Back to StudentLife OSLegal Center
Terms of ServicePrivacy PolicyCookie PolicyData UsageAcceptable UseCommunity GuidelinesSecurityAccessibilityDMCACopyright and IP

Legal documents

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Data Usage
  • Acceptable Use
  • Community Guidelines
  • Security
  • Accessibility
  • DMCA
  • Copyright and IP

Legal

Data Usage Policy

Last updated: June 30, 2026

How student, school, and organization data is used and shared.

1. Purpose of data collection

StudentLife OS collects and uses data to connect students with educational and professional opportunities and to operate the Platform for schools, departments, and organizations. Our data practices are designed to benefit users while respecting their privacy. This policy complements our Privacy Policy.

2. Student data usage

Profile data is used to:

  • Match you with relevant opportunities
  • Share your application with a school or organization when you apply
  • Personalize your experience
  • Inform aggregate, anonymized platform analytics

Activity data tracks your applications and saves, measures engagement, and is never sold to third parties.

Eligibility verification data is used only to confirm that you are a real, enrolled student. A verified school email ending in .edu is trusted automatically; otherwise you may upload a limited set of enrollment documents (a student ID, an enrollment letter, a class schedule, an educational plan, an acceptance letter, or, for recent graduates, a diploma), which our review team checks by hand. We never ask for transcripts, tuition or financial records, portal screenshots, or a Social Security number. Verification documents are encrypted at rest with AES-256, scoped to your account, opened by reviewers only through short-lived signed links, audited on every access, retained only as long as needed to perform and record the review and meet legal obligations, and never shown to schools, organizations, or other students. The resulting status drives a verified, pending, or unverified badge; the document itself is never used to rank, score, or judge you. Full detail is in our Privacy Policy, and a plain-language overview is at studentlifeos.com/verification.

3. School and organization data usage

  • Institution information is displayed on opportunity postings
  • Contact details are used for Platform communications
  • Analytics are provided to track opportunity performance
  • Student rosters are accessible only to verified, authorized admins
  • Signup and contact details, together with publicly available information we may research, are used to review and confirm that an organization is legitimate and that a school is a genuine institution before the account is approved

4. Data sharing transparency

With schools and organizations

When you apply, the institution sees your name, email, the academic details relevant to the opportunity, and the information in your application.

Public

Only information you explicitly mark as public in your profile settings is visible publicly.

What we never share:

  • Your password or authentication tokens
  • Private messages
  • Saved opportunities (unless you apply)
  • Individual data to advertisers
  • Demographic data with any AI ranking system

5. Analytics and reporting

We use aggregated, anonymized data to produce platform statistics, improve matching, and give schools and organizations engagement metrics about their own activity. The analytics a school or organization sees is scoped to its own postings and audience. It never includes other institutions' data, and it cannot be used to browse students who did not engage with that institution.

What an organization or school sees about its own activity:

  • Counts and period-scoped rates: applications, views, hires, response rate, saves, and unique engaged students for a selected time window.
  • Performance by opportunity and by opportunity type, and discount listing performance (views, clicks, saves, and promo code copies).
  • School engagement:which schools an organization's applicants and hires come from, with counts per school. This is derived from the school each applicant recorded on their own profile at the time they applied (a stored snapshot), and an organization sees the full cross-school breakdown only for its own postings. A school or department viewing an organization's public profile sees only its own row, never another institution's.
  • Profile viewers:an institution can see the schools, departments, and organizations that viewed its public profile. This identifies viewing institutions, not individual people, and it is the institution's own audience information.

Demographic (DEI) insights:

  • Shown to institutions only in aggregate, never as an individual record.
  • Suppressed below a minimum sample size (k-anonymity, currently ten applicants) so a small pool cannot be reverse engineered to identify a person.
  • Derived only from demographic information an applicant chose to share (opt-in). Every view of a demographic breakdown is logged for compliance.
  • Never used as an input to any AI candidate ranking or matching, and never sold.

Analytics and demographic insights are provided to help institutions understand reach and engagement and to support lawful, inclusive recruiting. They must not be used to re-identify an individual or to make a decision that unlawfully discriminates against a person or group; see our Acceptable Use Policy. Aggregated platform analytics we use for our own product improvement cannot be traced back to an individual user.

6. Your rights and control

  • Profile visibility: control who can see your profile. Students can set their profile to public or private at any time.
  • Findability: students can choose whether they appear in search and directories and whether others can message them. We enforce these choices on our servers, so a student who opts out is withheld from search, directories, the contact lists organizations use, and the cohorts our matching uses. If you choose not to be found, you are not found.
  • Application history: view all your applications
  • Data export: download your data at any time
  • Account deletion: permanently remove your account and data
  • Opt-out: disable specific features or notifications

7. School and organization access boundaries

Schools and organizations can access only:

  • Students who applied to their opportunities
  • Students affiliated with their institution (schools only)
  • Aggregated analytics about their own postings

They cannot browse all student profiles or access students from other institutions. Each portal is an isolated compartment.

