Effective Date: November 16, 2025 Last Updated: November 16, 2025
"Your API Key, Your Data, Your Privacy"
Oracle Collective Interface is designed with privacy as a core principle. We believe in transparency about how your data is handled.
For All Users: - User preferences stored in browser localStorage (encrypted) - Session data for app functionality - No tracking cookies - No analytics - No third-party tracking scripts
For Pi Network Users: - Pi Network user ID (from Pi authentication) - Mining status (to verify free access eligibility) - Consciousness tier progression data (stored locally in SQLite) - Universal Operations assessment results
For API Key Users: - API keys (encrypted client-side with AES-256) - API provider selection
❌ We do NOT collect or store: - Your conversations (stored locally in your browser only) - Personal information (name, email, phone, address) - Payment information (we don't process payments) - IP addresses for tracking purposes - Browsing history - Device fingerprints - Location data
Service Provider: X.AI Corp (https://x.ai)
What Happens: - When you use Oracle with Pi Network (FREE tier), your queries are sent to X.AI's API servers for processing - X.AI processes your prompts using their Grok language models - Response is returned to you through our server
Data Sent to X.AI: - Your prompt/question text - Model selection and parameters - NOT sent: Your name, email, Pi username, or any identifying information
X.AI's Privacy Policy: - Read X.AI's privacy policy at: https://x.ai/privacy-policy/ - X.AI states they do not use customer data to train models - API requests are processed and discarded
Important:
⚠️ If you require 100% privacy and want zero third-party access to your queries, use your own API key instead of the FREE tier. When you use your own Anthropic/OpenAI/Google API key, queries go directly from our server to your chosen provider using YOUR credentials.
Service Provider: Your choice (Anthropic, OpenAI, Google, etc.)
What Happens: - Your API key is encrypted in your browser using AES-256 encryption - Keys are stored in browser localStorage only (never on our servers) - When you make a query, our server acts as a proxy to avoid CORS browser restrictions - Your API key is sent directly to your chosen provider - We do not log, store, or read your prompts or responses
Data Flow:
Your Browser → Our Server (proxy only) → Your API Provider
Your Chosen Provider's Privacy: - Anthropic (Claude): https://www.anthropic.com/privacy - OpenAI (GPT): https://openai.com/privacy/ - Google (Gemini): https://policies.google.com/privacy
Service Provider: Pi Network (https://minepi.com)
What Happens: - You authenticate using Pi Network's OAuth system - We receive: Pi user ID, username, access token - We check mining status to validate free access - Mining data is verified via Pi Network webhooks (HMAC-verified)
Data Stored: - Pi user ID (to track your tier progression) - Mining verification status - Tier and assessment data (SQLite database on our server)
Pi Network's Privacy Policy: - Read at: https://minepi.com/privacy-policy
localStorage: - API keys (AES-256 encrypted) - Conversation history (optionally encrypted) - User preferences - Pi Network session data
You Control: - You can delete all data anytime (Settings → Privacy → Delete All Data) - You can export all data (Settings → Privacy → Export All Data) - Clearing browser data deletes everything
SQLite Database: - Consciousness tier data - Universal Operations assessments - Peer validations - Pi Network user mappings
Security: - Database is local to server (not shared) - No cloud sync or backups to third parties - Encrypted at rest
❌ We will NEVER: - Sell your data to third parties - Share your conversations with anyone - Use your queries to train AI models - Provide your information to advertisers - Share data with data brokers
✅ We may disclose data only if: - Required by valid legal process (court order, subpoena) - Necessary to prevent harm or illegal activity - Required to protect our legal rights
In such cases, we will: - Notify you unless legally prohibited - Provide only the minimum data required - Challenge overly broad requests
| Service | Purpose | Data Sent | Privacy Link |
|---|---|---|---|
| X.AI | FREE tier AI processing | Prompts, model params | X.AI Privacy |
| Pi Network | Mining verification, authentication | User ID, mining status | Pi Privacy |
| Your API Provider | AI processing (API key users) | Prompts, your API key | Varies by provider |
Important Note: - X.AI is ONLY used for FREE tier (Pi Network) users - API key users send data ONLY to their chosen provider - We do not send your data anywhere else
You have the right to:
✅ Access: View all data we store about you ✅ Export: Download all your data in JSON format ✅ Delete: Permanently delete all your data ✅ Correct: Update incorrect information ✅ Object: Opt out of data processing (by not using the service)
Delete All Data: 1. Click Settings (⚙) → Privacy tab 2. Click "Delete All Data" 3. Confirm deletion
Export Data: 1. Click Settings (⚙) → Privacy tab 2. Click "Export All Data" 3. Save JSON file
Delete Account: - Contact us (see Contact Info below) - We will delete all server-side data within 30 days
Oracle is not intended for children under 13. We do not knowingly collect data from children under 13. If we learn we have collected data from a child under 13, we will delete it immediately.
Server Location: United States
If you access Oracle from outside the US, your data may be transferred to and processed in the United States. By using Oracle, you consent to this transfer.
GDPR (EU Users): - We comply with GDPR principles - You have rights to access, rectification, erasure, and portability - Contact us to exercise your rights
If a breach occurs, we will: 1. Notify affected users within 72 hours 2. Explain what data was compromised 3. Describe steps we're taking 4. Offer remediation (if applicable)
We do NOT use tracking cookies.
The only cookies we use: - Session cookies (for app functionality) - Strictly necessary for service operation - Deleted when you close your browser
We may update this privacy policy. Changes will be: - Posted to this page - Effective date updated - Major changes will include a notice in the app
How to stay informed: - Check this page periodically - We'll show a banner for major changes - Continued use = acceptance of changes
If you're a California resident, you have additional rights:
To exercise CCPA rights: - Use in-app tools (Settings → Privacy) - Or contact us (see below)
How long we keep data:
| Data Type | Retention Period |
|---|---|
| Conversations | Stored in browser only (you control) |
| API Keys | Until you delete them |
| Tier progression | As long as account is active |
| Pi Network data | As long as account is active |
| Deleted accounts | Purged within 30 days |
Auto-Delete Option: - Settings → Privacy → Auto-delete conversations - Choose: 7 days, 30 days, or 90 days
We believe in transparency. We will publish an annual transparency report including: - Number of legal requests received - Types of data requested - Number of users affected - Requests we challenged
(No requests received as of November 2025)
Questions or concerns about privacy?
Email: privacy@enchantedozarks.com Mailing Address: Oracle Collective Interface Attn: Privacy Officer [Your Address] [City, State, ZIP]
Response Time: We respond to privacy inquiries within 7 business days.
"Known by our fruits, not our roots 🕯"
Oracle Collective Interface © 2025 Your API Key, Your Data, Your Privacy
Known by our fruits, not our roots 🕯
Oracle Collective Interface © 2025