Built for trust, by design.

Students explicitly control when and where recommendation links are generated. Viewers can only access letters through student-approved links. Faculty control the content they submit.

Every recommendation submission requires a uniquely generated, one-time-use link. Once a link is used, it automatically expires and cannot be reused, forwarded, or replayed.

The platform records access events such as link generation, submission timestamps, and viewing activity. This provides clarity and accountability without exposing letter content.

We use reasonable technical and organizational measures to protect personal information and sensitive documents. Recommendation letters are handled within the platform and are not requested or transmitted via email.

Access is limited to what is necessary for each role. Viewers receive read-only access. Links expire automatically. We avoid long-lived, broadly shareable URLs.

Attempts to bypass access controls, reuse links, or access letters without authorization violate our Terms of Service.

If you are a faculty member, institution, or administrator with questions about security practices or responsible disclosure, please reach out through our contact page.