from the Services. Click-stream data may include such information as the page served, the time, the source of the request, the type of browser making the request, the preceding page view, and other such non-personal information. When analyzed, this data helps us determine, among other things, how visitors arrive at the Services, what type of content is most popular, and what type of visitors in the aggregate are interested in particular kinds of content and advertising.
  1. With whom do we share your Personally Identifiable Information?

We do not sell or rent any of the Personally Identifiable Information we collect about you to third parties, unless such Personally Identifiable Information has been aggregated, anonymized, or de-identified so that it no longer identifies a person or otherwise falls within the definition of Personally Identifiable Information. Such data may include a de-identified record of the student financial aid awards uploaded by you (or a Partner (as defined in the Terms of Service)) to DecidED (as defined in the Terms of Service). 

We do not disclose any nonpublic Personally Identifiable Information about you to third parties, except as expressly set forth herein or as permitted or required by law or regulation and to affiliates and service providers, including vendors providing hosting, purchasing, payment processing, software services, event management, marketing, database management, and development services related to the operation of the Services, or email marketing services related to events we are hosting, our publications, or other communications we may send to you. We may also disclose your information to other parties as may be required by law or regulation, pursuant to legal process, or in response to regulatory inquiries. 

We may share each of the categories of Personally Identifiable Information collected in connection with the Services that are set forth above in Section 3 with affiliates and service providers. In addition, if you use DecidED (as defined in the Terms of Service), we may share your Personally Identifiable Information with our Partners (as defined in the Terms of Service) as set forth in the Terms of Service.

Additionally, we may disclose your Personally Identifiable Information to (i) a buyer in the event that we sell any business or assets, (ii) the other party if we merge with or are acquired by another party, (iii) in connection with a partial or total sale of assets, bankruptcy, or another corporate change or reorganization; or (iv) if we are under a duty to disclose or share your Personally Identifiable Information in order to comply with any legal obligation, subpoena or court order, or in order to enforce or apply our other agreements. 

We encourage our trusted third-party service providers (including professional advisors, charitable partners, consultants, and data hosting providers, etc.) to adopt and post privacy policies that offer the same level of protection of your Personally Identifiable Information. However, the use of your Personally Identifiable Information by such parties is controlled by those parties and thus, not subject to our control. 

  1. How do we store your Personally Identifiable Information?

Your Personally Identifiable Information resides on a secure server that only selected personnel and contractors have access to. We encrypt certain sensitive information at all times in the transmission process using Secure Socket Layer (SSL) technology to ensure that your Personally Identifiable Information is safe as it is transmitted to us. 

We will store your Personally Identifiable Information in an identifiable manner indefinitely, unless (i) otherwise required by applicable law, or (ii) you request deletion of your Personally Identifiable Information pursuant to Section 8. At such point that we cease storing your Personally Identifiable Information in an identifiable manner, except to the extent that we may be prohibited from retaining any such information even in unidentifiable form, we will convert all of your Personally Identifiable Information into anonymized, aggregated, or de-identified form. For the avoidance of doubt, Personally Identifiable Information that has been converted into anonymized, aggregated, or de-identified form shall no longer constitute Personally Identifiable Information. 

  1. Changing or deleting your Personally Identifiable Information

You may update or request deletion of the Personally Identifiable Information that you previously submitted to us by contacting us using the contact methods set forth in Section 18 (“Contact”) of this Privacy Policy below.

  1. Links to other websites

We may provide links to other websites for your information or convenience. Such websites are independently operated and are not under our control. We are not responsible for the content or privacy practices of such third party websites or any products or services offered through them or the confidentiality, use, processing, or security of any Personally Identifiable Information that you provide to such websites.

  1. Use of Cookies and other Technologies

We may use cookies and certain other technologies and tools to track user preferences. A cookie is a small text file that certain websites write to your hard drive when you visit those websites. Cookies automatically collect information regarding how you access the Services (e.g., browser type, access times, IP address) and information regarding the hardware and software that you use to access the Services. If you prefer not to receive cookies through the Services, you can set your browser to warn you before accepting cookies and refuse the cookie when your browser alerts you to its presence. You can also refuse all cookies by turning them off in your browser. If you opt-out of certain cookies, you may not be able to access certain parts or features of the Services. You may wish to visit www.aboutcookies.org, which contains comprehensive information about types of cookies, how they are used and how you manage your cookie preferences.

Further, the Services may from time to time use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies” to help us analyze how users use the Services, and to improve the Services services, communications and user experience. The information generated by the cookies about your use of the Services (including your IP address) will be transmitted to and stored by Google on servers controlled by Google in the United States or other jurisdictions selected by Google. Google may use this information for the purpose of evaluating your use of the Services, compiling reports on activity in connection with the Services and providing other services relating to activity and internet usage in connection with the Services. Google may also transfer this information to third parties where it is required to do so by law, or where such third parties process the information on Google’s behalf or where Google is permitted to do so under its privacy policy. Please visit the Google Analytics privacy policy available at https://policies.google.com/privacy for additional information regarding how Google processes and protects your data collected through Google Analytics. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this, you may not be able to use the full functionality of the Services. By using the Services, you consent to the processing of data about you by Google in the manner and for the purposes set out above. Please note that we may not (and reserve the right not to) use Google Analytics in connection with all portions of the Services. 

