Account email, your self-entered academic profile (program, completed courses, grades you provide), and your choices within the app (selections, decisions). We do not collect official transcripts from the university.
To generate course recommendations, graduation-feasibility analysis, path planning, and decision support. With your consent, your academic data is processed by an AI provider (Anthropic) to produce these outputs. Recommendations are advisory and traceable to official UTSC rules — they are not a guarantee of any outcome.
The Service's application and live database run on cloud infrastructure located in the United States (AWS us-east-1, Northern Virginia). Your operational data is therefore primarily stored and processed in the United States. Encrypted backups are held in Canada (AWS ca-central-1, Montreal) and replicated to the United States (AWS us-west-2, Oregon) for disaster-recovery resilience.
Academic data sent for AI processing is handled per Anthropic's data terms. We send only what is needed to produce your requested analysis.
Operational data is retained while your account is active. Backups follow a 35-day retention cycle. Tax-reminder consent records are retained as required for CASL/compliance evidence.
Encryption at rest (KMS customer-managed keys) and in transit (TLS), access controls, least-privilege service credentials, and audited backup/restore procedures.
You may request access to, correction of, or erasure of your personal information. Erasure is available in-app; for access/correction requests, contact us below.
Privacy questions or requests: privacy@courselink.top
CourseLink is an MVP supporting UTSC students only. This policy will be updated as the service evolves. Authoritative backup region & cross-border analysis: internal governance doc BACKUP_REGION_PIPEDA_ANALYSIS_2026-06-14.