Privacy Policy

Notice of Call Recording: Please note that all telephone calls, video calls, voicemails, text (SMS/MMS) messages, web chats, and other electronic communications between you and the Company may be recorded, transcribed, monitored, and stored for quality assurance, training, dispute resolution, regulatory compliance, fraud prevention, and recordkeeping purposes. By continuing to communicate with us through any of these channels, you consent to such recording, transcription, monitoring, and storage to the fullest extent permitted by applicable federal and state law (including, where applicable, the laws of all-party-consent jurisdictions).

1. Introduction and Scope

This Online Privacy Policy (the “Policy”) applies to the website www.privatestudentrelief.com, owned and operated by JOCO Enterprises LLC, doing business as Private Student Relief (also referred to in this Policy as “PSR,” “Company,” “we,” “us,” or “our”). This Policy also applies to any landing pages, sub-domains, online forms, telephone interactions, SMS/MMS messaging programs, email correspondence, social media properties owned by us, and any other online or offline interface that links to or references this Policy (each, a “Site,” and collectively, the “Sites”).

This Policy describes how we collect, use, retain, protect, share, and disclose your personal information, the choices available to you regarding our use of that information, and how you may exercise rights you may have under applicable U.S. federal, state, and (where relevant) foreign privacy laws.

Please read this Policy carefully. By accessing or using our Sites, submitting information through any of our forms (including privatestudentrelief.com/apply/), communicating with us, or engaging our services, you acknowledge that you have read, understood, and agree to the practices described in this Policy and in our Terms of Service. If you do not agree with this Policy, you must not use our Sites or services.

2. Who We Are and What We Do (Important Disclosures)

Private Student Relief is a consulting organization that educates and assists former college students and their cosigners with strategies to address private (non-federal) student loan debt, including consumer-driven debt validation under the Fair Debt Collection Practices Act (15 U.S.C. § 1692 et seq.), forgiveness counseling, and consolidation counseling. We have been operating since 2015 and currently serve clients in 48 U.S. states.

You acknowledge and agree, in connection with this Policy, that:

• PSR is NOT a law firm, attorney, or provider of legal advice.
• PSR is NOT a debt settlement company, debt consolidation company, debt collector, credit repair organization, credit counseling agency, or licensed loan originator, lender, broker, or servicer.
• PSR does not assume your debts, hold client funds, or make payments to creditors on your behalf.
• PSR does not provide legal, tax, accounting, investment, or financial advice. Any general information we provide is educational only and is not a substitute for professional advice from a licensed attorney, certified public accountant, or licensed financial professional.
• Results vary based on each client’s individual financial circumstances, the conduct of third parties, and other factors outside our control. Past results do not guarantee future outcomes. We make no promise, warranty, or guarantee that any specific outcome (including any debt reduction, settlement, validation, forgiveness, or consolidation result) will be achieved in your case.
• Services are not available to residents of South Carolina or Mississippi. We do not knowingly accept clients with a primary residence in those states.
• Certain operational and substantive components of the engagement — including, where applicable, the execution of debt-validation correspondence, consumer-protection demand letters, FDCPA-related dispute processes, and certain back-office services — are performed by an independent third-party service provider partner (the “Provider Partner”). The Provider Partner is a separate legal entity, with its own management, personnel, professional licensure (where applicable), policies, terms, and privacy practices. Any consumer ratings, accreditations, memberships, or trade-association affiliations referenced on our Sites in connection with the Provider Partner belong to the Provider Partner, not to PSR. PSR is not responsible for, and does not control, the independent professional conduct of the Provider Partner.

3. Agreement to This Policy; Arbitration Reference

Your use of the Sites and our services is governed by this Policy and by our Terms of Service, which include a binding individual arbitration agreement and a class-action and jury-trial waiver. Those Terms affect your legal rights. You may opt out of the arbitration agreement in the manner described in the Terms of Service. To the extent of any conflict between this Policy and a specific written agreement signed by both you and PSR, the signed written agreement controls.

