Oracle Codex

Privacy Policy

Last updated 2026-06-07

Oracle Codex is operated by Delphine Diallo, New York, NY, United States ("we," "us," "our"). This policy explains what information we collect from people who use Oracle Codex, why we collect it, and the choices you have about it.

1. What we collect

When you use Oracle Codex, we collect:

  • Account data. Your email address, when you sign in.
  • Uploaded images. Photographs of objects you submit for reading. These are stored as part of a curatorial corpus, with your consent at the moment of upload.
  • Generated readings. The symbolic interpretations produced by the system, attached to your account.
  • Payment data. If you subscribe, Stripe collects your payment method and billing details. We do not store full card numbers; we keep only the metadata Stripe returns (subscription status, plan, period).
  • Usage data. Basic technical logs of when you sign in and use the service, kept for security and debugging.

2. Why we collect it

  • To provide the reading service: generating, displaying, and archiving your readings.
  • To bill subscribers and prevent abuse of free quotas.
  • To maintain a curatorial archive of images, with your explicit consent, as part of the project's anti-colonial and ancestral documentation work.
  • To respond when you write to us.

3. Who we share it with

We share data only with the third parties necessary to operate Oracle Codex:

  • OpenAI. Your uploaded image and the resulting prompt are sent to OpenAI to generate the reading. OpenAI's data usage policy applies to that processing.
  • Stripe. Payment processing.
  • Cloudflare R2. Storage of original images and generated assets.
  • Turso. Database hosting (account, readings metadata).
  • Resend. Email delivery (sign-in codes, transactional messages).
  • Netlify. Site and serverless function hosting.

We do not sell your data, and we do not use it to train any machine learning model owned or controlled by us.

4. How long we keep it

  • Uploaded images. Retained indefinitely as part of the curatorial corpus, with your consent. You can request deletion at any time by writing to contact@loraclecodex.com.
  • Readings. Kept in your account for as long as the account exists.
  • Payment metadata. Retained as long as required by applicable tax and accounting law.
  • Account. Deleted on request. Write to contact@loraclecodex.com from your account email.

5. Your choices

You can:

  • Ask for a copy of the personal data we hold about you.
  • Ask us to correct inaccurate data.
  • Ask us to delete your account, your readings, and your images.
  • Withdraw your consent for image archiving (this also removes the images).
  • Object to a specific use of your data.

To exercise any of these, write to contact@loraclecodex.com from the email address attached to your account. We respond within 30 days.

6. Security

We protect your account with email-only sign-in (no password to be stolen). Sessions are encrypted. Images are stored in private buckets and served over HTTPS. We follow industry-standard practices but cannot guarantee absolute security against every attack.

7. International users

Oracle Codex is operated from the United States and is intended for an international audience. By using the service, you understand that your data will be processed in the United States and other countries where our service providers operate. We respect data subject rights as described above regardless of where you are located.

8. Children

Oracle Codex is not intended for children under 18. We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, write to contact@loraclecodex.com and we will delete it.

9. Changes

We may update this policy. The "Last updated" date at the top reflects the current version. Material changes will be announced by email to active accounts.

10. Contact

For any question about this policy, write to contact@loraclecodex.com.