Effective Date: June 20, 2021
Firstmark Services operates FirstmarkServices.com. This Privacy Policy informs
you of our policies and procedures regarding the collection, use, and disclosure
of personal information we receive from users of the website. This policy applies
to visitors of the website from the U.S. This policy does not apply to information
provided to any third-party service provider(s) related to or whose services are
incorporated into the website; information you provide to third parties is controlled
by their respective privacy policies.
We are committed to providing a useful and enjoyable online experience. This policy
explains our collection and use practices regarding consumer information, including
how and what we share with our related companies and with unrelated entities.
Protecting your privacy is important to Firstmark Services and our employees. We
want you to understand what information we collect and how we use it.
This policy is subject to change from time to time, so be sure to check back occasionally
to ensure you’ve read the most current version. It is effective as of the date listed
above and applies to our services that link to this policy. Even if you read and/or
agreed to a prior privacy statement, you need to review this updated version. We reserve
the right at any time, and in our sole discretion, to change or modify this Online Privacy
Policy. If any such changes or modifications are made, we will update the “Effective Date”
appearing at the top of this web page. These changes or modifications are effective
immediately upon posting to the website, and supersede any prior versions of this policy.
This policy governs the privacy policies of this website only. Other divisions, affiliates,
and subsidiaries of Firstmark Services list their privacy practices on their respective
websites. Firstmark Services is a division of Nelnet, Inc. This policy governs the
privacy policies of this website only. Other divisions of Nelnet, Inc. will detail
their privacy practices on their respective websites.
We do not sell personal information to third parties. All personal information collected is used by us
or our affiliates to perform services, inform you of our products and services, comply with laws or
carry out internal functions. If you are a California Resident and you would like to inquire about what
type of personal information has been collected about you please email AskPrivacy@nelnet.net.
Our Security Procedures
We are committed to providing you a useful and enjoyable online experience.
We implement reasonable and appropriate physical, procedural, and electronic
safeguards to protect your information.
To access information and send email via the website, you will need a browser
that supports the use of Secure Sockets Layer. This encryption technology
helps ensure the authenticity of your online sessions and secures data
transmitted over the public Internet.
Firstmark Services takes careful steps to safeguard customer information.
We restrict access to your personal and account information to employees who
need to know the information to provide services to you, and we regularly
train our employees on privacy, information security, and their obligation
to protect your information. We maintain reasonable and appropriate physical,
electronic, and procedural safeguards to guard your Nonpublic Personal
Information (NPI) and Personally Identifiable Information (PII), and we
regularly test those safeguards to maintain the appropriate levels of protection.
You can help safeguard your NPI and PII by taking a few simple precautions.
Protect your account numbers, passwords, and customer access numbers. Never
disclose confidential information to unknown callers. You should always use
a secure browser and current virus detection software, and never open email
from unknown sources.
Children's Privacy
The website is not directed to children under age 13. We do not knowingly
collect, maintain, or use PII from children under age 13. If a parent or
guardian becomes aware that his or her child has provided us PII without their
consent, he or she should contact us using the information in the "How to
Contact Us" section, below. If we confirm we collected such information,
we will take all reasonable measures to delete that information from our
system as soon as possible.
Links to Other Websites and Services
We are not responsible for the collection and use of information by companies
or individuals unaffiliated with us whose websites may contain links to our
website, including vendors where you may shop. Please remember that when you
use a link to go from our website to another website, our policy does not
apply to third-party websites or services. Your browsing and interaction on
any third-party website or service are subject to that third party's own rules
and policies. Please note that when you shop with a vendor linked to the website,
even though you may have started your visit with us, and even though our pages may
still appear, your transactions are completed with a separate organization, not
with us. In addition, you agree that we are not responsible, and we do not have
control over any third parties that you authorize to access your user content.
If you are using a third-party website or service, and you allow a third party
access to your user content, you do so at your own risk. This policy does not
apply to information we collect by other means (including offline) or from sources
other than through the website.
