Going Merry

The short answer is: We use bank-level data encryption methods and best-in-class data storage solutions, to keep your data safe. And we never sell your FAFSA® data on to any third parties.

Our servers and databases are hosted on Amazon Cloud (part of Amazon Web Services (AWS)), which meets the requirements of the most security-sensitive organizations. For more details on certifications, laws, regulations, and privacy on AWS, please see: <a href="https://aws.amazon.com/compliance/" rel="nofollow noopener noreferrer" target="_blank">https://aws.amazon.com/compliance/</a>.

AWS has a range of security features such as firewall, malware detection, antivirus, and access controls that we have deployed to ensure user privacy is not compromised. 

In addition, the AWS infrastructure has audit-friendly service features with applicable compliance or audit standards. Other users of AWS include Capital One and NASA.

- Our servers and databases are hosted on Amazon Cloud (part of Amazon Web Services (AWS)), which meets the requirements of the most security-sensitive organizations. For more details on certifications, laws, regulations, and privacy on AWS, please see: <a href="https://aws.amazon.com/compliance/" rel="nofollow noopener noreferrer" target="_blank">https://aws.amazon.com/compliance/</a>. 
- AWS has a range of security features such as firewall, malware detection, antivirus, and access controls that we have deployed to ensure user privacy is not compromised. 
- In addition, the AWS infrastructure has audit-friendly service features with applicable compliance or audit standards. Other users of AWS include Capital One and NASA.

Our data storage applies full disk encryption, split knowledge, and dual control of keys to ensure maximum security and to meet PCI compliance.       

All network communications with our cloud are encrypted by a secure network transport layer. This provides end-to-end encryption and integrity checks on all communication between the user and Going Merry.

- Our data storage applies full disk encryption, split knowledge, and dual control of keys to ensure maximum security and to meet PCI compliance.       
- All network communications with our cloud are encrypted by a secure network transport layer. This provides end-to-end encryption and integrity checks on all communication between the user and Going Merry.

We have access control policies in our software that ensure that nobody can access our database from the public internet. That is, only authorized users can access personally identifiable information (PII).

Further, all activity on our site is internally audited so we know who has accessed and updated information.

- We have access control policies in our software that ensure that nobody can access our database from the public internet. That is, only authorized users can access personally identifiable information (PII).
- Further, all activity on our site is internally audited so we know who has accessed and updated information.

Want more info, or have additional questions?

Review our entire privacy policy at <a href="https://app.goingmerry.com/privacy" rel="nofollow noopener noreferrer" target="_blank">app.goingmerry.com/privacy</a>

Contact us with questions at <a href="mailto:security@goingmerry.com" rel="nofollow noopener noreferrer" target="_blank">security@goingmerry.com</a>

- Review our entire privacy policy at <a href="https://app.goingmerry.com/privacy" rel="nofollow noopener noreferrer" target="_blank">app.goingmerry.com/privacy</a>
- Contact us with questions at <a href="mailto:security@goingmerry.com" rel="nofollow noopener noreferrer" target="_blank">security@goingmerry.com</a>