4. Information We Collect

We collect the following categories of personal information, as those categories are defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”), and analogous categories under other applicable state privacy laws:

4.1 Categories of Personal Information

• Identifiers — full name, postal address, email address, telephone number(s), date of birth, Social Security Number (SSN) or last four digits, driver’s license or state-ID number, signature, IP address, online identifiers, account login credentials, and similar identifiers.
• Customer-records / California Civ. Code § 1798.80(e) information — name, contact information, financial-account information, and education records.
• Protected-classification characteristics — only when voluntarily disclosed by you (for example, military-service status if you ask about service-member protections, or marital status if relevant to a cosigner).
• Commercial information — records of services you have inquired about, considered, or obtained from us; communications history; payments to PSR for our consulting services.
• Internet or other electronic network activity information — browsing history on our Sites, search history on our Sites, page-view and click data, referring/exit pages, device and browser information, session-replay data, and information regarding your interaction with our Sites and advertisements.
• Geolocation data — approximate (city/region) location derived from IP address. We do not knowingly collect precise geolocation data through the Sites.
• Audio, electronic, visual, and similar information — recordings and transcripts of telephone calls, voicemails, web-chats, video conferences, and SMS/MMS messages with us.
• Professional or employment-related information — employer name, occupation, income, employment history (when relevant to evaluating financial circumstances).
• Education information — school(s) attended, dates of attendance, degree(s), and information about private student loans (lender/servicer, balance, account status, statements, collection notices, default status, judgment information, and related correspondence).
• Inferences — conclusions drawn from the above categories to characterize your preferences, characteristics, or eligibility for particular services.
• Sensitive personal information — SSN; driver’s license, state-ID, or passport number; account log-in credentials with security or access codes; precise geolocation (only if you affirmatively provide it); financial-account information; and the contents of communications you direct to us. We use sensitive personal information only for the purposes permitted under California Civil Code § 1798.121 and analogous laws (for example, providing the services you requested, preventing fraud, ensuring security, and complying with law). We do not use or disclose sensitive personal information for purposes of inferring characteristics about you for advertising or profiling.

4.2 Sources of Information

We collect personal information from the following categories of sources: (i) directly from you (forms, calls, emails, SMS, chats, documents you upload or send us); (ii) automatically through your use of the Sites (cookies, pixels, SDKs, server logs, analytics tools); (iii) from your devices and browsers; (iv) from our Provider Partner, service providers, and vendors who help us deliver and maintain the Sites and services; (v) from credit-reporting agencies, lenders, servicers, debt collectors, debt buyers, courts, and public records, where you have authorized us to obtain such records or where the records are otherwise lawfully available; (vi) from advertising and analytics partners; (vii) from social-media platforms when you interact with our pages or click our ads; and (viii) from referring third parties, affiliates, or marketing partners with whom you have requested information about debt-relief options.

5. How We Use Personal Information

We use personal information for the following business and commercial purposes, in each case to the extent permitted by law:

• To respond to inquiries, provide free initial consultations, and qualify you for our consulting services (including determining whether services are available in your state of residence);
• To deliver, perform, administer, document, and improve our consulting services and to coordinate with our Provider Partner for the execution of related services;
• To verify your identity and prevent fraud, identity theft, account takeover, and other unlawful activity;
• To communicate with you about your inquiry, file, account, or services, including service updates, status notices, document requests, appointment reminders, and customer-service follow-up;
• To send marketing, promotional, educational, and informational communications by email, SMS/MMS, mail, or telephone, where permitted by law and consistent with the consents you have provided;
• To process payments for our consulting fees and to maintain transactional records;
• To operate, secure, and improve the Sites; perform analytics, debugging, error-correction, A/B testing, and product development; and audit Site performance;
• To establish, exercise, defend, or settle legal claims, respond to legal process, and comply with applicable laws, regulations, court orders, subpoenas, and lawful governmental requests;
• To enforce our Terms of Service and other agreements; protect our rights, property, and safety, and the rights, property, and safety of our employees, clients, and the public;
• For any additional purpose that is compatible with the context in which the information was collected and for which we provide notice and obtain consent where required by law.

No Automated Decision-Making with Legal Effect. We do not use solely-automated decision-making technology (ADMT) to make decisions that produce legal or similarly significant effects concerning you (for example, eligibility decisions made without any human review). Where we use automated tools to support our work, qualified personnel review the output before any consequential decision is made.

