Privacy Policy
Last Updated: June 8, 2026
1. Introduction
Oraclume ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website at oraclume.com (the "Website").
By using the Website, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
Automatically Collected Information. When you visit the Website, we may automatically collect certain information sent by your browser, including your IP address, browser type, operating system, referring URLs, pages visited, and date/time of each visit. This information is collected via Google Analytics 4 (GA4) and server logs.
Cookies and Similar Technologies. We use cookies and similar tracking technologies, including local storage (localStorage) in your browser. Cookies are used for basic site functionality and analytics (GA4). Local storage is used to temporarily store your tarot reading session data and free reading usage count to provide a seamless experience. You may disable cookies through your browser settings, but this may affect website functionality.
Information You Provide When Using Interactive Tools. When you use our tarot reading tools (including One Card Draw, Past-Present-Future Spread, and other interactive tools), you may voluntarily provide certain information, including:
- The question or focus area you enter for your reading
- Your selection of cards and their resulting interpretations
- Your free reading usage count (tracked via localStorage and our backend)
This information is collected to generate your personalized AI tarot reading and to maintain a record of your reading session for display purposes. Your reading data is transmitted to our AI service provider solely for the purpose of generating the interpretation.
We do not knowingly collect sensitive personal data such as racial or ethnic origin, political opinions, religious or philosophical beliefs, health information, or sexual orientation. You should avoid including such information in your reading questions. If you choose to share sensitive information voluntarily, it will be treated with the same security protections described in this policy.
3. How We Use Your Information
We use the collected information to:
- Operate and improve the Website
- Generate personalized AI tarot readings in response to your questions
- Analyze usage patterns and detect technical issues
- Track usage of interactive tools (e.g., free reading count)
- Comply with legal obligations
We do not sell your personal information to third parties.
4. Cookies and Tracking Technologies
We use strictly necessary cookies for basic site functionality and analytics cookies (GA4) to understand how visitors use the site. Local storage is used to store reading session data and free reading counts in your browser. You can clear localStorage at any time through your browser settings.
5. Data Sharing and Disclosure
We may share your information with the following categories of third parties:
- Service Providers. We use third-party services to operate the Website, including content delivery network (CDN) and security services, hosting services, and analytics services. These providers process data solely on our behalf and under our instructions.
- AI Service Providers. When you use our tarot reading tools, your question and the selected card information are transmitted to our third-party AI service provider solely for the purpose of generating your personalized reading. This data is processed in real-time and is not used by the AI provider for training, profiling, or any other purpose.
- Legal Compliance. We may disclose your information if required to do so by law or in response to valid legal requests.
6. Data Retention
We retain different types of data for the following periods:
- Analytics data (GA4): Up to 26 months
- Server logs: 30 days
- Reading session data (unauthenticated users): Reading data (including your question, card selection, and AI-generated interpretation) is retained for a maximum of 24 hours after generation. After 24 hours, the reading is no longer accessible. You may request earlier deletion of your reading data at any time by contacting us at hello@oraclume.com.
- AI service data: Data transmitted to our AI service provider for reading generation is processed in real-time and is not retained by the AI provider.
- Usage records (anonymized): Aggregated and anonymized records of reading activity (e.g., tool usage count, not content) may be retained for analytics purposes.
- IP addresses: Logged in server logs for 30 days, and may be associated with reading activity for fraud prevention and abuse detection.
7. Your Rights (GDPR)
If you are in the EEA, Switzerland, or the UK, you have rights under GDPR including:
- Right to access — request a copy of your personal data
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your personal data
- Right to restrict processing — request limitation of data use
- Right to data portability — request transfer of your data
- Right to object — object to processing of your data
Contact us at hello@oraclume.com to exercise these rights. We will respond within 30 days.
8. Your Rights (CCPA)
California residents have the right to:
- Know what personal information is collected, used, shared, or sold
- Delete personal information held by us
- Opt out of the sale of personal information — we do not sell personal information
- Non-discrimination — exercising your rights will not result in unequal treatment
To exercise your CCPA rights, contact us at hello@oraclume.com.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including HTTPS encryption, firewalls, access controls, and regular security reviews. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including Hong Kong SAR (where we are based) and the United States (where our hosting and AI service providers operate). We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where required.
11. Children's Privacy
The Website is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe a child under 18 has provided us with personal data, please contact us immediately so we can delete it.
12. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated "Last Updated" date. Material changes will be notified via a notice on the Website.
13. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: hello@oraclume.com
Questions? Contact us at hello@oraclume.com