How to Contact Us
If you have any questions about this policy, please contact us by email or
regular mail at the following address:
Firstmark Services
PO Box 82522
Lincoln, NE 68501-2522
Email: Customer.Services@FirstmarkServices.com
Online Policy FAQs
How do we use your information?
Certain Non-Identifying Information (NII) would be considered a part of your Personally
Identifiable Information (PII) if it were combined with other identifiers
(e.g., combining your ZIP code with your street address) in a way that enables you to
be identified. But the same pieces of information are considered NII when they are
taken alone or combined only with other NII (e.g., your viewing preferences). We may
combine your PII with NII and aggregate it with information collected from other users
to attempt to provide you with a better experience, to improve the quality and value of
our services, and to analyze and understand how our website and services are used. We
may also use the combined information without aggregating it to serve you specifically
(e.g., to deliver a product to you according to your preferences or restrictions).
If you supply us with your email address, we may let you know by email about other products,
services, and product enhancements that may interest you. You will have the opportunity to
tell us you do not want to receive future messages with each message you receive. If you
email a question or comment to us, we will use your email address to reply to you, and we
will temporarily store your email address, your message, and our reply for quality assurance
or to satisfy applicable laws and regulations. When we collect your email address this way, we
will not use it for marketing our products and services without your permission.
If you wish to change any of your personal information, you may change it by logging into your
FirstmarkServices.com account, or by contacting Customer Service, either through email, by mail,
or by telephone as listed in the "How to Contact Us" section.
What information do we share?
We may employ third-party companies and individuals to facilitate our services, provide services
on our behalf, perform website-related services (e.g., maintenance services, database management,
web analytics, and improvement of the website’s features), assist us in analyzing how our website
and services are used, perform other services (e.g., sending postal mail and email, providing
marketing assistance, and providing customer service). These third parties have access to your
Nonpublic Personal Information (NPI), Non-Identifying Information (NII), and/or Personally
Identifiable Information (PII) only to perform these tasks on our behalf. However, if you are
redirected to a site or application maintained by a third party, the privacy policy of such site
or application will control the use of any information you provide.
We may share your information with companies that are affiliated with us, such as our direct or
indirect subsidiaries or parent or sister companies or nonaffiliated third parties (to market
products or services to you). As we continue to develop our business, we may buy or sell companies,
subsidiaries, or business units. We may sell, transfer, or share some or all of our assets,
including your PII, in connection with a merger, acquisitions, reorganization, or sale of assets
including in the event of bankruptcy.
Sometimes the law or other circumstances also require that we disclose NPI and/or PII about you
to nonaffiliated third parties. Some examples are: when you ask or permit us to do so; when a
guaranty agency or school needs that information in connection with your account; with agencies
that assist us in servicing your loan; in response to subpoenas or court orders; with credit
bureaus; when we suspect fraud or criminal activity; to protect our property and rights or
those of a third party; to protect the safety of the public or any person; or to prevent or
stop activity we may consider to be, or to pose a risk of being, illegal, unethical, or
legally actionable activity.
VERMONT RESIDENTS: We will not disclose nonpublic personal financial information about you
other than as permitted by law unless you authorize us to make that disclosure. Your
authorization must be in writing or, if you agree, in electronic form. If you wish to
authorize us to disclose your nonpublic personal financial information to nonaffiliated third
parties, you may notify us at the address found under the "How to Contact Us" section.
If you become an inactive user, we will continue to adhere to the privacy policies and
practices described in this policy.
Why do we collect information?
We collect information so we can identify you as our customer, to establish, manage and
protect your accounts, to complete your transactions, to create and offer you products and
services you might be interested in, to personalize and improve upon your experience with us,
and to comply with various legal and regulatory requirements.
How do we collect Non-Identifying Information?