  1. Do Not Track Disclosures

We may use the tracking technologies described in Section 10 to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). 

Some internet browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference (the “DNT Signal”) to web sites you visit indicating that you do not wish to be tracked. We currently respond to DNT Signals. 

  1. Choice

We will not use or share the Personally Identifiable Information you provide to us on or through the Services in ways that are unrelated to the ones described in this Privacy Policy or pursuant to the Terms of Service without first obtaining your consent. As previously stated, we will also provide you the opportunity to let us know if you do not wish to receive unsolicited direct marketing materials or other email communications from us. 

  1. Our commitment to data security

We consider the protection of sensitive information to be a sound business practice, and to that end we employ commercially reasonable organizational, physical, technical, and procedural safeguards, which seek to protect your Personally Identifiable Information in our possession or under our control to the extent practicable from unauthorized access and improper use. Unfortunately, the transmission of information via the Internet is not completely secure and we cannot guarantee the security of your Personally Identifiable Information transmitted to or through the Services; any such transmission is at your own risk. Once we have received your information, however, we will use the procedures and security features described above to try to prevent unauthorized access of your Personally Identifiable Information.

  1. Your Data Protection Rights under the California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (“CCPA”) provides consumers with specific rights regarding their Personal Information. If you are a California resident, you have the right to:

  • Request we disclose to you free of charge the following information covering the 12 months preceding your request: (a) the categories of Personal Information about you that we collected; (b) the categories of sources from which the Personal Information was collected; (c) the purpose for collecting Personal Information about you; (d) the categories of third parties to whom we disclosed Personal Information about you and the categories of Personal Information that was disclosed (if applicable) and the purpose for disclosing the Personal Information about you; and (e) the specific pieces of Personal Information we collected about you;
  • Request we delete Personal Information we collected from you, unless the CCPA recognizes an exception;
  • If the business sells Personal Information, you have a right to opt-out of that sale.

Consistent with California law, if you choose to exercise your applicable CCPA rights, we won’t charge you different prices or provide you a different quality of services. If we ever offer a financial incentive or product enhancement that is contingent upon you providing your Personal Information, we will not do so unless the benefits to you are reasonably related to the value of the Personal Information that you provide to us. If you are a California resident and wish to exercise your rights under the CCPA, please contact us at hello@moneythink.org.

  1. International Users

The Services are intended for use by residents of the United States only. The Services and the services upon which the Services are hosted are located in the United States. When you submit Personally Identifiable Information using the Services (see Section 4 for details), your Personally Identifiable Information will be transferred to and stored in the United States by Moneythink and our authorized third parties (see Sections 6 and 7 for more detail). This transfer to the United States is necessary due to the location of Moneythink and the hosting of the Services. By visiting the Services and submitting your Personally Identifiable Information you acknowledge that such transfer is necessary in order to: (i) provide you with access to the content of the Services; (ii) provide you with goods and/or services; and/or (iii) in connection with the reason you have submitted your Personally Identifiable Information. Regardless of where your Personally Identifiable Information is collected from or transferred to, it will be treated in accordance with this Privacy Policy. Please note that there are possible risks involved in your Personally Identifiable Information being transferred to the United States because the data protection regime may be different to that of your home country. If you do not wish your Personally Identifiable Information to be transferred to the United States, please refrain from using the Services.

  1. Our commitment to children’s privacy

The Services are not directed to children under the age of 13. We adhere to the Children’s Online Privacy Protection Act (“COPPA”) and will not knowingly register or otherwise collect Personally Identifiable Information from any child under the age of 13. We ask that minors under the age of 13 not submit any Personally Identifiable Information to us. If a child under the age of 13 has provided us with Personally Identifiable Information, a parent or guardian of that child may contact us as described in the Section 18 (“Contact”) and request that such information be deleted from our records.

  1. Construction 

As used in this Privacy Policy, the terms “include” and “including” shall be deemed to be immediately followed by the phrase “without limitation.” The terms “herein” and “hereunder” and similar terms shall be interpreted to refer to the entire Privacy Policy. The captions and headings in this Privacy Policy are inserted for convenience and reference only and in no way define or limit the scope or content of this Privacy Policy and shall not affect the interpretation of its provisions.

  1. Contact

For any questions regarding our processing of your Personally Identifiable Information, or requests relating to the exercise of your rights under the CCPA or other applicable data protection laws, please submit (or have your authorized representative submit) a request using any of the methods set forth below. 

Call us using the following toll-free number: (510) 626-0770. 

Email us at the following email address: hello@moneythink.org

If you are submitting a request pursuant to the CCPA or other data protection laws, we will contact you to confirm receipt of your request and request any additional information necessary to verify your request. We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request further information in order to verify your request. We also reserve the right to verify your request through a third-party verification service. You may designate an authorized agent to make a request under the CCPA on your behalf, provided that you satisfy certain requirements set forth in the CCPA for such authorized agent to make requests on your behalf. We may verify such authorized person’s identity using the procedures above.

Our goal is to respond to any verifiable consumer request promptly and in any event within the time frame required under applicable law (if any). Please contact us at the email address above with any questions about this Privacy Policy.

End of Privacy Policy