6. How We Share and Disclose Personal Information

We share personal information only as described below, and only to the extent necessary for the purposes described:

• Provider Partner. With your consent and as part of the engagement you request from us, we share relevant personal information with our independent third-party Provider Partner so that the Provider Partner can perform the components of the engagement that fall within its scope (for example, FDCPA debt-validation correspondence). The Provider Partner is a separate legal entity, governed by its own privacy practices and its own client agreements. You will receive separate disclosures and, where applicable, separate engagement documents from the Provider Partner.
• Service Providers / Processors. We share personal information with vendors that help us run our business under written contracts that limit their use of the information to providing services to us. Categories include: cloud hosting and storage; CRM platforms (including Pipedrive, our customer-relationship-management system); contact-center, telephony, and dialer platforms (including Kixie, which handles routing and recording of voice and SMS communications); AI voice-agent platforms (including VAPI — vapi.ai — which provides the AI conversational agent that handles inbound and outbound calls outside of live-agent hours, as described in Section 7); SMS and email-delivery providers; e-signature providers; document-management providers; payment processors; identity-verification and anti-fraud vendors; analytics and advertising-measurement providers; security, anti-malware, and backup providers; and professional advisors (lawyers, auditors, accountants). Each of these vendors acts as a third-party data processor under our direct written instructions.
• Marketing, SEO, Web-Design, and Advertising Agency. Our marketing strategy, search-engine optimization, online-advertising creative, ad-account management, web design, and Site-development work are performed on our behalf by E-ideas Limitada, an independent third-party agency organized and operating under the laws of the Republic of Colombia. E-ideas Limitada acts as a processor under our direct written instructions and is contractually required to (a) limit its use of personal information to the purposes for which we engaged it, (b) maintain confidentiality and reasonable safeguards, (c) cooperate with consumer-rights requests, and (d) comply with applicable U.S. privacy laws (including the CCPA service-provider/contractor obligations) and Colombia’s personal-data protection regime (Ley Estatutaria 1581 de 2012 and Decree 1377 of 2013). The categories of information accessed by this agency include online identifiers, internet/network-activity information, and limited contact information necessary for analytics, ad audience management, and Site administration; the agency does not have access to your sensitive personal information, financial-account information, or substantive engagement files.
• Affiliates. Entities that control, are controlled by, or are under common control with JOCO Enterprises LLC, for the purposes described in this Policy.
• Legal, Regulatory, and Safety Disclosures. When required or permitted by law, we may disclose personal information in response to subpoenas, court orders, search warrants, regulatory or law-enforcement inquiries, or other legal process; to investigate, prevent, or take action regarding suspected illegal activity, fraud, security incidents, threats, or violations of our agreements; or to protect the rights, property, or safety of PSR, our clients, employees, or others.
• Business Transactions. In connection with a merger, acquisition, financing, reorganization, bankruptcy, receivership, dissolution, sale of assets, or similar transaction, personal information may be transferred to or shared with successors, acquirers, or evaluators, subject to appropriate confidentiality protections.
• With Your Direction or Consent. We may share personal information with any other recipient when you direct or consent to the disclosure (for example, when you ask us to communicate with a specific lender, servicer, or collector on your behalf, or when you authorize us to release information to a designated representative).

We do not sell your personal information for money. We have not sold personal information for monetary consideration in the preceding twelve (12) months and we do not currently do so. To the extent that any data-sharing for online advertising or analytics could be deemed a “sale” or “sharing” for cross-context behavioral advertising under the CCPA or similar laws, we honor opt-out signals (including the Global Privacy Control / GPC) and provide a “Do Not Sell or Share My Personal Information” mechanism on our Sites and through the contact methods listed in Section 18. We do not sell or share the personal information of consumers under age sixteen (16).

7. Marketing and Communications — TCPA, CAN-SPAM, and SMS Disclosures

By voluntarily submitting your information through our website, landing pages, online forms, or any other consent capture, and by checking the applicable consent box, you provide your prior express written consent — for purposes of the Telephone Consumer Protection Act (TCPA), the FCC’s implementing regulations (47 C.F.R. § 64.1200), the Telemarketing Sales Rule (16 C.F.R. Part 310), and analogous state laws — for PSR, our Provider Partner, and our authorized service providers acting on our behalf to contact you at the telephone number(s) and email address(es) you provided, including:

• Telephone calls, including calls placed using an automatic telephone dialing system (ATDS), an artificial or prerecorded voice, or AI-generated voice technology;
• SMS / MMS text messages, including messages sent using automated technology;
• Emails, including marketing, transactional, service-related, and educational messages.

