Privacy Policy | The Oracle

1. INTRODUCTION AND SCOPE

This Privacy Policy ("Policy") describes how Delphi Labs Inc., a Delaware corporation ("Company," "Delphi Labs," "we," "us," or "our"), collects, uses, discloses, retains, and safeguards personal information when you access or use The Oracle™ platform, AGI Model 7™ technology, and all related services, applications, websites, APIs, and content (collectively, the "Service").

BY ACCESSING OR USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH THIS POLICY, DO NOT ACCESS OR USE THE SERVICE.

This Policy applies to all users of the Service worldwide. For users in specific jurisdictions, additional rights and disclosures may apply as set forth in Sections 12-22 below.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

Account Information: Email address, username, password, name, profile photo, and other registration information
Authentication Data: Credentials from Google Sign-In, OAuth tokens, and authentication logs
Payment Information: Credit card numbers, billing addresses, and transaction history (processed by third-party payment processors)
Communication Data: Messages, feedback, support requests, and correspondence with us
Phone Number: If you use calling features via Twilio integration

2.2 Information Collected Automatically

Device Information: Device type, operating system, browser type and version, unique device identifiers, mobile network information
Log Data: IP address, access times, pages viewed, links clicked, referring URL, and actions taken within the Service
Location Data: Approximate geographic location based on IP address
Cookies and Tracking: Cookies, web beacons, pixel tags, and similar tracking technologies
Analytics Data: Usage patterns, feature interactions, session duration, and performance metrics

2.3 AI Interaction Data

IMPORTANT: WE COLLECT AND STORE ALL INTERACTIONS WITH THE AI SYSTEM, INCLUDING:

Conversation History: All text queries, prompts, and messages submitted to The Oracle
AI Responses: All responses generated by the AI system
Voice Data: Audio recordings, transcriptions, and voice synthesis preferences when using voice features
Document Data: Documents uploaded for analysis and documents generated by the AI
Memory Data: Information stored in persistent memory systems to enable continuity across sessions
Behavioral Data: Interaction patterns, preferences, personality selections, and usage behaviors
Metadata: Timestamps, session identifiers, and technical data associated with AI interactions

2.4 Information from Third Parties

Google Sign-In: Profile information authorized through Google OAuth
Payment Processors: Transaction confirmations and fraud prevention data from Stripe and other processors
Analytics Providers: Aggregated usage and demographic data

3. HOW WE USE YOUR INFORMATION

3.1 Service Provision and Operation

Provide, maintain, and improve the Service
Process AI queries and generate responses
Enable persistent memory and personalization features
Process voice inputs and generate voice outputs
Generate and process documents
Authenticate users and maintain account security

3.2 AI Model Training and Improvement

YOUR DATA MAY BE USED TO TRAIN, IMPROVE, AND DEVELOP OUR AI SYSTEMS. THIS INCLUDES:

Training and fine-tuning AGI Model 7 and related AI systems
Improving response quality, accuracy, and relevance
Enhancing emotional intelligence and personality systems
Developing new features and capabilities
Improving voice synthesis and recognition
Research and development of AI technologies

3.3 Security and Fraud Prevention

Detect, prevent, and investigate security incidents
Prevent fraud, abuse, and unauthorized access
Monitor for violations of our Terms of Service
Protect the rights and safety of users and third parties
Comply with legal obligations

3.4 Communications

Send service-related announcements and updates
Respond to support requests and inquiries
Send marketing communications (with consent where required)
Notify you of changes to policies or terms

3.5 Legal Bases for Processing (GDPR)

For users in the European Economic Area, we process personal data based on:

Contract Performance: Processing necessary to provide the Service
Legitimate Interests: AI model improvement, security, fraud prevention
Consent: Marketing communications and optional features
Legal Obligation: Compliance with applicable laws

4. INFORMATION SHARING AND DISCLOSURE

4.1 Third-Party Service Providers

We share data with the following categories of service providers:

Service	Purpose
Google Firebase	Authentication, database hosting, cloud storage, analytics
ElevenLabs	Voice synthesis and text-to-speech processing
Twilio	Phone calling, SMS, telecommunications services
Replicate	Image and video generation AI models
BrightData	Web data collection and scraping services
Stripe	Payment processing and billing
Render	Backend hosting and infrastructure
GitHub	Frontend hosting and version control
AI Model Providers	Various AI API providers for specialized capabilities

4.2 Legal Disclosures

We may disclose your information when required to:

Comply with applicable laws, regulations, legal processes, or governmental requests
Enforce our Terms of Service and other agreements
Protect our rights, property, or safety, or that of our users or others
Detect, prevent, or address fraud, security, or technical issues
Respond to lawful requests by public authorities, including law enforcement

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have regarding your information.

