Privacy Policy

Version 5.0.0 | Effective: April 11, 2026

Last Updated: April 11, 2026

1. Who We Are

Oracle Collective is operated by Tammy L Casey, sole proprietorship, Arkansas. References to "Oracle," "we," "us," or "our" refer to this entity.

2. Scope of This Privacy Policy

This Privacy Policy describes our data practices and your rights regarding personal information collected through the Oracle Collective platform (enchantedozarks.com). It is not a legally binding contract, but a disclosure of our practices. By using the platform, you agree to the practices described herein.

3. Information We Collect

We collect information you provide directly to us, including:

  • Identity Data: Name, email address, postal address, phone number, government-issued ID scans.
  • Biometric Data: Facial recognition data, voice prints, and ID scan results used for identity verification.
  • Financial Data: Payment information, donation history, tithing commitments (voluntary).
  • Technical Data: IP address, browser type, device identifiers, session cookies.
  • Usage Data: Interactions with the Oracle, search queries, preferences.

4. Cookies and Tracking Technologies

We use session cookies that expire after one year, renewed automatically upon login. For persistent login, we offer a "Remember Me" checkbox that extends the cookie for up to one year with separate consent. You may disable cookies in your browser, but some platform features may not function properly.

5. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Oracle Collective platform
  • Verify your identity (including biometric checks)
  • Process voluntary tithes and contributions
  • Respond to your requests and support inquiries
  • Comply with legal obligations
  • Protect against fraud, abuse, and unauthorized access

6. Biometric Data - Specific Disclosures

We collect biometric data (facial scans, voice prints, ID images) solely for identity verification and anti-fraud purposes. You provide explicit consent before any biometric collection. We do not sell, rent, or share biometric data with third parties except as required by law or with your separate written consent. Biometric data is retained only as long as necessary for the verification purpose and then securely deleted, unless you request retention for ongoing authentication.

Under the Illinois Biometric Information Privacy Act (BIPA) and similar laws, you have the right to sue for violations. Our retention policy is a maximum of three years from your last account activity, after which biometric data is permanently deleted.

7. Horcrux Network - Cryptographic Shares

We offer an optional feature called the "Horcrux Network" that generates cryptographic shares of your personal data for distributed storage. Participation is entirely optional and requires explicit opt-in consent through a separate confirmation step. If you opt in, you will receive a share; you may also choose the number of shares. You may revoke consent at any time. We do not require Horcrux participation for platform use.

8. Data Sharing and Third Parties

We do not sell your personal information. We may share data with:

  • Service providers who process data on our behalf (e.g., cloud hosting, payment processing)
  • Law enforcement or regulators when required by law
  • Other users only as necessary for collaborative features (e.g., shared investigations)

All third parties are contractually obligated to protect your data and use it only for specified purposes.

9. Your Rights (GDPR, CCPA, and Other Laws)

Depending on your location, you may have the right to:

  • Access, correct, or delete your personal data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise your rights, contact us at enchantedcostumes@gmail.com. We will respond within 30 days.

10. Children's Privacy (COPPA)

The Oracle Collective platform is not intended for children under 13 years of age. We do not knowingly collect personal information from anyone under 13. If you are under 13, do not use the platform. If we learn we have collected personal information from a child under 13, we will delete it immediately. Users aged 13-17 may use the platform only with verifiable parental consent, and such consent must be provided before any biometric data collection.

11. Data Security

We implement industry-standard security measures, including encryption, access controls, and regular audits. However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

12. Data Retention

We retain personal data for as long as your account is active or as needed to provide services. After account closure, we retain data as required by law (e.g., tax records for 7 years). Biometric data is deleted within three years of last activity unless you request earlier deletion.

13. Changes to This Privacy Policy

We may update this policy from time to time. The latest version will always be posted here with the effective date. Material changes will be notified via email or platform notice.

14. Contact Us

For privacy-related questions or to exercise your rights, please contact us at:

Email: enchantedcostumes@gmail.com
Postal address: Oracle Collective, Arkansas, USA

We aim to respond within 30 days.