The communications may relate to free consultations, eligibility, service updates, follow-up on your inquiry or file, scheduling, document requests, promotional offers, educational content, and other matters related to private-student-loan-debt relief. Consent is not a condition of purchase or of obtaining services. Standard message and data rates may apply for SMS/MMS. Message frequency varies based on your engagement.

7.1 AI Voice Agent — After-Hours Coverage

Outside of our regular live-agent business hours, certain inbound and outbound telephone communications are handled by an automated AI voice agent powered by VAPI (vapi.ai) and routed through our contact-center platform Kixie. The AI voice agent uses natural-language conversational technology and is identified as an artificial / AI-generated voice consistent with applicable FCC rules and TCPA disclosures (47 C.F.R. § 64.1200). Your consent to receive communications by AI-generated voice technology is included in the prior-express-written-consent framework described above in this Section 7.

The AI voice agent is designed to provide informational responses, capture eligibility intake, schedule callbacks with a live specialist, and handle basic service questions. The AI voice agent does not make eligibility decisions, does not finalize engagements, and does not deliver legal, tax, or financial advice. Any consequential decision regarding your file is reviewed by a qualified human specialist before action is taken (see Section 5, “No Automated Decision-Making with Legal Effect”). If at any point you prefer to speak with a live person rather than the AI agent, you may say “agent,” “representative,” or “human,” or request a callback during live-agent hours.

The AI voice agent operates during the following overnight hours by U.S. continental time zone (live agents staff the remaining daytime hours):

Hours shift by one (1) hour during the daylight-saving period observed in your state (typically the second Sunday of March through the first Sunday of November). Arizona (most of the state), Hawaii, Puerto Rico, the U.S. Virgin Islands, American Samoa, Guam, and the Northern Mariana Islands do not observe daylight saving and use standard time year-round. Outbound calls are scheduled to comply with TCPA quiet-hour restrictions applicable to your local time of residence (generally 8:00 AM to 9:00 PM local time under 47 C.F.R. § 64.1200(c)(1)), and applicable state quiet-hour rules, even when our agents and the AI voice agent operate outside those windows. Inbound calls you initiate to us at any hour will be answered by the AI voice agent during the schedule above; you may also leave a voicemail for callback by a live specialist during business hours.

All AI-handled communications are recorded, transcribed, monitored, and stored consistent with the disclosures in this Section 7 and in Section 9 (Data Security), and consistent with the Notice of Call Recording at the top of this Policy. Recordings and transcripts are retained per Section 10 (Data Retention) and are accessible to the same categories of authorized personnel and service providers described in Section 6.

7.2 Opt-Out Rights

Opt-Out Rights. You may revoke your consent at any time and free of charge through any reasonable method, including the following:

• SMS/MMS: Reply STOP, END, CANCEL, UNSUBSCRIBE, or QUIT to any text message you receive from us. Reply HELP for help.
• Email: Click the “unsubscribe” link in any marketing email or reply with the word “UNSUBSCRIBE” in the subject line.
• Telephone: Tell the agent that you wish to be added to our internal Do-Not-Call list. We honor the National Do-Not-Call Registry and our internal Do-Not-Call list.
• Email request: Send your request to henry@privatestudentrelief.com.

Once you revoke consent through one of the methods above, we will treat your revocation as applying to all marketing channels for which you can identify yourself, in accordance with applicable law and FCC rules. We may continue to send transactional and service-related messages necessary to administer any services you have requested or contracted for. We maintain written records of consent and revocation as required by law.

8. Cookies, Pixels, SDKs, and Online Tracking

The Sites use cookies, web beacons, pixel tags, software development kits (SDKs), local storage, session-replay tools, and similar technologies (collectively, “Tracking Technologies”) to recognize your device, remember your preferences, measure Site performance, prevent fraud, deliver targeted advertising, and provide analytics. Categories include:

• Strictly necessary — required for the Sites to function (e.g., load balancing, security).
• Functional / preference — remember choices and improve usability.
• Analytics — help us understand how visitors use the Sites (e.g., Google Analytics).
• Marketing / advertising — deliver advertisements and measure their effectiveness on third-party platforms (e.g., Meta, Google Ads, TikTok, LinkedIn).