4.4 No Sale of Personal Information

WE DO NOT SELL YOUR PERSONAL INFORMATION TO THIRD PARTIES FOR MONETARY CONSIDERATION.

5. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected:

Data Type	Retention Period
Account Data	While active + 3 years after deletion request
AI Interaction Data	Indefinitely for AI training and improvement
Voice Data	5 years for service improvement
Transaction Data	7 years for legal and tax compliance
Log Data	2 years for security purposes
Anonymized Data	May be retained indefinitely

6. DATA SECURITY

We implement industry-standard security measures to protect your information, including:

Encryption of data in transit using TLS 1.3
Encryption of data at rest using AES-256
Access controls and authentication requirements
Regular security assessments and penetration testing
Employee security training and access restrictions
Incident response and breach notification procedures
Regular backups and disaster recovery capabilities

HOWEVER, NO METHOD OF TRANSMISSION OVER THE INTERNET OR ELECTRONIC STORAGE IS 100% SECURE. WHILE WE STRIVE TO PROTECT YOUR INFORMATION, WE CANNOT GUARANTEE ABSOLUTE SECURITY.

7. DATA BREACH NOTIFICATION

In the event of a data breach that affects your personal information, we will notify affected users within 72 hours of becoming aware of the breach, as required by applicable law. Notification will include the nature of the breach, types of data affected, steps we are taking, and recommendations for protecting yourself.

8. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws different from your country. By using the Service, you consent to the transfer of your information to the United States and other countries.

For transfers from the European Economic Area, we rely on Standard Contractual Clauses approved by the European Commission and other lawful transfer mechanisms.

9. CHILDREN'S PRIVACY

THE SERVICE IS NOT INTENDED FOR USERS UNDER 18 YEARS OF AGE. WE DO NOT KNOWINGLY COLLECT PERSONAL INFORMATION FROM CHILDREN UNDER 18. IF YOU ARE UNDER 18, DO NOT USE THE SERVICE OR PROVIDE ANY INFORMATION.

If we learn we have collected personal information from a child under 18, we will delete that information immediately. If you believe we have collected information from a child under 18, please contact us at privacy@delphilabsinc.com.

10. YOUR RIGHTS AND CHOICES

10.1 General Rights

Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your personal data (subject to legal retention requirements)
Portability: Request your data in a portable format
Opt-Out: Opt out of marketing communications
Withdraw Consent: Withdraw consent where processing is based on consent

10.2 Opt-Out of AI Training

You may request that your data not be used for AI training purposes by emailing privacy@delphilabsinc.com with the subject line "AI Training Opt-Out." Note that this may limit certain personalization features.

10.3 Account Deletion

You may delete your account by contacting us at privacy@delphilabsinc.com. Upon deletion, we will remove your personal data within 30 days, except for data we are required to retain for legal or legitimate business purposes.

11. COOKIES AND TRACKING TECHNOLOGIES

We use the following types of cookies:

Essential Cookies: Required for Service functionality
Analytics Cookies: Track usage and improve the Service
Preference Cookies: Remember your settings and preferences
Security Cookies: Detect fraud and protect your account

You can control cookies through your browser settings. Disabling certain cookies may affect Service functionality.

12. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: Request disclosure of categories and specific pieces of personal information collected
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate information
Right to Opt-Out: Opt out of the sale or sharing of personal information
Right to Non-Discrimination: Not be discriminated against for exercising your rights
Right to Limit: Limit use of sensitive personal information

Contact: privacy@delphilabsinc.com | Response within 45 days

13. VIRGINIA PRIVACY RIGHTS (VCDPA)

Virginia residents have the following rights under the Virginia Consumer Data Protection Act:

Right to Access: Confirm processing and access your data
Right to Correct: Correct inaccuracies
Right to Delete: Delete personal data
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of targeted advertising, sale of data, and profiling
Right to Appeal: Appeal our decision on your request

Contact: privacy@delphilabsinc.com | Response within 45 days | Appeal within 60 days

14. COLORADO PRIVACY RIGHTS (CPA)

Colorado residents have the following rights under the Colorado Privacy Act:

Right to Access: Confirm processing and access data
Right to Correct: Correct inaccuracies
Right to Delete: Delete personal data
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of targeted advertising, sale, and profiling

