Last Updated on June, 29, 2026
Introduction
University AI provides an AI-powered campus companion to universities under a B2B SaaS license. This policy
explains what information we collect, how we use it, and the rights you have over your information. Special protections
apply to FERPA-covered education records.
Who This Applies To
● Students whose universities have licensed CampusAI
● University staff who use CampusAI in their professional capacity
● Visitors to public CampusAI properties
Information We Collect
● Account information — name, university email, role; for students this comes from the university's IdP via SSO
● Conversation content — messages sent to the assistant; stored in a tenant-isolated database
● Profile and preferences — collected through onboarding and refined through use
● Academic and career artifacts uploaded by the user (resumes, transcripts, applications) — treated as restricted FERPA-covered data when applicable
● Operational telemetry — pages visited, features used, errors
● Device and network — browser type, IP address (for security and abuse prevention)
How We Use Information
● Deliver the product
● Improve the product (aggregated, de-identified analytics)
● Ensure security
● Respond to support requests
University AI does not use conversation content to train foundation models, does not sell personal information, and does not share personal information for advertising.
Sharing
We share information only with:
● The customer university (the tenant administrator) under contract
● Sub-processors are listed at campusai.app/subprocessors; the current set includes AWS (infrastructure), Google Cloud (language model), and Google Workspace (identity).
● Authorities, where compelled by valid legal process
You can also view more info of our AI use and limitations at at campusai.app/ai-limitations-disclosure.
Retention
Restricted (FERPA education-record) data is retained for the term of the tenant contract and deleted within 30 days of tenant off-boarding or a verified deletion request, subject to FERPA and institutional obligations. Operational telemetry is retained on a limited basis (see the Data Management Policy).
Your Rights
Access, correction, deletion, and portability per applicable law. Contact privacy@campusai.app. We respond within 30 days, subject to applicable law and the customer contract.
Security
University AI is undergoing a SOC 2 Type I audit. Commitments include four-layer tenant isolation, encryption in transit and at rest, least-privilege access control, and continuous vulnerability scanning of shipped images.
Children
CampusAI is not directed to children under 13. Where a tenant university enrolls users under 13, the university is the data controller.
International
Data resides in us-east-1 (United States).
Contact
● privacy@campusai.app
● security@campusai.app
Approved by: Aiden Polinsky, Founder & CEO
UniversityAI, Inc.
Signature: __________________________ Date: 2026-06-29