What data do we collect?
While CU cannot see individual conversations, aggregate and user level metadata is collected to measure usage and adoption.
CU collects the following user information:
Identity & Account Fields
- name - User’s display name associated with the account.
- email - Institutional email address tied to the account (used for login/SSO).
- role - Tenant-level permission role (e.g., admin, member, owner).
- user_role - Organization-defined role classification (e.g., faculty, student, staff) if configured.
- department - Department or organizational unit assigned to the user (if provisioned via directory sync or manually set).
- groups - Workspace or access groups the user belongs to (used for permissions or reporting segmentation).
- user_status - Current account state (e.g., invited, active, suspended, deactivated).
- created_or_invited_date - Date the account was created in the tenant or the invitation was sent.
- is_active - Boolean (true/false) indicator of whether the account is currently enabled.
- account_id - Internal unique identifier for the user account within the tenant (system-generated).
- public_id - An external-facing unique identifier that may be used in reports or APIs instead of the internal account ID.
Activity Tracking Fields
- first_day_active_in_period - First date the user was active within the selected reporting time window.
- last_day_active_in_period - Most recent date the user was active within the selected reporting time window.
- last_day_active - Most recent date of activity overall (not limited to a filtered period).
Message & Usage Metrics
- message count - Total number of messages sent by the user in the selected reporting period.
- messages_rank - User’s relative ranking in the tenant based on message volume (e.g., 5th highest sender).
Model Usage Fields
- gpts_messaged - Count of distinct GPT models the user interacted with.
Tool Usage Fields
- tools_messaged - Number of distinct tools used by the user.
Project Usage Fields
- projects_messaged - Number of distinct Projects the user interacted with.
- projects_created - Number of Projects the user has created.
Consumption & Billing
- credits_used - Amount of usage credits consumed by the user during the reporting period (used for cost tracking or allocation).
CU collects the following operational information:
Model Usage Fields
- model_to_messages - Breakdown mapping of which models were used and how many messages were sent to each.
- gpt_messages - Total messages sent to standard GPT models.
- gpt_to_messages - Per-model breakdown of message counts (e.g., GPT-4o: 120 messages, GPT-4.1: 35).
Tool Usage Fields
- tool_messages - Total messages involving built-in tools (e.g., data analysis, file tools).
- tool_to_messages - Breakdown showing how many messages were associated with each tool.
Project Usage Fields
- project_messages - Total messages sent within Projects (if Projects feature is enabled).
- project_to_messages - Breakdown of message volume by individual Project.
How do we use the data we collect?
Data is collected to better understand adoption and use patterns. We may use data to efficiently troubleshoot and resolve reported service problems.
How long do we retain Wi-Fi data?
User metadata is available for a 90-day rolling window
How do we share data?
CU cannot see individual conversations. Your conversations are private to you by default and not used to train OpenAI’s models.
As with all Colorado Open Records Act (CORA) requests, CU Boulder strictly adheres to APS 2022 and CU's CORA request process, and, to the extent possible, withholds information allowed by the exceptions and exclusions to CORA in an effort to protect individual privacy. Since CU IT does not have access to view chats, in the event of a CORA request, University Legal Counsel makes a request to OpenAI. If you would like more information about how the open records act applies to university employees, you can check out the university open records policy or get more information on our open records request page.