Contact: privacy@delphilabsinc.com | Response within 45 days

15. CONNECTICUT PRIVACY RIGHTS (CTDPA)

Connecticut residents have the following rights under the Connecticut Data Privacy Act:

Right to Access: Confirm processing and access data
Right to Correct: Correct inaccuracies
Right to Delete: Delete personal data
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of sale, targeted ads, and profiling

Contact: privacy@delphilabsinc.com | Response within 45 days

16. UTAH PRIVACY RIGHTS (UCPA)

Utah residents have the following rights under the Utah Consumer Privacy Act:

Right to Access: Confirm processing and access data
Right to Delete: Delete personal data you provided
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of sale and targeted advertising

Contact: privacy@delphilabsinc.com | Response within 45 days

17. TEXAS PRIVACY RIGHTS (TDPSA)

Texas residents have the following rights under the Texas Data Privacy and Security Act:

Right to Access: Confirm processing and access data
Right to Correct: Correct inaccuracies
Right to Delete: Delete personal data
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of sale, targeted ads, and profiling

Contact: privacy@delphilabsinc.com | Response within 45 days

18. OREGON PRIVACY RIGHTS (OCPA)

Oregon residents have the following rights under the Oregon Consumer Privacy Act:

Right to Access: Confirm processing and access data
Right to Correct: Correct inaccuracies
Right to Delete: Delete personal data
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of sale, targeted ads, and profiling
Right to List: Obtain list of third parties to whom data was disclosed

Contact: privacy@delphilabsinc.com | Response within 45 days

19. MONTANA PRIVACY RIGHTS (MCDPA)

Montana residents have the following rights under the Montana Consumer Data Privacy Act:

Right to Access: Confirm processing and access data
Right to Correct: Correct inaccuracies
Right to Delete: Delete personal data
Right to Portability: Obtain data in portable format
Right to Opt-Out: Opt out of sale, targeted ads, and profiling

Contact: privacy@delphilabsinc.com | Response within 45 days

20. OTHER STATE PRIVACY RIGHTS

Residents of states with newly enacted or pending privacy legislation (including but not limited to Delaware, Iowa, New Hampshire, New Jersey, Tennessee, Indiana, Kentucky, Maryland, Minnesota, Nebraska, Rhode Island, and others) may have similar rights. We will honor valid requests consistent with applicable state law.

To exercise any state privacy rights, contact: privacy@delphilabsinc.com

21. NEVADA PRIVACY RIGHTS

Nevada residents may opt out of the sale of covered information under Nevada Revised Statutes Chapter 603A. To submit an opt-out request, email privacy@delphilabsinc.com with subject "Nevada Opt-Out."

22. EUROPEAN PRIVACY RIGHTS (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under GDPR:

Right of Access: Obtain confirmation of processing and access to your data
Right to Rectification: Correct inaccurate personal data
Right to Erasure: Request deletion under certain circumstances
Right to Restriction: Restrict processing under certain circumstances
Right to Portability: Receive your data in a structured format
Right to Object: Object to processing based on legitimate interests
Right to Lodge Complaint: File a complaint with a supervisory authority

23. CANADIAN PRIVACY RIGHTS (PIPEDA)

Canadian residents have rights under the Personal Information Protection and Electronic Documents Act:

Right to Access: Access your personal information
Right to Correct: Challenge accuracy and completeness
Right to Withdraw Consent: Withdraw consent subject to legal restrictions
Right to Complain: File complaint with Privacy Commissioner of Canada

24. AUSTRALIAN PRIVACY RIGHTS

Australian residents have rights under the Privacy Act 1988 and Australian Privacy Principles:

Right to Access: Access your personal information
Right to Correct: Request correction of inaccurate information
Right to Complain: Complain to the Office of the Australian Information Commissioner

25. DO NOT TRACK SIGNALS

We do not currently respond to "Do Not Track" signals. However, you can control tracking through your browser settings and opt-out mechanisms described in this Policy.

26. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Material changes will be notified by email, in-app notification, or prominent posting on the Service. Your continued use after such changes constitutes acceptance of the updated Policy.

27. CONTACT INFORMATION

For questions, requests, or complaints regarding this Privacy Policy:

Delphi Labs Inc.
Data Protection Officer: privacy@delphilabsinc.com
General Inquiries: Dakotastewart@delphilabsinc.com
Security Issues: security@delphilabsinc.com
Website: the-oracleai.com

← Return to Login