Privacy Policy
01 What We Collect
Face photos. When you use the Face Reading feature, you upload a photo. That photo is sent to our server as base64-encoded image data, passed to the AI model for analysis, and then immediately deleted. We do not save your photo to disk, a database, or any storage service.
Divination questions. When you submit a question for an I Ching reading, we store the question text alongside your reading result so you can review past readings in your account history.
Account information. If you create an account, we store your email address and a bcrypt password hash. We never store your password in plain text.
Session data. We use a session cookie (yx_sid) to keep you logged in across page loads. Session data is stored server-side; the cookie only holds an opaque session identifier.
Analytics events. We collect basic usage events (page views, feature interactions) to understand how people use YiXiang and improve the product. If you have consented to the Meta Pixel, additional behavioral events may be collected for advertising measurement. See the Cookies section for details.
02 How We Use Your Data
- Face photos — used exclusively to generate your face reading. Analyzed once, then gone. Never stored, never shared, never used to train any model.
- Divination questions and readings — displayed in your account history so you can revisit past insights. Not shared with third parties.
- Email address — used to send you transactional emails (account confirmation, password reset, receipts). We do not send marketing email without your explicit opt-in.
- Session data — used only to authenticate your requests while you are logged in.
- Analytics — used in aggregate to understand usage patterns and improve the product. We do not sell or share individual-level analytics data.
03 Face Photo Processing
Face photos are biometric-adjacent data and we treat them accordingly. Here is the complete lifecycle of your photo:
Step 1 — Upload. Your browser encodes the photo as base64 and sends it over HTTPS to our server. It never touches our file system or object storage.
Step 2 — Analysis. We pass the image data to OpenAI's GPT-4V API (now GPT-4o with vision) along with a physiognomy analysis prompt. OpenAI processes the image and returns a text response.
Step 3 — Deletion. Immediately after we receive OpenAI's response, the image data is discarded from memory. Nothing is written to disk, database, or logs.
Step 4 — Result returned. Only the text reading is returned to your browser and, if you are signed in, saved to your account history.
We have entered into a Data Processing Agreement (DPA) with OpenAI. Under that agreement, OpenAI does not use API-submitted data (including images sent via the API) to train its models. OpenAI's API data handling is governed by their API Data Usage Policies.
If you are in the EU or California, the legal basis and additional rights applicable to facial image processing are described in the GDPR and CCPA sections below.
04 Data Retention
| Data Type | Retention Period |
|---|---|
| Face photos | 0 days Never stored |
| Account information (email, password hash) | While your account is active, plus 90 days after you delete your account |
| Divination readings (questions + results) | Until you delete your account (or delete individual readings) |
| Face reading results (text only, no photo) | Until you delete your account |
| Payment records | 7 years (legal and tax compliance requirement) |
| Analytics events | 1 year, then aggregated or deleted |
| Session data | 30 days of inactivity, or until you log out |
When you delete your account, we initiate deletion within 7 days. The 90-day buffer for account data exists to allow dispute resolution and fraud prevention. Payment records are retained longer due to legal obligations; personal identifiers in those records are minimized.
05 International Data Transfers
YiXiang is operated from the United States. Our servers are hosted in US data centers (Render / Vercel). If you access YiXiang from outside the United States, your data will be transferred to and processed in the US.
For EU/EEA users: transfers of your personal data to the US are governed by Standard Contractual Clauses (SCCs) as adopted by the European Commission. Our hosting providers and sub-processors (listed below) have agreed to SCCs or are covered by equivalent transfer mechanisms.
06 Third-Party Services
We work with a small number of carefully selected sub-processors:
- OpenAI — AI analysis (face reading and I Ching interpretation). We have a signed Data Processing Agreement. API-submitted data is not used for training. OpenAI API Policy →
- Stripe — Payment processing. Stripe is PCI-DSS Level 1 compliant. We never see or store your full card number. Stripe Privacy Policy →
- Postmark — Transactional email (account confirmation, password reset, receipts). Postmark does not use your email address for any purpose beyond delivery. Postmark Privacy Policy →
- Render / Vercel — Application and static file hosting. Your data is stored on servers they operate on our behalf. Both services are SOC 2 compliant.
- Meta (Facebook) Pixel — Advertising measurement, loaded only if you have consented to analytics cookies. See the Cookies section for details and how to opt out.
We do not sell, rent, or trade your personal information to any third party for their own marketing purposes.
