Path2College 529 Plan
privacy policy

Georgia Higher Education Savings Plan privacy policy

Please read this notice carefully. It gives you important information about how the Georgia Education Higher Education Savings Plan (the “Plan”) uses and protects personal information when you visit or when you submit documents via mail, email or in person in connection with the Plan through its Program Manager, TIAA-CREF Tuition Financing, Inc. (“TFI” or “we”). Subject to the “Changes to our privacy policy” section below, this policy applies to all account owners in the Plan and visitors.

Information we may collect

We, on behalf of the Plan, may collect personal information about you, the successor account owner and beneficiary from various sources to provide information requested by you about the Plan, as well as to transact business with you, including to service and maintain your account in the Plan. We may obtain this personal information (which may include Social Security Number or Individual Taxpayer Identification Number [ITIN] and date of birth belonging to the account owner, successor account owner and beneficiary) in any of the following ways:

  • you provide it on the Plan enrollment form ("Application");
  • you provide it on other Plan forms;
  • you provide on the Plan's website or it is collected through "cookies" and similar text files;
  • you provide it during consultations;
  • you provide it on sweepstakes or promotional materials;
  • we obtain it to complete your requested transactions;
  • third parties the account owner authorizes to provide information to the Plan; or
  • third parties the account owner designates to have access to the Plan.

How your information is shared and used

TFI does not disclose your personal information to any third parties so that they can market their products and services to you.

As permitted by law or contract, TFI may disclose your information to those service providers, affiliated and non-affiliated, hired by us on behalf of the Plan and which need the information to respond to your inquiries and/or to service, maintain your account and improve the Plan’s ability to serve you and enhance your Plan benefits.

The affiliated and non-affiliated service providers who receive your personal information may use it to:

  • process your Plan transactions;
  • provide you with Plan materials;
  • mail you Plan account statements;
  • mail, email or digitally provide you Plan communications; and
  • maintain the Plan website.

These service providers provide services at TFI’s direction and include marketing agencies, fulfillment companies, printing and mailing facilities. Under their agreements with TFI, these service providers are required to keep your personal information confidential and to use it only for providing the contractually required services.

For your convenience, the Plan has arranged with TFI to display your account information at, the website of TFI’s affiliate, Teachers Insurance and Annuity Association of America (including its financial affiliates, collectively, “TIAA”), in the event that you hold a retirement plan account or a retail financial account with TIAA.

Your Plan account information shall only be shared for this limited purpose. However, if you prefer not to share your information with TIAA in this manner, you may opt-out in the Plan website.

The Plan has also facilitated the inclusion of your Plan account information in TIAA’s financial planning advisory tools. At and any of its digital tools, your personal information will be stored and processed in accordance with the TIAA Privacy Notice, Terms of Use and Security.

In addition, TFI may be required by law to disclose your personal information to government agencies and other regulatory bodies (for example, for tax reporting purposes or to report suspicious transactions).

Security of your information

TFI protects the personal information you provide against unauthorized access, disclosure, alteration, destruction, loss or misuse. Your personal information is protected by physical, electronic and procedural safeguards in accordance with federal and state standards. These safeguards include appropriate procedures for access and use of electronic data, provisions for the secure transmission of sensitive personal information on the Plan’s website, and telephone system authentication procedures.

Changes to our privacy policy

TFI periodically reviews this privacy policy and its related practices and procedures. Any changes to this privacy policy will become effective upon posting of the revised privacy policy on If we make material changes to the privacy policy, we will notify you by means of a prominent notice on the Plan’s website prior to the change becoming effective.

Notice about online privacy

The personal information that you provide through the Plan website is handled in the same way as the personal information that you provide by any other means, as described above. This section of the notice gives you additional information about the way in which personal information that is obtained online is handled.

Online enrollment, account access and online transactions

When you visit the Plan website, you can go to pages that are open to the general public or log on to protected pages to enroll in the Plan, access information about your account or conduct certain transactions on your account. Once you have opened an account in the Plan, access to the secure pages of the Plan’s website is permitted only after you have created a Username and Password by supplying your Social Security Number or Taxpayer Identification Number, Account Number and zip code. The Username and Password must be supplied each time you want to access your account information online. This information serves to verify your identity.

When you enter personal data into the Plan website (including your Social Security Number or Taxpayer Identification Number and your Password) to enroll or access your account online, you will log in to secure pages where we use Transport Layer Security (TLS) protocol for protecting information.

To use this section of the Plan website you need a browser that supports TLS encryption and dynamic web page construction.

If you provide personal information to effect transactions on the Plan website, a record of the transactions that you have performed while on the site is retained by the Plan.

Other personal information provided by you on the plan website

If you decide not to enroll online and you want to request that Plan enrollment materials to be mailed to you, speak with a consultant, attend a Plan webinar, or you want to subscribe to receive additional Plan information, you can click on various sections of the Plan website (i.e., the Request Information page, GA 529 at Work, or request e-communications directly from the home page) to provide your name, mailing address and e-mail address, respectively. The personal information you provide on the Plan’s website will be stored and used to market the Plan more effectively.

When you visit the Plan’s website, we may collect information about your use of the site through "cookies." Cookies are small bits of information transferred to a computer's hard drive that allow us to know how often a user visits our site and the activities they are most interested in performing. By visiting the Plan’s site, you are deemed to accept such cookies to enable you to take full advantage of specific services offered. We may also require you to accept cookies placed by a third party supporting this activity on behalf of the Plan.

The cookies collect certain technical and navigational information only, such as computer browser type, internet protocol address, pages visited and average time spent on our websites. In addition, we capture the paths taken as you move from page to page (i.e., your "click stream" activity). This information allows us to enhance your experience while on our site.

Finally, we use cookies to establish and maintain a logged-in connection while you are in the secure section(s) of our website. For example, when you visit your account, perform transactions, update contact information or perform other activity, the cookie allows you to navigate from page to page in a secure fashion without having to repeatedly log in.

External links

The Plan may, from time to time, contain links to external sites operated by third parties. We are not responsible for these third-party sites or the content of such third-party sites. Once you have left the Plan website, we cannot be responsible for the protection and privacy of any information that you provide. You should exercise caution and look at the privacy policy of any website you visit.

Internet tracking disclosure

We do not have the protocol that offers you the choice to opt-out of internet tracking. You may reset your web browser to enable “do not track” functionality if your browser supports it.

Online Behavioral Advertising

Online Behavioral Advertising is a marketing approach where information is collected about consumers and their browsing behavior and used to share ads targeted at their interests.

You may opt out of Online Behavioral Advertising by visiting the Digital Advertising Alliance (DAA) and following the opt-out instructions.

Note: Opting out of Online Behavioral Advertising will not remove advertisements from the pages you visit. You will simply see general advertisements that aren’t targeted at your interests.

Obtaining additional information

You may call the Plan toll-free at 1-877-424-4377 or write to the Plan at Path2College 529 Plan, PO Box 219293, Kansas City, MO 64121-9293.

©20232024 TIAA-CREF Tuition Financing, Inc.