You can manage cookies through our on-site Cookie-Consent banner, your browser settings, and tools provided by ad-industry self-regulatory programs (such as the DAA WebChoices tool and the NAI opt-out). Disabling certain cookies may limit Site functionality. The deployment, configuration, and management of certain advertising tags, conversion pixels, analytics scripts, and remarketing audiences on our Sites is performed by our authorized agency E-ideas Limitada (Colombia) under our written instructions, as further described in Section 6.

Global Privacy Control (GPC) / Do-Not-Track. Our Sites recognize and honor browser-based opt-out signals such as GPC for residents of jurisdictions where GPC is recognized as a valid opt-out of “sale” or “sharing.” Because there is no industry consensus regarding traditional “Do Not Track” (DNT) browser signals, we generally do not respond to DNT, but we honor GPC.

9. Data Security

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, alteration, disclosure, loss, or destruction, in a manner reasonably designed to comply with applicable law (including the Gramm-Leach-Bliley Act Safeguards Rule, 16 C.F.R. Part 314, for the financial information we maintain). Safeguards include access controls, encryption in transit and (where appropriate) at rest, multi-factor authentication, vendor due-diligence and written-contract requirements, employee training, incident-response procedures, and periodic security testing.

No method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security, and you provide your personal information at your own risk. If we become aware of a security incident affecting your personal information, we will notify you and applicable regulators in accordance with applicable law.

10. Data Retention

We retain personal information for as long as needed to fulfill the purposes for which it was collected, to provide the services you requested, to comply with our legal, tax, accounting, audit, and regulatory obligations (which may require retention for several years after the end of the engagement), to resolve disputes, to enforce our agreements, and to defend or pursue legal claims. When personal information is no longer needed for these purposes, we delete, de-identify, or aggregate it in accordance with our records-retention schedule and applicable law.

11. Sensitive Personal Information — Limited Use

We use and disclose sensitive personal information (such as SSN, government-issued ID numbers, financial-account information, and the contents of your communications with us) only for the purposes expressly permitted under California Civil Code § 1798.121(a) and analogous provisions of other state laws, including: (i) to perform the services you reasonably expect from us; (ii) to detect, prevent, and respond to security incidents and fraudulent or illegal activity; (iii) to verify and maintain the quality and safety of our services; (iv) to comply with law and legal process; and (v) for the limited additional purposes permitted by regulation. We do not use sensitive personal information to infer characteristics about you for advertising.

12. Anti-Fraud Notice and Identity Verification

To protect our clients and prospective clients from impersonation, phishing, and consumer-relief scams, we want you to know:

• PSR will never ask you to send payment by gift card, wire transfer to a personal account, cryptocurrency, peer-to-peer cash apps to a personal handle, money order to an unidentified individual, prepaid debit card, or remotely created payment order.
• PSR will never request your full Social Security Number, full bank-account number, or full credit-card number by unsolicited SMS or email. Sensitive identifiers are collected only through secured intake processes after you have begun the engagement, and only to the extent necessary.
• PSR will never threaten arrest, deportation, license suspension, or wage garnishment to coerce you into paying or providing information. If you receive a communication of that kind purporting to be from PSR, it is a scam — do not engage, and report it to us at henry@privatestudentrelief.com.
• The only official channels for PSR are our website privatestudentrelief.com, the form at /apply/, telephone numbers and email domains we have published, and SMS short or long codes registered to PSR. Any communication from a different domain or look-alike domain is not authorized.
• We may verify your identity using reasonable means (including knowledge-based authentication, document verification, and third-party identity-verification vendors) before responding to data-rights requests, before disclosing account information, and before taking actions on a file. We may decline or delay any request that we cannot reasonably verify, that we suspect to be fraudulent, or that we suspect involves an attempted account takeover.

If you suspect that someone is impersonating PSR, please notify us promptly at henry@privatestudentrelief.com and consider filing a complaint with the U.S. Federal Trade Commission at reportfraud.ftc.gov and your state attorney general.