We may collect information from your visit or as part of the registration and administration
of your account, in order to personalize and improve upon your experience with us, such as,
without limitation, age and individual preferences (i.e., Non-Identifying Information (NII)).
What is Nonpublic Personal Information?
Nonpublic Personal Information (NPI) is nonpublic, personally identifiable financial
information about you that we obtain in connection with providing a financial product or
service to you. For example, NPI includes information regarding your account balance, payment
history, and overdraft history, if applicable. We may collect Personally Identifiable
Information (PII) about you as well, including:
- Your first and last name
- Your home address
- Your home or work telephone number
- Your birth date
- Your email address
- Your social security number
How do we collect Personally Identifying Information?
We may collect Personally Identifying Information (PII) about you from the following sources:
- Information from your loan applications or other loan and account forms
- Information about your transactions with us or others
- Information we receive from third parties, such as your academic institution
PII is individually identifiable information about an individual consumer collected by us and
maintained in an accessible form
How are cookies used?
Our services may place small text files (i.e., cookies) on a visitor's device. Our cookies save
anonymized data about individual visitors, allowing our services to recognize information about
a visitor and help deliver personalized content and other services and functions. Cookies make
your Internet experience quicker and more convenient. Our services use both session cookies,
which terminate when a user closes his or her browser, and persistent cookies, which remain on
the user's device until they expire or are manually deleted. Our services also contain coding
from our business and technology partners, which generate third-party cookies. Third-party
cookies allow our business and technology partners to store Non-Identifying Information (NII)
they can access when you visit this or other websites. Accepting a cookie from a web or device
browser does not give us access to any Personally Identifiable Information (PII).
Most website and mobile device browsers allow you to control cookies, including whether or not
to accept them and provide the ability to remove them. You may set most browsers to notify you
if you receive a cookie, or you may choose to block cookies with your browser. Blocking cookies
may result in a lower quality experience for you while you are using our services.
How do we handle your device and connection information?
When you use our services, we will identify the internet protocol (IP) address of your computer
or handheld device. The IP address does not identify you personally, but it lets us identify
the device you are using. We store IP addresses in case we need to track a connection for
security purposes. We may also collect other device-specific information about the device you
are using, including what type of device it is and hardware model, what operating system you
are using, device settings, unique device identifies, geo-location data, and crash data. Whether
we collect some or all of this information often depends on the type of device you are using and
its settings. Check the policies of your device manufacturer or software provider to learn more
about the information your device makes available to us.
What are web beacons?
Our services contain coding known as web beacons that use 1x1 pixel images to capture and transmit
the online activity of users on our services. These web beacons typically transmit information
about form completions and other activities in order to measure advertising effectiveness or store
analytics information. In addition, we may use web beacons in HTML-based emails. This allows us to
evaluate the effectiveness of our email communications and our marketing campaigns by showing how
many emails recipients have opened.
What are log files?
Like most websites, our servers utilize log files. Log files store information including internet
protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages,
platform type, date/time stamp, and number of clicks. Log files are used to analyze trends,
administer the website, track users’ movement in the aggregate, and gather broad demographic
information for aggregate use. We use log file information at times to help identify you as you
browse and to gather broad technical and demographic information on who uses our website.
What is the Google Analytics feature?
We use Google Analytics to collect information about the use of our website. Google Analytics
collects information such as how often users visit the website, what pages they visit, and what
other sites they used prior to coming to the website. We use the information we get from Google
Analytics only to improve the website. Google Analytics collects only the internet protocol (IP)
address assigned to you on the date you visit the website, rather than your name or other
identifying information. We do not combine the information collected through the use of Google
Analytics with Personally Identifiable Information (PII). Although Google Analytics plants a
permanent cookie on your web browser to identify you as a unique user the next time you visit
this site, the cookie cannot be used by anyone but Google. Google’s ability to use and share
information collected by Google Analytics about your visits to this site is restricted by the
Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics
from recognizing you on return visits to this website by disabling the Google Analytics cookie
on your browser. You can also view and change the currently available opt-outs for Google Ads.
