ONLINE PRIVACY POLICY
Last updated
April
3, 2026
Edstruments Inc. ("Edstruments," "Company," "we," "us," and/or "our") is dedicated to protecting your information and informing you about how we use it. This privacy policy (the "Privacy Policy" or the "Policy") is intended to provide information to our visitors and users ("you" or "your") about how we collect, protect, share and use your information when you use the Edstruments Inc. website, URL, including any subdomain thereof (the "Site"), the Edstruments web and/or mobile application (the "App"), and/or products and services offered, operated or made available by the Company (collectively referred to as the "Services"). Reference to the Services includes any portion of the Services. Any capitalized term that is not defined in this Privacy Policy shall have the meaning given to it in the Terms of Use. This Privacy Policy outlines how and when Edstruments collects, protects, shares, and uses information that can identify you individually ("Personal Information"), such as your name, email or telephone number. Personal Information does not include information that is anonymous, aggregated, or can no longer be used to identify you as an individual. Information about an entity that cannot be used to identify you as an individual is not Personal Information.
This Privacy Policy covers the privacy practices of Edstruments only. This Policy does not apply to the practices of third party websites, services or applications, including Veritex Community Bank, Highnote, or other third parties with which we partner. These third party services are governed by each such third party's privacy policy. Edstruments is not responsible for the privacy policies and practices of websites other than its own and is not responsible for the failure of any third parties to honor their privacy obligations.
We may amend this Privacy Policy at any time by posting a revised version on our Website. We will attempt to give a reasonable notice period upon making any changes; however, unless otherwise stated, the revised version will be effective at the time we post it.
Acceptance of Privacy Policy
By using the Services, you signify your acceptance of this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the Services. Your continued use of the Services following the posting of changes to these terms will mean that you accept those changes.
Information We Collect
The types of information we may collect include:
-
Personal identifiers:
Name, email, phone number, mailing address, date of birth, Social Security number, employer, and account credentials;
-
Financial Information:
Payment card details, bank account numbers, transaction history, and credit information;
-
Device and Usage Data:
IP address, device identifiers, browser type, operating system, geolocation, and usage analytics;
-
Communications:
Customer support inquiries, feedback, and communications with us;
-
Cookies and Tracking Technologies:
Data collected via cookies, pixels, and similar technologies (see below)
Cookies and Tracking Technologies
We and our service providers use cookies, web beacons, pixels, and other similar tracking technologies to collect information about your interactions with our Services, to remember your preferences, analyze usage patterns, and deliver relevant content and advertising. These technologies help us improve the functionality and user experience of our Services.
Cookies are small data files that are stored on your device when you visit our Site or use our App. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until deleted or expired). Web beacons and pixels are small graphic images that allow us to monitor your use of our Services and track whether you have opened our communications.
The information collected through these technologies may include your IP address, browser type, device identifiers, pages visited, time spent on pages, links clicked, and other usage information. We may combine this information with other information we have collected about you.
You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, if you disable cookies, some features of our Services may not function properly. For more information about managing cookies and your choices, please visit our Cookie Preferences page or contact us at the information provided below.
How We Use Information
In general, Edstruments uses information we collect through the Services to:
-
Provide, operate, and improve our Services;
-
Personalize your experience and recommend products;
-
Process transactions and manage accounts;
-
Detect and prevent fraud, security incidents, and abuse;
-
Comply with legal and regulatory obligations (including Section 1033, CCPA, GLBA, PCI DSS, and other applicable laws);
-
Conduct analytics, research, and product development;
-
Communicate with you about your account, products, and updates;
-
Send marketing and promotional communications (with opt-out options);
-
Respond to your requests and provide customer support;
-
Enforce our terms and policies; and
-
For our other legitimate business purposes permitted by law.
Edstruments is a service provider to its bank partner, Veritex Community Bank, and all loans or accounts facilitated through the Services are provided by our bank partner. If you apply for a loan or account using the Services, we will use your information to facilitate your loan or account with our bank partner.
The information collected in connection with a loan or account may be used (as applicable) to:
-
Generate your borrower profile or process your loan or account application on behalf of the bank partner providing the loan or account;
-
Enable automatic payments and fund transfers with other financial institutions; and
-
Communicate with you concerning your account and transactions.
