Privacy Policy
1. Data Controller
Sinisa Milojevic
Birkbuschstr. 11, 12167 Berlin, Germany
Email: hello@lucid-oracle.com
2. Data We Collect
| Category | Details |
|---|---|
| Account data | Email address, hashed password |
| User content | Dream descriptions, card readings, palm images, voice recordings |
| Relationship & Bond data | Bond labels, relationship context, continuity notes, zodiac signs, optional names, and optional birth dates that you choose to save |
| Usage data | Feature usage counts, subscription tier (collected via cookie-free Plausible analytics) |
| Payment data | Processed by Stripe; we store only your Stripe customer ID and subscription status |
3. Purpose of Processing
- Account management — creating and maintaining your account
- AI interpretation — sending your content to AI providers to generate dream interpretations, card readings, and palm readings
- Memory & continuity — saving Bonds, reflections, and continuity updates so you can revisit patterns over time
- Subscription billing — processing payments and managing your subscription tier
- Service improvement — aggregate, anonymized analytics to improve the platform
4. Third-Party Processors
| Provider | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Hosting, storage, email delivery | EU (eu-west-1) |
| OpenAI | AI-powered interpretations | USA |
| Anthropic | AI-powered interpretations | USA |
| Stripe | Payment processing | USA |
| Plausible Analytics | Cookie-free website analytics | EU |
5. Data Retention
- Account & content data — retained as long as your account is active
- Voice recordings — automatically deleted within 24 hours after processing
- Deleted account email hash — retained for 90 days to prevent free-tier abuse, then permanently deleted
6. Your Rights Under GDPR
You have the right to:
- Access — request a copy of your personal data (data export)
- Rectification — correct inaccurate personal data
- Erasure — delete your account and all associated data
- Portability — receive your data in a machine-readable format
- Object — object to processing of your personal data
- Lodge a complaint — with a supervisory authority (e.g., Berliner Beauftragte für Datenschutz und Informationsfreiheit)
To exercise any of these rights, email hello@lucid-oracle.com.
7. Device Storage & Analytics
Lucid Oracle stores your authentication token, refresh token, session state, and basic account record in your browser's localStorage. This storage is strictly necessary to keep you signed in and preserve your account state inside the app. We do not use advertising cookies, tracking pixels, or cookie-based third-party analytics. Plausible Analytics operates without cookies or persistent cross-site identifiers.
8. Third-Party Relationship Data
Some features let you save information about another person, such as a Bond name, zodiac sign, optional birth date, or relationship context. We process that information only to personalize the requesting user's reflection and continuity features. We ask users not to enter unnecessary sensitive data about other people.
9. International Data Transfers
Your data is primarily hosted in the EU (AWS eu-west-1, Ireland). When content is sent to US-based AI providers (OpenAI, Anthropic) or Stripe for processing, these transfers are governed by the EU–US Data Privacy Framework and standard contractual clauses.
10. Changes to This Policy
We may update this privacy policy from time to time. Material changes will be communicated via email or a notice on the website. The "last updated" date at the top reflects the most recent revision.
11. Contact
For privacy-related questions or concerns, contact us at hello@lucid-oracle.com.