Privacy & Data Handling

What we actually do
with claim text.

Written from what the system does today — not how we wish it worked. If something here reads honest-to-a-fault, that is intentional. Procurement teams asked the four questions below. These are the answers.

Last updated: April 29, 2026 Status: Draft — not yet a formal policy Service: AgentOracle /evaluate & /research

Four questions, answered

Is claim text stored after verification completes, or deleted? Derived artifacts (evaluation result keyed by SHA-256 hash, claim fingerprints keyed by normalized-text hash) persist in Redis. Raw request bodies are not persisted to a separate log. Evaluation cache expires after 24h. Claim fingerprints persist indefinitely to power the network-effect claim database.
Who at AgentOracle can access submitted claims? The AgentOracle operator at TKCollective LLC. Our hosting and database providers have operational access to their systems (Vercel, Upstash). No other AgentOracle personnel today — there are none.
Is submitted data used to train any models? AgentOracle does not train models on submitted claims. Claim text is forwarded to sub-processors (Perplexity, OpenRouter) whose own terms determine what, if anything, they do with it. We do not enable opt-in training where the provider offers it as a toggle.
Where are servers located and which third parties process the data? Vercel (US-default, multi-region edge), Upstash Redis (US), Perplexity (US), OpenRouter (US), Coinbase CDP for payments (US). No EU data residency commitment today. Full sub-processor list below.

Question 1

What happens to claim text after verification.

When you call POST /evaluate or POST /research, the submitted content follows this path:

1. In-flight

The raw request body is held in process memory for the duration of the call (typically 3–8 seconds for /evaluate, up to 20 seconds for /research). It is sent to each of our verification sources in parallel and is not written to any persistent log keyed by raw text.

2. At completion (persistent artifacts)

Two derived artifacts persist in Upstash Redis:

Evaluation cache — keyed by the first 16 characters of the SHA-256 hash of the submitted text. Value is the full evaluation response (verdicts, confidence scores, citations, source URLs). TTL: 86,400 seconds (24 hours) after which it is removed automatically.
Claim fingerprints — keyed by the first 24 characters of a base64-encoded lowercased-and-trimmed claim string. Value is {verdict, confidence, last_verified, times_seen}. No TTL — persists indefinitely to power the cross-agent claim memory that makes repeat verifications faster and cheaper.

Honest note on the fingerprint key. Truncated base64 of normalized text is a weak one-way function. For a short or distinctive claim, it is theoretically reversible via dictionary attack against the 24-character keyspace. We will migrate to a full SHA-256 keyed fingerprint in v2.3. Until then: if you would not publish your claim text in plain sight, treat the fingerprint database the same way.

3. Traffic log

For each request we append a minimal entry to a daily traffic log in Redis: request path, truncated origin, user-agent (truncated to 200 chars), truncated source IP, timestamp. The claim text is not included in the traffic log. Trimmed to the most recent 10,000 entries per day.

4. Deletion on request

Email privacy@agentoracle.co with the claim text (or a unique portion of it) and we will manually remove the matching cache and fingerprint entries within 48 hours of the email. We will acknowledge in writing when the deletion is complete.

Question 2

Who has access.

AgentOracle is operated by TKCollective LLC — a single-operator team today. Operational access to stored data is limited to:

The AgentOracle operator — one person at TKCollective LLC. Full access via Upstash Redis console and Vercel dashboard.
Upstash (our Redis host) — operational access to the database infrastructure per their standard cloud provider role.
Vercel (our hosting) — operational access to running process memory and platform logs per their standard cloud provider role.

No other AgentOracle personnel today. No contractors, no support team, no sales team. If that changes we will publish a sub-processor update here.

As the team grows, access will be scoped by role (dev, ops, support) with audit logging before granting any team member database access. That policy is not yet written down; we will add it here when it is.

Question 3

Training.

AgentOracle does not train machine learning models. We operate an inference pipeline; no model weights are produced or fine-tuned on our infrastructure from user submissions.

