PRIVACY STATEMENT

No disclosures will be made that violate your rights under the Fair Debt Collection Practices Act

Date of last revision: March 9, 2020

Welcome to the FMS portal

THIS FMS PRIVACY AND SECURITY POLICY (THIS “PRIVACY POLICY”) DESCRIBES HOW CERTAIN INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS PRIVACY POLICY CAREFULLY.

By accessing and using of this Internet web site and any other web site and all devices or applications that link to this Privacy Policy (each a “Site”), providing your Personal Information (as defined below) in connection with a Site, your use of our products or services through a Site (“Services”), or your use of products or services offered through a site by a third-party service provider (“Service Provider”), you signify your assent to this Privacy Policy. The Sites are owned and operated by or on behalf of FMS investment Corp, a Maryland corporation, and/or its successors, parents, subsidiaries, affiliates, or related companies (collectively referred to as “FMS,” “we,” “our,” or “us”).

In addition to this Privacy Policy, FMS has established Terms of Use that set forth the general rules and policies governing your use of the Sites (the “TOU”). A copy of the TOU can be found ("here" "TermsofUse").

1.  FMS's Commitment to Your Privacy

 

FMS is committed to maintaining the privacy of your Personal Information. We have created this Privacy Policy in order to demonstrate our commitment to privacy for our online users. This Privacy Policy discloses our information gathering and dissemination practices. At FMS, our most important asset is our relationship with you.


Please note: The laws and regulations in different countries impose different (and even conflicting) requirements on the Internet and data protection. FMS is located in the United States and the services we provide through the Sites are intended for U.S. users only. All matters relating to the Sites are governed by the laws of the State of Maryland in the U.S., without reference to its conflicts of law rules that would result in the application of the laws of another jurisdiction. Please note that any information you provide will be transferred to the U.S., and by using a Site or providing FMS your Personal Information, you expressly consent to, and authorize, this transfer.


2.  Collection, Use, and Disclosure of Your Personal Information


Under this Privacy Policy, “Personal Information” refers to information that specifically identifies you, such as your name, social security number, date of birth, address, phone number, fax number, email address, and certain information about your Title IV loan data (if applicable), as described in the Terms of Use.


FMS will not sell or rent your Personal Information.  FMS and Service Providers may use and disclose your Personal Information only as follows:
 

 

  • to analyze Site usage and improve the Sites and the Services;
     

  • to deliver to you any administrative notices, alerts, and communications relevant to your use of the Services;
     

  • to fulfill your requests for Services and provide you with support;
     

  • for market research and project planning;
     

  • to troubleshoot problems and detect and protect against error, fraud, or other criminal activity;
     

  • to third-party contractors that provide services to FMS who are bound by these same privacy restrictions;
     

  • to enforce our rights against you or in connection with a breach by you of this Privacy Policy or the TOU;
     

  • to investigate, prevent, defend against, or take other action regarding violations of the TOU, illegal activities, suspected fraud, or situations involving potential threats to the legal rights or physical safety of any person or security of FMS’s network or the Services;
     

  • when required by any applicable laws, rule, regulation, subpoena, or other legal processes; and 
     

  • as otherwise set forth in this Privacy Policy.
     

In the event that you access the Services as brought to you by one of our co-brand partners, through a co-branded URL, your email address used for registration on the Services may be provided to that co-brand partner.

 

Employees and agents of FMS or Service Providers for FMS may have access to your Personal Information. All FMS and Service Provider employees and agents who may have access to your Personal Information are bound by the security policies and practices described herein and are bound by confidentiality obligations to FMS.


FMS may also share your Personal Information with creditors who have placed accounts with FMS, credit bureaus if applicable, and third-party vendors or Service Providers we use to send email messages on our behalf or to host and/or operate a particular feature or functionality of the Services, such as to notify you of account registration, password changes, profile updates, or loan status changes. Additionally, FMS may share your Personal Information with Service Providers that we use to offer you support via telephone or webchat. All third party vendors or Service Providers are bound by confidentiality obligations that require the protection of your Personal Information.


When you visit a Site, we may collect technical and navigational information, such as computer browser type, Internet protocol address, pages visited, and average time spent on the Site. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve the application or web design and functionality.


 When you use the mobile versions of a Site, we may collect the unique device identifier assigned to your mobile device by phone makers, carriers, or makers of the operating system (the “Device ID”). Device IDs allow app developers, advertisers, and others to uniquely identify your device for purposes of storing application preferences and other data. We may use your Device ID for security purposes.


If FMS or our assets are acquired by another company, or in the event of a merger, consolidation, change in control, transfer of substantial assets, reorganization, or liquidation, FMS may transfer, sell, or assign to third parties information concerning your relationship with FMS, including, without limitation, Personal Information that you provide or that has been provided on your behalf (e.g., by your parent or guardian) and other information concerning your relationship with FMS. Such third parties will assume responsibility for the Personal Information collected by FMS or its Service Providers in connection with FMS’s business operations or through the Sites and such third parties will assume the rights and obligations regarding such information as described in this Privacy Policy.
 
