Privacy Policy

Effective Date: March 9, 2026

1. Introduction

This Privacy Policy describes how COMET (CANFAR Orchestration for Managed Environment Transfers) collects, uses, and protects information when you use our service. COMET is designed for scientists and researchers; we aim to keep data handling straightforward and transparent so you can focus on your work rather than compliance concerns.

2. Information We Collect

Authentication Credentials. When you use COMET, you provide your CADC username and password to sign in to CANFAR, generate SSH keys, and browse directories. You may also authorize COMET via GitHub OAuth and/or GitLab OAuth, which grants temporary access to create repositories, branches, commits, workflows, and repository secrets or CI/CD variables. These credentials are stored only in short-lived session data (secured by signed cookies and/or server memory depending on deployment configuration) and are not retained in a long-term database.

Session Data. COMET uses short-lived sessions to maintain state during the wizard flow. Session data includes your CADC username, the generated SSH private key (PEM), GitHub and/or GitLab OAuth tokens, selected repository information, template choice, branch name, deployment configuration, and staged file state. Sessions are time-limited (default: 2 hours). If you choose "Stay signed in," the session cookie persists until it expires; otherwise it is cleared when you close your browser or when the session expires.

Optional Custom AI Credentials. If you use the Custom AI controls for AI Fit or unit test generation, the provider credentials you enter (for OpenAI, Anthropic, Google, or AWS Bedrock) are stored in browser sessionStorage for the current browser session only. They are not written into Flask session cookies, hidden form fields, repository secrets, or a long-term database.

Analytics. If Google Analytics (GA4) is enabled, we collect anonymized usage data such as page views, session duration, and general geographic location. This helps us understand how the service is used and identify areas for improvement. You may disable analytics by using browser privacy settings or extensions that block tracking scripts.

Server Logs. Standard web server logs may record your IP address, browser type, and pages accessed. These logs are used for security monitoring and troubleshooting and are retained for a limited period.

3. How We Use Your Information

The information collected is used solely to provide the COMET service: authenticating with CANFAR and GitHub/GitLab, generating and provisioning SSH keys, browsing CANFAR directories, creating or updating repositories, generating or editing deployment files, optionally running AI-assisted template fitting or unit test generation, and storing secrets or CI/CD variables in your selected Git provider. We do not use your information for marketing, advertising, or any purpose unrelated to the service.

4. Information Sharing

We do not sell, rent, or share your personal information with third parties. Your CADC credentials are transmitted directly to CANFAR servers for authentication and key provisioning. Your GitHub and GitLab OAuth tokens are used to interact with those APIs on your behalf. Secrets and variables are stored in your repository using your Git provider's encrypted secrets or CI/CD variable infrastructure; COMET does not retain copies of those secrets after they are pushed. If you choose the CanDIAmazing template, COMET fetches public template files from GitHub to show and commit in your repository. If you opt into a custom AI provider, COMET transmits the prompt and your temporary provider credentials only to the selected provider for the specific AI request you triggered.

5. Data Retention

COMET does not maintain a persistent database of user information. Session data is stored in short-lived session cookies and/or server memory (depending on deployment) and is automatically cleared upon session expiration or logout. Browser-stored Custom AI settings are cleared when the browser session ends or when you clear them manually. The SSH keys, workflow files, and secrets or variables you create are stored in your CANFAR account and GitHub/GitLab repository respectively—COMET does not retain copies of these artifacts after they are pushed. Template file content and AI model catalogs may be cached briefly in memory to speed up previews and provider model lookups.

6. Security Measures

We implement reasonable security measures to protect the information processed by COMET. All communications occur over HTTPS. Session cookies are marked as Secure, HttpOnly, and SameSite. CSRF protection and rate limiting are enforced on sensitive endpoints. Secrets pushed to GitHub use GitHub's sealed box encryption via their public key; GitLab CI/CD variables are stored through GitLab's variables interface. Custom AI credentials are intentionally kept out of Flask session data and repository configuration. We follow security guidance from the CANFAR Security Policy.

7. Your Responsibilities

You are responsible for maintaining the security of your CANFAR, GitHub, GitLab, and any optional AI-provider accounts you connect to COMET. We recommend rotating secrets periodically, reviewing workflow files and AI-generated changes before deployment to production branches, revoking OAuth access when no longer needed, and following the principle of least privilege when granting repository permissions.

8. Third-Party Services

COMET integrates with GitHub, GitLab, and CANFAR, and it can optionally connect to third-party AI providers such as OpenAI, Anthropic, Google, and AWS Bedrock when you choose to use Custom AI. These services have their own privacy policies and terms that govern how they handle your data. We encourage you to review the GitHub Privacy Statement, the GitLab Privacy Statement, the privacy terms for any AI provider you select, and the CANFAR Security Policy.

9. Reporting Security Issues

If you discover a security vulnerability or have concerns about data handling, please contact us at mike.cichonski@utoronto.ca. For CANFAR-specific security issues, please refer to the CANFAR Security Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected on this page with an updated effective date. Your continued use of COMET after any changes constitutes acceptance of the revised policy.

11. Contact

Questions about this Privacy Policy may be directed to mike.cichonski@utoronto.ca.