Privacy Policy
1. Information We Collect
We collect the following types of data:
A. Information You Provide Directly
When you register or interact with the platform, we collect:
Personal Information: First name, last name, email, username, password (encrypted).
Profile Information: Languages spoken, affiliation, areas of expertise.
Contributor Submissions: Course materials, case studies, and teaching resources, which may or may not be directly related to OpenCC’s brand. These are collected with contributor consent.
Communication Data: Messages sent through the platform and feedback submissions.
B. Information Collected from AI Chatbots
User Discussions: AI-powered chatbots store discussions related to syllabus creation, topic searches, and material recommendations.
AI Processing: Conversations are used to improve responses but are not used for training external AI models.
C. Information Collected Automatically
Usage Data: Pages visited, actions taken, time spent on the platform.
Device & Browser Information: IP address, device type, operating system, browser type.
● Bot Protection & Security Measures:
reCAPTCHA is used to prevent automated abuse and protect user accounts.
Advanced bot protection mechanisms detect and block suspicious activity.
D. Information from External Databases & AI Processing
Contributor Submissions & AI Enhancements:
Course materials, case studies, and teaching resources may be stored in external vector databases like Pinecone for AI-powered contextual enhancements.
These databases enable AI models to retrieve relevant information for improved content recommendations.
Contributor Consent: All contributor materials are stored and used with the explicit consent of the contributor when they agree to the Terms and Services.
Third-Party AI & Search Services:
Tavily Web Search:
When performing web searches through Tavily, we only send plain text queries.
We never transmit institutional IP addresses or other identifiable metadata.
○ OpenAI Assistants API:
■ AI-generated responses may leverage Tavily search results but exclude non-relevant personal data.
E. Information Processed for Slide Generation
Plain Text Processing:
When users request a slide presentation, we only send structured plain text
arrays (bullet points, headings, and key content).
No user credentials, IPs, or personal data are sent with the request.
API Hosting & Output:
The SlideSpeak API processes the request and returns a URL where the generated presentation is hosted on their servers.
OpenCC does not store, modify, or control the hosted slides after generation.
● Customization Options:
Users can specify the number of slides, template, language, tone, verbosity, inclusion of images, and branding preferences.
A slide-by-slide mode allows defining content per slide before submission to the API.
2. How We Use Your Information
We collect and process data to:
Provide and personalize your experience on OpenCC.
Enable AI-powered syllabus creation, material recommendations, and contextual enhancements.
Generate slide presentations via the SlideSpeak API using only plain text arrays.
Enhance security, prevent fraud, and block automated bots.
Improve platform functionality based on user behavior and feedback.
Store contributor submissions in external vector databases (e.g., Pinecone) to enhance AI retrieval capabilities.
Ensure compliance with legal and regulatory requirements.
3. How We Protect Your Data
We implement strict security measures to protect your data:
Password Encryption: All passwords are securely encrypted and never stored in plain text.
End-to-End Security: Data transmissions are protected by SSL/TLS encryption.
Access Controls: Only authorized personnel can access critical system data.
Bot Protection & reCAPTCHA: Prevents malicious bots from accessing the platform.
External Database Security: Data stored in Pinecone is encrypted and access-restricted for AI contextual retrieval only.
Secure Slide Generation: Plain text data sent to the SlideSpeak API does not include
personal or identifiable user information.
Despite these measures, no online system is 100% secure. Users are encouraged to use strong passwords and enable two-factor authentication (if available).
4. Data Sharing & Third-Party Services
We do not sell or rent your personal data. However, we may share information in specific situations:With Other Users (Limited Profile Data):
Your name, affiliation, languages spoken, and areas of expertise may be visible to other registered users including individual members of Columbia University.
If you contribute materials, your name is linked to your submissions.
With AI & Search Services (Without Personal Data):
Tavily Web Search: We only send plain text queries and never transmit IP addresses from institutions or other identifiable metadata.
OpenAI Assistants API: AI-generated responses may reference Tavily search results, but personally identifiable information is never included.
With Slide Generation API Services (Strictly Controlled):
We only send structured plain text content to the API (titles, bullet points).
The API returns a URL where the generated slides are hosted on their servers.
No personal data, IPs, or user credentials are transmitted during this process.
For Legal & Security Purposes:
● If required by law or necessary to protect platform integrity, we may share data with law enforcement or regulatory bodies.
With Service Providers (Under Strict Agreements):
● We use third-party analytics or cloud hosting services that comply with strict data protection standards.
5. Your Rights & Choices
You have control over your data and can:
Access & Update Your Information: Edit your profile details anytime from your dashboard.
Delete Your Account: Request account deletion, and we will erase associated personal data (except where required for legal compliance).
Opt-Out of AI Processing: You can disable AI-assisted features in your settings if you do not wish for your discussions to be processed by AI.
Control Cookies: Modify browser settings to limit cookie tracking (may affect platform functionality).
For any data access, correction, or deletion requests, please contact Aleksey Przhevalskiy at ap4395@gsb.columbia.edu
6. Data Retention & Deletion
We retain personal information only as long as necessary to provide platform services.
If an account is inactive for 24 months, it may be automatically deleted.
Contributor-submitted materials may remain on the platform for educational purposes, unless the contributor requests removal.
7. Cookies & Tracking Technologies
Essential Cookies: Required for authentication and security.
Analytics Cookies: Help us understand user behavior (can be disabled).
Third-Party Cookies: Used by embedded services like AI tools (subject to third-party privacy policies).
You can modify cookie settings in your browser.8. Children’s Privacy
OpenCC is intended for educators and professionals.
We do not knowingly collect data from users under 16. If you believe a minor has provided personal data, please contact us for removal.
9. Policy Updates & Notifications
We may update this policy to reflect changes in technology, legal requirements, or platform features.
Users will be notified of significant updates via email or platform alerts.
Continued use of OpenCC after policy updates indicates acceptance of the revised terms.