Discovery and pipeline insights.The school and department directory and the public institution profiles are a discovery surface: they present an institution's public information (such as name, type, location, departments, open opportunities, follower count, and upcoming career fairs) to organizations and to other institutions, so partners can find and contact one another. They never expose another organization's analytics or a school's private student records. An organization's pipeline insights, which show which schools and departments its applicants came from and how that flow converted, are built only from that organization's own activity and from the application data it already received. One organization can never see another organization's pipeline; a school or department sees campus engagement only for its own institution. These boundaries are enforced on our servers, identified by the signed-in account, and shared across a team, so they cannot be bypassed by altering an identifier or URL, by a redirect, or by a team member's seat.

Student findability is the student's choice. A student controls whether their profile is public or private, whether they appear in search and directories, and whether others can message them. When a student turns findability off, we withhold them from search, from directories, from the contact lists organizations use to reach students, and from the cohorts our matching uses. There is no all-students directory, and no portal can browse the entire student body; an organization reaches a student only through a legitimate connection (such as an application) and only when the student allows it. These choices are enforced on our servers, so a student who chooses not to be found is not found, and cannot be revealed by altering a link or URL.

8. Data security measures

  • Encryption in transit and at rest for sensitive data
  • Regular security review and monitoring
  • Strict access controls for staff
  • Automatic sign-out after inactivity
  • Multi-factor authentication

See our Security page for details.

9. Third-party service providers

We use vetted providers for cloud infrastructure and storage, transactional email, content-delivery and security at the network edge, and the optional SLOS AI assistant. All are under contract to protect your data and use it only to provide their service.

Optional calendar integration. If you choose to connect a calendar integration such as Google Calendar, we write your own interviews and events (with attendees and meeting links) to your calendar and read back your edits to those items so your schedule stays in sync. We request only the permission to manage calendar events and to read your account email address, store that authorization encrypted at rest, and delete it when you disconnect. This integration is user-initiated and never required to use the Platform. See our Privacy Policy for details.

10. Data retention

We retain data while your account is active or as needed to provide the service and meet legal obligations. After account deletion, most data is removed within a defined window, audit and security logs are retained for a limited period for legal and safety reasons, and aggregated, anonymized analytics may be retained. You can request deletion at any time.

Fraud, security, and signup blocks. When we investigate suspected fraud, abuse, or policy violations, we may retain verification documents, security-case records, enforcement actions, device and IP signals, and related audit logs for as long as needed to complete the review, prevent re-entry (including through a signup block on an email hash), defend legal claims, or comply with law. A removed account may leave tombstone and audit records that do not restore access. Content others already received (for example an application submitted to an institution) may remain with that institution even after your account is deleted, as described in our policies.

11. Data use with the SLOS AI assistant

The optional SLOS AI features use data only as needed to produce their output, and never to build a profile of you for advertising. For the student apply assistant, the relevant parts of the student's own profile and resume text are sent to our contracted AI provider to draft that student's application. For an institution's candidate ranking, applicant materials are sent under an alias with contact details removed, solely to produce that institution's ranking. In both cases:

  • Protected demographic and EEO information is never sent and is never used to rank or judge anyone.
  • The provider operates under contract and does not use the data to train its models.
  • The feature is off by default and runs only when a user chooses to use it.
  • We meter only the cost and usage needed to operate the feature, and a platform control can disable it instantly.

Full details are in the SLOS AI sections of our Terms of Service and Privacy Policy.

12. Student records and FERPA

Where a school uses the Platform in a way that involves student education records, we act as a service provider to that school and handle such records consistent with the Family Educational Rights and Privacy Act (FERPA) and the school's instructions. We use those records only to provide the service to the school, do not use them for unrelated purposes, and do not sell them. A student's own profile information and applications that the student creates and submits are controlled by the student through their account settings.

13. International data transfers

The Platform is operated from the United States, and data is processed there. If you access the Platform from outside the United States, you understand that your data will be transferred to and processed in the United States. Where required, we rely on appropriate safeguards for international transfers, and you keep the rights described in our Privacy Policy.

14. Updates to this policy

We will notify you of material changes by email and Platform notification. Continued use after changes take effect constitutes acceptance.

15. Questions

Questions about how we use your data, or to exercise your rights, contact us:

StudentLife Technologies LLC

1 Sansome St, Suite 1400, San Francisco, CA 94104

Email: support@studentlifeos.com

Phone: (415) 508-8610