3.  Registration for the Sites


You are required to register on the designated Site to use certain features of the Services. To register, you must provide your email address, account number, and certain Personal Information (collectively the “Registration Information”) via the Site. Certain functions of the Services, such as retrieval of Account Information (as defined in the TOU), require your username, passwords, and other account credentials (“Account Credentials”) in order for us to access and retrieve Account Information from third party loan providers, services, and other Data Providers (as defined in the TOU) on your behalf. Certain versions of the Sites may require that you first sign up on the web version of the Site before you can use the other version of the Sites.
From time to time we may request other Personal Information to provide you with other benefits of the Services. In all such instances, you are not required to provide such Personal Information and you may decline to participate in the Services.


4.  Information Uploaded to a Site


In addition to the types of information we collect from you disclosed herein, you may be allowed to upload personal documents and other information to a Site. The documents and other information that you upload may include Personal Information. We are not responsible for the information you choose to upload to a Site. Please see our applicable TOU on this point and for other guidelines about uploading content to the Sites.


5.  Collection of Social Security Numbers


In connection with accessing Account Information from third party Data Providers, you are required to provide your social security number (“SSN”) to validate your identity with such Data Providers’ sites and only to the extent required by such third party Data Provider. If you do provide your SSN where required to access and retrieve Account Information from a Data Provider, FMS will use it only as necessary to access Account Information from such Data Provider on your behalf, in connection with the Account Credentials or other authorization you provide to us.
When your SSN is collected or transmitted over the Internet, the data transmission will be encrypted. We will endeavor, to the extent practicable, that no individual associated with FMS obtains, stores, transfers, uses, discloses, or disposes of an SSN that FMS has obtained or possesses except in accordance with applicable law and this Privacy Policy. Access to and/or disclosure of your SSN is restricted to employees, agents, and authorized third parties who have a legitimate business need for access. We may disclose your SSN to other third parties as legally required.


6.  FMS Disclosure of Non-Identifiable Personal Information


FMS may make anonymous or aggregate disclosure of your Non-Identifiable Information (information that does not identify you individually) relating to your access or use of the Sites and Services to third parties for informational, troubleshooting, and security purposes. 

7.  FMS Use of Cookies and Other Technologies on the Site


FMS does not currently use cookies on the Sites.  Cookies are text files placed on your device to store your preferences or for other recordkeeping purposes (“Cookies”).  FMS does not respond to Do Not Track signals because we do not track personal information about a user’s online activities outside the Sites over time and across third-party websites or services.
FMS may permit third-party Service Providers to use Cookies to help us measure the performance of our online campaigns or analyze visitor activity on the Sites.  A third-party Service Provider’s use of Cookies on the Sites may involve the collection of personally identifiable information about your online activities over time and across different websites.
 
8.  Changes to Your Registration Information


If your Personal Information changes you may update your profile by making the change on your Profile page.

9.  Third-Party Service Providers


We may use Service Providers to help us analyze certain online activities. For example, these Service Providers may help us measure the performance of our online campaigns or analyze visitor activity on the Sites. We may permit these Service Providers to use Cookies to perform these services for FMS, which may involve the collection of personally identifiable information about your online activities over time and across different websites.


There may be a member of separate products and services offered by third parties advertised by us on the Sites and through the Services such as lenders, banks, credit card issuers, and brokerage institutions (collectively, “Sites and “Offers”). If you choose to use these separate products or services, disclose information to the providers, or grant third parties permission to collect information about you, then their use of your information is governed by the third party or parties respective privacy policy or policies. You should evaluate the practices of external service providers before deciding to use their services. If you click on a link to a third-party site, FMS may present links in a format that enables us to keep track of whether these links have been followed and whether any action has been taken on a third party web site.


We use this information to improve the quality of the Site Offers and customized content on the Sites.


Additionally, the Sites may contain links to other sites whose information practices may be different than ours. Visitors should consult the other sites’ privacy notices, as FMS has no control over information that is submitted to, or collected by, these third parties.


FMS DOES NOT CONTROL AND IS NOT RESPONSIBLE FOR WHAT THIRD PARTIES DO IN CONNECTION WITH THEIR SITES OR HOW THEY HANDLE YOUR PERSONAL INFORMATION. PLEASE EXERCISE CAUTION AND CONSULT THE PRIVACY POLICIES POSTED ON EACH THIRD-PARTY SITE FOR FURTHER INFORMATION


10.  Children


The features, programs, promotions, and other aspects of the Sites requiring the submission of Personal Information are not intended for anyone under 13 years of age. We do not knowingly collect personally identifiable information from children under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personally identifiable information to us, please contact us at 877-291-8405.