What are Do Not Track signals?
Do Not Track is a feature in your web browser that enables you to opt out of the third-party
tracking of your online activities over time and across third-party websites. We do not track
users across third-party websites to provide targeted advertising, and therefore, do not process
or comply with any web browser’s Do Not Track signal or other similar mechanism that indicates
a request to disable online tracking of individual users who visit this website or use our
services. Third parties cannot collect any Personally Identifiable Information (PII) from this
website unless you provide it to them directly.
For Borrowers
Your lender’s privacy policy describes the treatment of Personally Identifiable Information
related to your loan. Refer to your lender’s privacy policy for additional information.
State Privacy Information
California
The California Consumer Protection Act (CCPA) provides California Residents with specific rights
regarding their personal information. This section describes how we treat your personal information in
light of the CCPA. As stated above we do not disclose nonpublic personal information about you to
nonaffiliated third parties. We do not sell your personal information, and only use your personal
information for the following reasons:
• Provide consumer services.
• Comply with the law.
• Carry out internal functions.
We do not sell personal information to third parties. All personal information collected is used by us or
our affiliates to perform services, comply with laws or carry out internal functions. We will automatically
manage accounts with California addresses as if the account holder has directed us not to share with
non-affiliates unless it is for these purposes. If you are a California Resident and you would like to
inquire about what type of personal information has been collected about you please
email AskPrivacy@nelnet.net.
Vermont
We will not disclose nonpublic personal financial information about you other than as permitted by law
unless you authorize us to make that disclosure. Your authorization must be in writing or, if you agree, in
electronic form. If you wish to authorize us to disclose your nonpublic personal financial information to
nonaffiliated third parties, you may notify us at the address found under the "How to Contact
Us" section.
European Union Residents
Effective Date: June 20, 2021
Striving to provide superior customer service, Firstmark Services places great emphasis on
its customers and their privacy rights. In doing so, Firstmark Services will comply with
European Union Privacy Directives, most notably the EU General Data Protection Regulation.
By providing our services, we may from time to time collect, store, use, or process your
personal data for legitimate business purposes, such as improving our products and services.
Firstmark Services’ processing of your data is necessary for compliance with its contractual
and legal obligations. Personal data means any identifier information, such as your name,
social security number, identification number, location data, or other online identifiers and
factors.
Although your data is generally stored within the United States, an international data
transfer may occur if third-party, cloud-based storage companies that Firstmark Services
employs use servers located outside the United States. Firstmark Services uses appropriate
technical and organizational security measures including encryption of personal data and
follows various industry standards and best practices to protect your personal data.
Additionally, Firstmark Services requires its vendors and processors to abide by the European
Union General Data Protection Regulation and to apply adequate security and technical safeguards.
We will not transfer your data to or store your data in countries that have not been awarded an
adequacy decision by the European Commission.
For general processing purposes, Firstmark Services will store your personal data for a period of
seven years after full payment of the loan balance. However, Firstmark Services may retain such
information for longer periods where legally required to do so based on its contract or other
legal obligations.
You have the right to withdraw consent for processing at any time. Further, you have the right to
request access to and rectification, restriction or erasure of your personal data. Firstmark
Services will afford you these rights, but it may not be able to do so where the processing is
based on its contractual obligations, based on other legitimate interests, or carried out in the
public interest. Along with these rights, if you believe that your data has been mishandled in
violation of a privacy directive, you have the right to lodge a complaint with the relevant
supervisory authority. If you have questions or concerns about our data processing practices,
please address such inquiries to our Data Protection Officer.
Contact Details for Privacy and Data-related Inquiries
Data Controller / Data Processor
Nelnet, Inc
Shawn Traudt
Chief Compliance Officer
AskPrivacy@nelnet.net
|