What data do we collect?
While CU cannot see individual conversations, aggregate and user level metadata is collected to measure usage and adoption.
CU collects the following user information:
Identity & Account Fields
- name - User’s display name associated with the account.
- email - Institutional email address tied to the account (used for login/SSO).
- role - Tenant-level permission role (e.g., admin, member, owner).
- user_role - Organization-defined role classification (e.g., faculty, student, staff) if configured.
- department - Department or organizational unit assigned to the user (if provisioned via directory sync or manually set).
- groups - Workspace or access groups the user belongs to (used for permissions or reporting segmentation).
- user_status - Current account state (e.g., invited, active, suspended, deactivated).
- created_or_invited_date - Date the account was created in the tenant or the invitation was sent.
- is_active - Boolean (true/false) indicator of whether the account is currently enabled.
- account_id - Internal unique identifier for the user account within the tenant (system-generated).
- public_id - An external-facing unique identifier that may be used in reports or APIs instead of the internal account ID.
Activity Tracking Fields
- first_day_active_in_period - First date the user was active within the selected reporting time window.
- last_day_active_in_period - Most recent date the user was active within the selected reporting time window.
- last_day_active - Most recent date of activity overall (not limited to a filtered period).
Message & Usage Metrics
- message count - Total number of messages sent by the user in the selected reporting period.
- messages_rank - User’s relative ranking in the tenant based on message volume (e.g., 5th highest sender).
Model Usage Fields
- gpts_messaged - Count of distinct GPT models the user interacted with.
Tool Usage Fields
- tools_messaged - Number of distinct tools used by the user.
Project Usage Fields
- projects_messaged - Number of distinct Projects the user interacted with.
- projects_created - Number of Projects the user has created.
Consumption & Billing
- credits_used - Amount of usage credits consumed by the user during the reporting period (used for cost tracking or allocation).
CU collects the following operational information:
Model Usage Fields
- model_to_messages - Breakdown mapping of which models were used and how many messages were sent to each.
- gpt_messages - Total messages sent to standard GPT models.
- gpt_to_messages - Per-model breakdown of message counts (e.g., GPT-4o: 120 messages, GPT-4.1: 35).
Tool Usage Fields
- tool_messages - Total messages involving built-in tools (e.g., data analysis, file tools).
- tool_to_messages - Breakdown showing how many messages were associated with each tool.
Project Usage Fields
- project_messages - Total messages sent within Projects (if Projects feature is enabled).
- project_to_messages - Breakdown of message volume by individual Project.
How do we use the data we collect?
Data is collected to better understand adoption and use patterns. We may use data to efficiently troubleshoot and resolve reported service problems.
How long do we retain Wi-Fi data?
User metadata is available for a 90-day rolling window
How do we share data?
CU IT cannot view individual conversations. Your chats are private by default and are not used to train OpenAI’s models.
When required to meet legal obligations, authorized university officials may request access to specific data through established legal processes. In all cases, CU Boulder follows the Colorado Open Records Act (CORA) and adheres to APS 2022, applying all applicable exceptions and exclusions to protect individual privacy whenever possible.
If you’d like to learn more about how CORA applies to university employees, you can review the university's open records policy or visit the open records request page.