11.  You can Deactivate Your Account


If you wish to deactivate your account, please follow the applicable instructions in the TOU. When you request us to deactivate your account, we will promptly disconnect any connection we had established to third party Data Providers using your Account Credentials and we will use commercially reasonable efforts to remove from our servers any data you provided to us or that we collected on your behalf using your Account Credentials. To the extent that we have received data about you from other sources (e.g., your college, university, or other institution at which you are enrolled and/or currently attending or have attended in the past), we reserve the right to retain such data except as otherwise agreed with such other source. Despite the removal of any of the data you provided to us or that we collected on your behalf, portions of such data may remain on our production and back-up servers indefinitely. We keep these backups to ensure our continued ability to provide the Services to you in the event of malfunction or damage to our primary production servers. We also reserve the right to retain and use any aggregated or anonymous data derived from or incorporating your Personal Information, but we will not use such data in any way that identifies you personally.


12. Email Communication From Us


From time to time, we may send you emails in connection with certain features of your account(s), such as reminders of the due dates of loan payments. We may also allow users to subscribe to email newsletters and from time to time may transmit emails promoting the Sites or third-party goods or services.


Users have the ability to opt-out of receiving our promotional emails and to terminate their newsletter subscriptions by following the instructions in the emails. Opting out in this manner will not end transmission of service-related emails, such as email alerts.


13. Security


When FMS or one of its Service Providers collects Personal Information directly from you, we follow generally accepted industry standards to protect the submitted Personal Information. All personally identifiable and confidential information is segregated from other information and appropriate protection mechanisms are in place based on the criticality of the information being protected. The only information that is stored is that which is needed to retrieve initial student loan information and subsequent student loan updates. All Personal Information is encrypted using a minimum of AES-256 encryption while in storage, in transit, and at rest. Multi-level encryption is used to this end. FMS takes every precaution possible and conducts consistent and regular security assessments, penetration tests, and vulnerability scans to ensure the safety and security of your Personal Information at all times.


FMS uses a combination of firewall barriers, encryption techniques, and authentication procedures, among others, to maintain the security of your online session and to protect Site accounts and systems from unauthorized access. However, no method of transmission over the Internet or method of electronic storage is 100% secure. If you have any questions about security on the Sites, you can contact FMS at 1-800-605-9817.


14. Our Service Ensures Secure Communications with Encryption


From the time you submit your email address and password to log in to a Site, communications between your computer and the Site are encrypted. This enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering, and message forgery.


15. We Post Updates on the Site Whenever There is a Change to Our Privacy Policy


FMS and its Service Providers will abide by the terms of this Privacy Policy while it is in effect. This current Privacy Policy takes effect on the date specified above, and will remain in effect until FMS replaces it. FMS reserves the right to change the terms of this Privacy Policy at any time, as long as the changes are in compliance with applicable law. If FMS changes the terms of this Privacy Policy, changes take effect immediately upon posting, and the new terms will apply to all Personal Information that we maintain, including Personal Information that was created or received before such changes were made. If we change this Privacy Policy, we will post the new Privacy Policy on the Sites and will make the new Privacy Policy available to you upon request. You agree to accept electronic communications and/or postings of revised versions of this Privacy Policy on the Sites and agree that such electronic communications or postings constitute notice to you of the revised version of this Privacy Policy.


16. CALIFORNIA RESIDENTS: PRIVACY POLICY NOTICE


This Privacy Policy Notice is intended for California residents pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), and supplements the information contained in the above Privacy Policy.  Any terms defined in the CCPA and applicable California Attorney General regulations have the same meaning as used in this Privacy Policy Notice.

1.    Information We Collect About You

We may collect and use personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be directly or indirectly linked, with a consumer, device, or household (“personal information”).

Personal Information does not include:

 

  • Publicly available information from government records.
     

  • Deidentified or aggregated consumer information.
     

  • Information excluded from the CCPA’s scope, such as (but not limited to) information governed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the California Confidentiality of Medical Information Act (“CMIA”), the Fair Credit Reporting Act (“FCRA”), the Gramm-Leach-Bliley Act (“GLBA”), California Financial Information Privacy Act (“FIPA”), and the Driver’s Privacy Protection Act of 1994 (“DPPA”).

We regularly collect (and have collected in the past 12 months)  several types of personal information about individuals offline regarding accounts we service, including: name, DOB, address, gender, account number, payment and other financial information, email address, insurance information, SSN, employment information, telephone number, IP address, military or veteran status, audio information, educational information, username, publicly available information, and information collected or shared pursuant to HIPAA, FIPA, GLBA, FCRA, DPPA, and/or other applicable privacy laws.  We also may collect additional categories of personal information users provide directly to us or our service providers.

