Current federal update: SAVE is no longer available for new enrollment, and affected borrowers should watch for July 1, 2026 repayment-plan notices. Start with the SAVE guide.

Privacy Policy

Last updated: April 7, 2026

What we collect

Assessment session data. When you use the assessment tool, we generate a random session ID and store your assessment inputs and results. This data does not include your name, Social Security number, or loan account numbers, but it is connected to the email address required to generate your assessment.

Email address. We store your email address so we can send your assessment recap and relevant policy changes. We also submit your assessment answers and routing summary to Formspree so the request can be handled as a lead. We do not sell your email address.

Anonymous analytics. We use Vercel Analytics and PostHog to understand how the site is used. These tools collect anonymized data about page views and user interactions. No personally identifying information is collected through these tools.

What we do not collect

  • Your name
  • Your Social Security number
  • Your loan account numbers
  • Your precise income amount unless you choose to share it elsewhere
  • Your location beyond what your browser sends by default

How we use your data

  • To generate and display your assessment report
  • To send assessment recaps and relevant policy update emails
  • To create lead records from your assessment answers
  • To improve the site and the rules engine using anonymized, aggregated patterns
  • To publish original research on borrower confusion patterns in aggregated form

Data retention

Session data is stored for 7 days in session storage. Cached reports are stored for up to 30 days. Email subscriber and lead data is retained until you request deletion or unsubscribe from follow-up emails.

Your rights

You can request deletion of your data at any time by emailing us at privacy@studentdebt.ai. If you subscribed to emails, you can unsubscribe by following the instructions in any email we send.

Third-party services

We use OpenRouter for report wording, Vercel for hosting and session storage, Supabase for database storage, Resend for email, Formspree for lead capture, and PostHog for analytics. Each service has its own privacy policy.