13. Your Privacy Rights

13.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the following rights, subject to verification and certain exceptions:

• Right to Know — the categories and specific pieces of personal information we have collected about you; the categories of sources; the business or commercial purposes for collection, sale, or sharing; and the categories of third parties with whom we share personal information.
• Right to Delete — request deletion of personal information we have collected from you, subject to legal exceptions (for example, when retention is needed to complete a transaction, comply with law, detect fraud, or defend legal claims).
• Right to Correct — request correction of inaccurate personal information.
• Right to Opt Out of Sale or Sharing — opt out of any “sale” of your personal information or any “sharing” for cross-context behavioral advertising. We honor GPC signals for this purpose.
• Right to Limit Use of Sensitive Personal Information — direct us to limit the use of your sensitive personal information to those purposes permitted under California Civil Code § 1798.121.
• Right to Data Portability — receive a copy of your personal information in a portable, readily usable format, where technically feasible.
• Right to Non-Discrimination — we will not discriminate against you for exercising any of these rights.
• Authorized Agents — you may use an authorized agent to submit requests; we will require written authorization and verification.
• Notice of Financial Incentive — we do not currently offer financial incentives in exchange for personal information.

To exercise these rights, contact us using the methods in Section 18. We will respond within the timeframes required by law (generally forty-five (45) days, with one possible forty-five-day extension upon notice).

13.2 Other U.S. State Residents

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa (ICDPA), Tennessee (TIPA), Indiana (INCDPA), New Hampshire, New Jersey, Delaware (DPDPA), Minnesota, Maryland (MODPA), Rhode Island, Kentucky, Nebraska, or another U.S. state with a comprehensive consumer-privacy law, you may have rights similar to those described above — including the right to access, correct, delete, port, opt out of targeted advertising and certain profiling, and (in some states) opt out of the sale of personal data and limit use of sensitive personal data. Florida residents who qualify under the Florida Digital Bill of Rights have additional rights regarding sensitive data and certain large-platform processors. Nevada residents may opt out of the sale of certain covered information under NRS 603A.

To exercise any of these rights, contact us using the methods in Section 18. Where the relevant law provides for an appeal of our decision, you may appeal by replying to our response within sixty (60) days. If your appeal is denied, you may contact your state attorney general.

13.3 Service-Member and Military Family Notice

If you are an active-duty service member or a covered dependent, you may have additional protections under the Servicemembers Civil Relief Act and the Military Lending Act. Please tell us so that we can take those protections into account.

13.4 EU/EEA, UK, and Switzerland (Information for International Visitors)

Our services are directed to U.S. residents in the 48 states we serve. We do not market services in the European Union, European Economic Area, United Kingdom, or Switzerland. If you are a resident of one of those regions and choose to interact with our Sites, we process your personal information based on (a) your consent, (b) the necessity of taking pre-contractual or contractual steps you request, (c) our legitimate interests (including operating and securing the Sites), and/or (d) compliance with legal obligations. You may have the rights of access, rectification, erasure, restriction, objection, portability, and the right to lodge a complaint with your supervisory authority. Contact us at the addresses in Section 18 to exercise these rights. Personal information we receive will be processed in the United States, which may not provide the same level of data protection as your home jurisdiction; by interacting with the Sites you acknowledge this transfer.

14. Financial-Privacy Notice (Gramm-Leach-Bliley Act)

To the extent we are deemed a “financial institution” under the Gramm-Leach-Bliley Act (15 U.S.C. § 6801 et seq.) for purposes of any specific service we provide to you, we will provide you with a separate GLBA Privacy Notice describing the information we collect, the parties with whom we share it, and your right to opt out of certain disclosures. The GLBA Privacy Notice supplements (but does not replace) this Policy.

15. Children’s Privacy

Our Sites and services are intended for adults who are at least eighteen (18) years of age. We do not knowingly collect personal information from children under thirteen (13) in violation of the Children’s Online Privacy Protection Act (COPPA) or from minors in violation of applicable state law. If you believe a child has provided us with personal information, please contact us immediately at henry@privatestudentrelief.com so that we can delete the information.

16. Third-Party Sites, Plug-Ins, and Social Media

Our Sites may contain links to, or content from, third-party websites, applications, plug-ins, or services (including social-media platforms). Those third parties operate independently of PSR and have their own privacy practices. We are not responsible for the content or privacy practices of third parties. We encourage you to review the privacy policies of every third-party site or service you visit.