2.     How Your Personal Information is Collected

We collect most of this personal information from our creditor clients or from you or your authorized representative by telephone or written communications.  However, we may also collect information:

  • From publicly accessible sources (e.g., property or other government records);
     

  • From our service providers (e.g., call analytics, information source, skip-tracing, payment processing, mailing, and other vendors)

3.    Why We Use or Disclose Your Personal Information 

We regularly use or disclose personal information for one or more of the following business purposes:
 

 

  • Fulfill the reason you provided the information. For example, if you share your personal information to make a payment, we will use that information to process your payment.
     

  • Perform services on behalf of a business or service provider, including maintaining or servicing accounts, providing customer service, processing transactions, verifying customer information, processing payments, providing analytic services, or providing similar services on behalf of the business or service provider
     

  • Provide you with information or services that you request from us
     

  • Auditing related to consumer interactions 
     

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
     

  • Debugging to identify and repair errors that impair existing intended functionality
     

  • Short-term, transient use, where the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction
     

  • Undertaking activities to verify or maintain the quality of a service or device that is owned, made by or for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, made by or for, or controlled by us
     

  • Respond to law enforcement requests and as required by applicable law or court order 
     

  • As appropriate to protect the rights, property, or safety of us, our clients, or others
     

  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.

We will not collect additional categories of personal information or use the personal information we collected for materially different purposes without providing you notice.

We regularly disclose (and have disclosed in the past 12 months) several types of personal information about individuals for one or more business purposes, including: name, DOB, address, gender, account number, previous payment and other financial information, email address, insurance information, SSN, employment information, educational information, telephone number, IP address, military or veteran status, audio information, username, and information collected or shared pursuant to HIPAA, FIPA, GLBA, FCRA, DPPA, and/or other applicable privacy laws.  

We do not sell your personal information and have not sold your personal information over the last 12 months under the CCPA.  

4.    Verifiable Consumer Requests for Information

Upon verification of identity, California residents may in some cases request that a business:
 

 

  • Disclose the categories of personal information the business collected about the consumer; 
     

  • Disclose the categories of sources from which the personal information is collected
     

  • Disclose the categories of personal information that the business sold about the consumer; 
     

  • Disclose the categories of personal information that the business disclosed about the consumer for a business purpose;
     

  • Disclose the categories of third parties with whom the business shares personal information
     

  • Disclose specific pieces of personal information the business has collected about the consumer
     

  • Disclose any financial incentives offered by the business for collection, sale, or deletion of personal information 
     

A business may charge a different price or rate, or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to you by your personal information.

For applicable personal information access and portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

 

Please note that we are not required to:
 

 

  • Carry out information access requests we receive from you if acting as a service provider to another entity regarding such information   
     

  • Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
     

  • Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; 
     

  • Provide the requested information disclosure to you more than twice in a 12-month period.
     

  • Provide the requested information disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf; or
     

  • Provide the requested information disclosure if a CCPA or applicable exception applies.
     

5.    Right to Request Deletion of Personal Information

Upon verification of identity, California residents may in some cases request that we delete personal information about you that we collected from you and retained, subject to certain exceptions. 

We may deny your deletion request if we are acting in the role of a service provider to another business regarding the applicable personal information.  If we deny your request on that basis, we will generally refer you to the relevant business.  

 

In addition, we may deny your deletion request if retaining the information is necessary for us or our service providers to:

 

  • Complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us.
     

  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
     

  • Debug to identify and repair errors that impair existing intended functionality.
     

  • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
     

  • Comply with the California Electronic Communications Privacy Act.
     

  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent.
     

  • Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
     

  • Comply with a legal obligation.
     

  • Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information; or
     

  • If another CCPA or applicable exception applies. 
     

California residents may obtain more information about verifiable requests pursuant to the CCPA by contacting us at 1-800-605-9817. 

6.    Verifying Your Identity If You Submit CCPA Requests

If you choose to contact us directly via the designated methods described above to exercise your CCPA rights, you will need to:

  • Provide enough information to reasonably identify you [(e.g., your full name, account number if applicable, and potentially other identifying information]; and
     

  • Describe your request with sufficient detail to allow us to properly process and respond to your request. 
     

We are not obligated to make an information disclosure or carry out a deletion request pursuant to the CCPA if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.

Any personal information we collect from you in order to verify your identity in connection with your CCPA request will be used solely for the purposes of verification.

17. Contact Us if You Have Any Questions or Concerns


If you have questions, comments, concerns or feedback regarding this Privacy Policy or any other privacy or security concern, please contact us.


Our postal address is:
FMS Investment Corp 
1100 W. Lake Cook Rd.
Suite 101 
Buffalo Grove, IL 60089

You can reach us by telephone at:  1-800-605-9817

During the following hours:
Monday-Thursday: 8am – 9pm (Central time) 
Friday: 8am – 5pm (Central time)