07 Your Rights
You can exercise any of the following rights at any time by emailing yixiang@polsia.app:
- Access. Request a copy of the personal data we hold about you.
- Correction. Ask us to correct inaccurate or incomplete data.
- Deletion. Ask us to delete your account and all associated personal data. We will action this within 7 days, subject to legal retention obligations.
- Portability. Request your data in a structured, machine-readable format.
- Objection. Object to processing based on legitimate interests.
We will respond to all requests within 30 days. For complex requests we may extend this by up to 60 additional days with notice.
You can also delete your account directly from your account settings page, which triggers immediate deletion of your readings and queues account data for deletion within 7 days.
08 CCPA — California Residents
We do not sell your personal information. We have not sold personal information in the preceding 12 months and do not intend to. We do not share personal information with third parties for cross-context behavioral advertising without your consent.
Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), California residents have the following rights:
- Right to Know. You can request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, our business purpose for collecting it, and the categories of third parties we share it with.
- Right to Delete. You can request deletion of personal information we have collected, subject to certain exceptions (e.g., information we are required to retain by law).
- Right to Correct. You can request correction of inaccurate personal information.
- Right to Opt Out. Because we do not sell personal information, there is nothing to opt out of. If that changes, we will update this policy and provide a "Do Not Sell or Share My Personal Information" link.
- Right to Non-Discrimination. We will not discriminate against you for exercising your CCPA rights.
To exercise any of these rights, email yixiang@polsia.app. We will verify your identity before responding to deletion or access requests.
09 GDPR — EU / EEA Residents
Lawful bases for processing:
- Consent (Article 6(1)(a) and Article 9(2)(a)). Processing of facial image data (a special category under GDPR Article 9) is based on your explicit consent, given when you choose to upload a photo for a face reading. You can withdraw this consent at any time — since photos are never stored, withdrawal is effective immediately for future readings.
- Contract performance (Article 6(1)(b)). Processing your email and account data is necessary to create and maintain your account and deliver the service you have signed up for.
- Legitimate interests (Article 6(1)(f)). Aggregate, non-identifiable analytics used to improve the product.
- Legal obligation (Article 6(1)(c)). Retention of payment records for tax and financial compliance.
Right to withdraw consent. Because face photos are processed on the basis of consent, you can withdraw that consent at any time simply by not submitting further photos. There is no stored photo to delete — withdrawal takes effect immediately for any future reading.
Additional rights under GDPR:
- Right of access (Article 15)
- Right to rectification (Article 16)
- Right to erasure / "right to be forgotten" (Article 17)
- Right to restriction of processing (Article 18)
- Right to data portability (Article 20)
- Right to object (Article 21)
- Rights related to automated decision-making and profiling (Article 22) — our readings are AI-generated but do not produce legal or similarly significant effects; they are for personal entertainment and reflection.
To exercise any of these rights, email yixiang@polsia.app. You also have the right to lodge a complaint with your local supervisory authority (e.g., the ICO in the UK, CNIL in France, or the DPA in your member state).
10 Cookies
We use a minimal number of cookies:
- yx_sid — Session cookie. Set when you log in. Contains only an opaque session identifier; no personal data is stored in the cookie itself. Expires after 30 days of inactivity or when you log out. This cookie is strictly necessary for the service to function.
- Meta Pixel cookies (_fbp, _fbc) — Analytics and advertising measurement cookies set by Meta (Facebook). These are only loaded if you have given consent to analytics cookies. They help us understand how users arrive at YiXiang and measure the effectiveness of any advertising we run. You can withdraw consent at any time by clicking the cookie preferences link in the footer, or by opting out via Meta's privacy settings.
We do not use any third-party tracking cookies beyond the Meta Pixel described above. We do not use cookies for profiling, cross-site tracking, or any purpose beyond what is described here.
11 Contact
If you have questions about this policy, want to exercise your rights, or have a concern about how we handle your data, please reach out:
Email: yixiang@polsia.app
Product: YiXiang, operated by Polsia
Website: yixiang.polsia.app
We aim to respond to all privacy-related inquiries within 5 business days.
12 Changes to This Policy
If we make material changes to this policy — for example, if we start storing face photos, add new sub-processors, or change our legal bases for processing — we will notify you by email (if you have an account) and update the "Last updated" date at the top of this page.
Continued use of YiXiang after the effective date of a revised policy constitutes your acceptance of the changes. If you do not agree with the changes, you can delete your account before the effective date.