However, your claim text is forwarded to third-party LLM providers to produce the verification. Whether those providers use your text for training depends on their terms and your chosen tier of our service:

Sub-processor	Our API tier	Training disposition
Perplexity Sonar / Sonar ProPrimary verification source	API / pay-as-you-goReviewed Apr 2026	Per Perplexity's current privacy policy, API inputs are covered by different terms than the consumer product. We do not enable any training-opt-in setting Perplexity exposes. Enterprise customers requiring a no-training commitment should require we move to a dedicated Perplexity enterprise tier as part of contract.
OpenRouter → Gemma 4Adversarial refutation model	OpenRouter APIRouting to Google Gemma	We set HTTP-Referer: agentoracle.co. Training disposition depends on OpenRouter's current terms and the underlying model provider's data use. We do not enable training-opt-in where exposed.
Coinbase CDPx402 payment facilitation	CDP API	Payment metadata only — wallet address, amount, chain. No claim text passes to Coinbase.

Bottom line. We don't train. We can't make unilateral promises about what Perplexity or OpenRouter do with inputs under their API terms. If an enterprise agreement requires a written no-training commitment for all sub-processors, we can move to enterprise-tier contracts with them and put it in writing; that is a pilot-scope conversation, not a default of the free or pay-per-query tier.

Question 4

Servers and sub-processors.

AgentOracle runs on the following infrastructure. All sub-processors have their own privacy and security posture, linked below.

Sub-processor	Role	Data processed	Region
Vercel	Hosting & edge compute	All request / response bodies in-flight; platform logs	US default, multi-region edge
Upstash	Redis database	Evaluation cache (24h TTL); claim fingerprints; traffic log metadata	US (us-east-1)
Perplexity	Primary verification (Sonar / Sonar Pro)	Claim text forwarded as API prompt	US
OpenRouter	Adversarial refutation (Gemma 4)	Claim text forwarded as API prompt	US
Coinbase CDP	x402 facilitator (Base mainnet)	Wallet address, amount, payment metadata only	US

Data residency

No EU, UK, or Canada data residency commitment today. Traffic from any region routes through our US-region providers above. An enterprise agreement that requires regional residency is scoped at pilot time; we cannot unilaterally promise it on the default tier.

Security

TLS 1.2+ for all inbound and outbound traffic
Secrets stored as Vercel sensitive environment variables (not in source control)
Private signing keys for receipt verification live only in the issuer environment; the public JWK set is published at /.well-known/jwks.json
security.txt at /.well-known/security.txt for responsible disclosure (coming this week)

What we do not have yet. SOC 2 Type II. ISO 27001. Formal Data Processing Agreement. Written incident response runbook. Penetration test report. Written breach notification SLA. These are documented as gaps rather than papered over — ask during a pilot conversation and we will tell you our timeline for each.

Getting in touch

Data requests and questions.

For any of the following, email privacy@agentoracle.co:

Request deletion of a specific claim or fingerprint
Request a copy of what we have about a specific claim
Request a Data Processing Agreement (DPA) — available on commercial agreement
Report a security issue or suspected misuse
Ask anything on this page that is unclear

We respond in writing, usually within one business day.

Operating entity: TKCollective LLC (d/b/a AgentOracle)
Contact: privacy@agentoracle.co
For commercial inquiries: joe@agentoracle.co

Status

What this page is — and isn't.

This document describes how AgentOracle handles data today. It is a truthful data-handling disclosure written to answer specific procurement questions. It is:

Not a GDPR-compliant privacy policy
Not a CCPA-compliant privacy policy
Not a Data Processing Agreement
Not a Terms of Service

Those documents are scoped at enterprise-pilot time so they can reflect the actual commitments we sign. Committing to a formal policy we cannot yet operationally prove would be worse than publishing what we actually do.

If you're a procurement / security / compliance reviewer evaluating AgentOracle: this page was written for you. Everything above can be verified against running system behavior on request.

What we actually dowith claim text.