Information We Share
We may share your information, including non-public information, with the following categories of recipients:
-
Our third party partners and service providers, including but not limited to our bank partner and vendors who support our business operations including payment facilitation, servicing, bill collection, debt collection, marketing, analytics, and technology services;
-
Service providers who support our business operations including payment facilitation, servicing, bill collection, debt collection, and marketing and technology services which may also include affiliated companies of Edstruments;
-
Credit reporting agencies at your direction and otherwise as permitted by law;
-
Debt collection companies that purchase your debt if it has been charged off;
-
Any back-up service provider or back-up administrator we, or any entity we engage in the event we stop operating;
-
Law enforcement, government officials, or other third parties when (1) we are compelled to do so by a subpoena, court order or similar legal procedure, (2) we need to do so to comply with law, or (3) if we believe in good faith that the disclosure of your information is necessary to prevent physical harm or financial loss or to report suspected illegal activity; and
-
Other third parties but only if you consent or direct us to do so.
Edstruments will not sell or rent any of your information to third parties.
How We Protect Information
We care about the security of your information and take reasonable measures designed to protect your information from unauthorized access and use by maintaining physical, electronic and procedural safeguards in compliance with applicable law. These measures include computer safeguards and secured files.
You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications from us at all times. However, we cannot ensure or warrant the security of any information you transmit to us or guarantee that information may not be accessed, disclosed, altered or destroyed by external bad actors.
In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised, and take other steps in accordance with any applicable laws and regulations.
Automated Decision-Making
We may use automated tools, including artificial intelligence and machine learning technologies, to process your personal information for various business purposes. These automated systems help us provide better services and protect against fraud and other risks. We use automated decision-making processes in the following areas:
-
Fraud Detection and Prevention.
We use automated systems to analyze transaction patterns, account activity, and other information to detect and prevent fraudulent activity, money laundering, and other illegal or suspicious activities.
-
Credit Decisions and Risk Assessment.
We may use automated tools to evaluate creditworthiness, assess financial risk, and make lending decisions. These systems analyze various factors including credit history, financial information, and other relevant data to determine eligibility for our Services.
-
Personalization and Product Recommendations.
We use automated systems to personalize your experience with our Services, including customizing content, recommending products or features that may be of interest to you, and improving the functionality of our Services.
-
Customer Support and Service Optimization.
We may use automated tools to route customer inquiries, provide initial responses to common questions, and optimize our Services based on usage patterns.
Third Party Websites
This policy only applies to our Services. Our Services may contain links to other websites, apps or online services not operated or controlled by us ("Third Party Sites"). The policies and procedures described here do not apply to Third Party Sites. By providing links to Third Party Sites or services we do not imply that we endorse or have reviewed such websites or services. We suggest that you contact those sites directly for information about their data practices and policies and we encourage you to read their privacy policies before providing any information to them.
Do Not Track Signals
Our Site currently does not respond to "Do Not Track" ("DNT") signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do so in the future, we will describe how we do so in this Privacy Policy.
Children's Privacy
This Site is not intended for children or minors under the age of 18. We do not knowingly collect personal information from, or market to, children under the age of 13. If we become aware that a child under the age of 13 has provided us with personal information, we will take steps to comply with applicable legal requirements to remove such information.
California Residents
This section provides additional details about the information we collect about California residents and business owners and the rights afforded to them under the California Consumer Privacy Act ("CCPA").
In the last 12 months, we may have collected the following categories of information: identifiers (such as name and contact information), demographic information (such as age and gender), commercial information (such as products purchased), internet or other electronic network activity information (such as browsing behavior), geolocation data, audio, electronic, visual or similar information (such as customer support calls), and inferences we make (such as preferred activities). For more details about the information we collect, including the categories of sources, please see the "Information We Collect" section above. We collect this information for the business and commercial purposes described in the "How We Use Information" section above. We share this information with the categories of third parties described in the "Information We Share" section above.
Subject to certain exemptions, the CCPA provides California residents the right to request to know more details about the categories and specific pieces of information we collect, to delete their information, to opt out of any "sales" that may be occurring, and to not be discriminated against for exercising these rights. If your information falls into one of the legal exemptions included in the CCPA, we may be unable to fulfill your request.
We do not sell the information we collect (and will not sell it in the future without providing a right to opt out). We do allow third parties to collect information through our services and share information with third parties for the business purposes described in this Privacy Policy, including without limitation advertising and marketing on our services and elsewhere based on our customers' online activities over time and across different sites, services, and devices.
California residents may make a rights request by contacting us at the information below.
SMS/Text Messaging Data
We will not sell, rent, or share your mobile phone number, SMS opt-in data, or text messaging consent with third parties or affiliates for their marketing or promotional purposes. We may share this information with service providers who assist us in delivering text messages, but only for that purpose and subject to confidentiality obligations.
Changes to this Policy
Edstruments may revise this Policy from time to time without prior notice to you, and any changes will be effective immediately upon the posting of the revised Privacy Policy on the Website. You should bookmark and periodically review this page to ensure that you are familiar with the most current version of this Policy. You can determine when this Policy was last revised by checking the "Last Updated" legend at the top of the Policy.
Questions about this Policy