17. Changes to This Policy

We may update this Policy from time to time. The “Last Updated” date at the top of this page indicates when this Policy was last revised. Material changes will be communicated by posting a prominent notice on the Sites and, where required by law, by direct notice to you. Your continued use of the Sites after the effective date of an update constitutes acceptance of the updated Policy.

18. How to Contact Us / Submit a Privacy Request

If you have questions about this Policy, wish to exercise any of the rights described above, or wish to submit a complaint, please contact us using one of the following methods. To help us respond promptly, please describe the nature of your request and provide enough information to allow us to verify your identity.

• Email: henry@privatestudentrelief.com
• Online form: www.privatestudentrelief.com/apply/
• Mail: JOCO Enterprises LLC — Privacy Office, 555 Anton Blvd., Suite 368, Costa Mesa, CA 92626, USA

Authorized agents acting on a consumer’s behalf must provide written authorization signed by the consumer and information sufficient to verify the agent’s authority. We may require the consumer to verify their own identity directly with us or to confirm with us that they have provided the agent with permission to submit the request.

19. International Data Transfers (Cross-Border Processing)

PSR is a U.S.-based company and the personal information we collect is primarily processed in the United States. However, certain limited categories of personal information — specifically online identifiers, internet/network-activity information, and limited contact information necessary for marketing, analytics, advertising, search-engine optimization, and Site administration — may be accessed by our authorized agency E-ideas Limitada, located in the Republic of Colombia, acting under our written instructions and applicable contractual data-protection commitments. Colombia has been recognized by the European Commission and other authorities as a jurisdiction with data-protection legislation (Ley Estatutaria 1581 de 2012 and Decree 1377 of 2013) that imposes obligations comparable in many respects to those in the United States. By using the Sites, you acknowledge and consent to this limited cross-border processing for the purposes described in this Policy. Where you are a resident of a jurisdiction that requires a specific legal basis or transfer mechanism for cross-border processing (such as the EU/EEA, the United Kingdom, or Switzerland), the additional information in Section 13.4 applies.

20. State-Specific Notices and Service Limitations

• Service Area. PSR provides consulting services to residents of forty-eight (48) U.S. states. PSR does not offer services to residents of South Carolina or Mississippi.
• California Shine the Light (Civil Code § 1798.83). California residents may request a list of categories of personal information disclosed to third parties for direct-marketing purposes during the prior calendar year. To make such a request, contact us at the addresses in Section 18.
• Nevada (NRS 603A.340). Nevada residents may submit a verified request to opt out of any future sale of certain covered information.
• New York SHIELD Act. We maintain a written information-security program reasonably designed to comply with the New York SHIELD Act for the personal information of New York residents.
• Washington My Health My Data Act. We do not knowingly collect “consumer health data” as defined under the Washington My Health My Data Act. If you believe you have provided such information, contact us so we can address your request.

21. Limitation of Liability and Disclaimer (Privacy Context)

Subject to applicable law and to the limitations of liability set forth in our Terms of Service, our liability for any privacy-related claim is limited as set forth in those Terms. Nothing in this Policy excludes or limits any liability that cannot be excluded or limited under applicable law, including (where applicable) any non-waivable rights under the CCPA. The information and educational content on the Sites is provided “as is” for general informational purposes only and is not a substitute for legal, tax, or financial advice from a licensed professional.

22. Governing Law and Venue

This Policy is governed by the laws of the State of California, without regard to conflict-of-laws principles, except where mandatory consumer-protection laws of your state of residence provide otherwise. Any dispute arising out of or relating to this Policy shall be resolved in accordance with the dispute-resolution provisions (including the binding individual arbitration agreement and class-action waiver) set forth in our Terms of Service.

23. Severability

If any provision of this Policy is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, that provision shall be enforced to the maximum extent permissible, and the remaining provisions shall remain in full force and effect.

Private Student Relief is owned and operated by JOCO Enterprises LLC, located at 555 Anton Blvd., Suite 368, Costa Mesa, CA 92626. We are a private-student-loan-payment-relief consulting organization. We are not a law firm, debt-settlement company, debt-consolidation company, or loan provider. We do not provide legal, tax, or financial advice. We do not assume consumer debt or make payments to creditors on your behalf. We help clients reduce their private student loan payments through debt-validation consulting and lender-negotiation strategies. Results vary based on individual financial circumstances. Not available in South Carolina or Mississippi. Calls may be recorded for quality and training purposes.