Introduction
UMass Amherst is committed to preserving and maintaining the privacy of UMass GenAI Platform users. Use of this platform is governed by University of Massachusetts Amherst policies, including the Acceptable Use Policy, Information Privacy Policy, and Confidentiality of Information Policy of UMass Amherst. For more on responsible AI use, see UMass Amherst’s guide on Responsible Use of AI.
Users
This Privacy Statement applies to all users of the GenAI Platform, regardless of their relationship to UMass Amherst.
Information gathering
We collect information from you when you register and log into the platform for the first time, and when you interact with the Platform.
Automatically Collected Data: When you log in, we collect information that is already known by UMass Amherst’s identity management system, such as your name, email address, and affiliations within your institution.
Content Data: This includes inputs, files, outputs, and logs related to interactions with the GenAI platform.
Technical Connection Data: IP address or browser details may be used by underlying networking infrastructure for traffic routing and authentication purposes, but this information is not stored or accessed by the platform.
Access to information
As stated in the “Institutional Information and Data Custodians” section of the Confidentiality of Information and Research Data Policy, institutional information and data custodians (any individuals who access, manage, or manipulate institutional information or research data) must follow campus policy and stewardship rules for handling of institutional information and research data, which requires adherence to ethical, legal, and professional standards.
As with other university services, a small number of UMass developers are able to access information shared in the platform, but only do so if required in compliance with the Acceptable Use Policy, Information Privacy Policy, and Confidentiality of Information Policy of UMass Amherst.
Use of information
Automatically collected information like your name, email address, and institutional affiliations is used for user authentication and management purposes. Login and activity logs are used to help support service administration, troubleshooting, user support, and system maintenance.
Chat history and related content data are stored to process user interactions in the platform (i.e. providing users with access to their saved chat history). It is never used to train models or profile users, and users can manually delete their data at any time.
IP address or browser details may be used by underlying networking infrastructure for traffic routing and authentication purposes, but this information is not stored or accessed by the platform.
How we protect your information
User data is encrypted both in transit and at rest using industry standard protocols. This means all data shared between your browser and our system is protected through encryption, so your data is safe while it’s being sent. Data that is being temporarily stored (for example, to help with your chat sessions) is also encrypted.
In addition:
- Your data is not used to train any of the models accessible from this platform.
- The platform is approved for Level 3 Data at this time.
- User files and chat histories are securely stored on our platform until they are deleted by users. The Temporary Chat feature is coming soon in the platform as a no-history, no-storage option for users. These chats are excluded from search results, cannot be bookmarked, and are automatically deleted after 30 days.
- No information entered within one user’s chat can be accessed, remembered, or used in another user’s chat (or even across your own separate chats).
Sharing of information
Third party websites, tools, and plugins
We do not sell or rent personal information to third parties. Third parties are not permitted to analyze data input through our models without explicit permission from us.
The platform may include links to third-party websites, tools, or plugins, whether we have formal affiliations with them or not. If you choose to use these tools, you are responsible for understanding and accepting the terms and data practices of their respective providers.
Some of your input data may be securely sent to their respective providers to enable plugin functionality, such as processing requests, retrieving external data, or performing specific tasks. For example, the platform uses a Google Search plugin to provide up-to-date information from the web – just like with any typical Google or web search you might make outside of the platform, the content of your question is used to generate a contextual response.
These third-party websites, tools, and plugins are governed solely by their respective terms and privacy policies. We are not responsible for the privacy practices of external websites, tools, or plugins.
Necessary disclosure of information
We may disclose any personally-identifiable information you provide under the following circumstances:
- If instructed, or reasonably believed required, by an authority to comply with any law, regulation, governmental request, or judicial or legislative process;
- If such disclosure is necessary or appropriate to operate this website, to process any requests you make, or to conduct any services or promotions in which you participate;
- To protect the rights and property of The University of Massachusetts, its administrators, community members, sponsors, or affiliates, including the right to limit fraud and misconduct in cases where it is reasonably suspected.
Cookies
Cookies are small files stored on your computer through your browser with information about your use of a website. Cookies help improve the experience for returning visitors by recognizing them and providing a more personalized experience.
The GenAI Platform uses cookies for authentication and session management purposes to keep users logged in between requests and avoid re-authentication after every interaction or page load.
Additionally, you may have encountered third party cookies along the path to finding our platform. For example, Google may use cookies to track click behavior from its search results. In such cases, cookie use and privacy are governed solely by the terms and policies of the third party.
Your browser has settings that control the use of cookies on your computer. Each browser is a little different; consult your "Help" menu for specific instructions to modify your cookie settings. If you turn off cookies, some features on our platform may not work; we recommend having cookies turned on. In addition, add-ons are available for some browsers (including Google Chrome) to control handling of individual users' cookies. You may opt out of all Google advertising by visiting this link: https://tools.google.com/dlpage/gaoptout/
Users accessing from the EU
If you are accessing the platform from the European Union (EU), personal information you provide to the University may not be subject to the EU General Data Protection Regulation (GDPR). The GDPR replaces the Data Protection Directive 95/46/EC and was designed to strengthen data privacy protections for EU residents. For more information about GDPR’s impact and its application to personal information provided to the University, please visit the GDPR Website.
Changes to this Privacy Statement
We may change the terms of this privacy policy at any time. Any changes will be reflected on this page. This Privacy Statement was last updated 7/24/2025.
Consent
By accessing and using the GenAI Platform, you consent to all terms contained in this Privacy Statement.
About the GenAI Platform
The GenAI Platform is developed and maintained by UMass Amherst IT and Center for Data Science and Artificial Intelligence.
Frequently Asked Questions
Can anyone else at UMass Amherst access the content I share with or generate using the Umass GenAI Platform?
No, information shared with the GenAI Platform is restricted to your account and not accessible by others using the GenAI Platform. As with other university services, a small number of UMass developers are able to access information shared in the platform, but only do so if required in compliance with the Acceptable Use Policy, Information Privacy Policy, and Confidentiality of Information Policy of UMass Amherst.
Does the GenAI Platform “remember” things between sessions?
No, each new chat starts fresh, with no memory of past conversations. If you reopen and continue an existing conversation, it will remember context from your conversation. No information entered in one user’s chat can be accessed, remembered, or used in another user’s chat (or even your own separate chats).
Does anyone at UMass Amherst review content entered into or generated by the GenAI Platform?
No. We are committed to making the platform a trusted space for exploration and experimentation with AI.
In rare circumstances, the University may be required to review data in compliance with the Acceptable Use Policy, Information Privacy Policy, and Confidentiality of Information Policy.
What type of information can I share with the GenAI Platform?
Currently, you can share up to Level 3 Data.
What kind of user chat data is stored and for how long?
User files and chat histories are securely stored on our platform until they are deleted by users. Stored chat data is used solely to provide users with access to their saved chat history. It is never used to train models or profile users, and users can manually delete their data at any time. The Temporary Chat feature is a no-history, no-storage option for users. These chats are excluded from search results, cannot be bookmarked, and are automatically deleted after 30 days.
What is Azure and AWS Bedrock? Why do you include Azure and AWS policies in the sign-in pop-up?
Azure and AWS Bedrock are platforms that act as “cloud providers” or “model gardens.” They offer a managed and secure way to access models developed by OpenAI, Anthropic, DeepSeek, and others. These platforms host the models and handle key infrastructure tasks like API access and authentication.
The actual model companies, like OpenAI (ChatGPT), Anthropic (Claude), DeepSeek, etc. develop and maintain the models themselves, but we access those models through Azure and AWS Bedrock rather than directly from the model company.
For more information, see the model providers’ security and privacy documentation: