Privacy Policy

Effective Date: 01/20/2025

Last Updated: 01/20/2025

The Gamelab LLC (“we,” “our,” or “us”) operates Sesame, an access control platform that allows organizations to manage door access for their members. This Privacy Policy outlines how we collect, use, and protect your data when you use Sesame.

1. Data Collection

We collect the following personal data to identify users and ensure secure access control:

  • Name
  • Email address
  • Phone number

Additionally, we use PostHog for analytics to track bugs and improve user experience. However, we do not share this data with third parties nor use it for advertising purposes.

Data We Do Not Collect:

  • Biometric Data: We do not collect or store fingerprints, facial recognition, or any biometric identifiers.
  • Location Data: Sesame does not track or collect location information from users.

2. Data Storage & Security

  • Where is user data stored? User data is stored in the cloud on dedicated instances.
  • How is data protected? We implement industry-standard encryption protocols, securing data both in transit and at rest. While we follow best security practices, we do not hold any formal security certifications.
  • Data Retention: We retain user access information for a rolling period of two (2) years, and this data is accessible to organization administrators.

3. Data Sharing

  • We share access logs with the administrators of the organization that a user belongs to.
  • We do not share user data with any third-party organizations for marketing or advertising.
  • We use PostHog for analytics and bug tracking.

4. User Rights & Controls

Access and Deletion Requests

Users can request access to or deletion of their data by emailing [email protected].

Requests will be processed within 10 business days from confirmation of receipt.

Opting Out of Data Collection

Users may request to opt out of general data collection by emailing [email protected]. However, access control logs cannot be opted out of unless their parent organization explicitly approves such an exemption.

Updating User Information

Users can request changes to their personal information through their organization administrators.

5. Legal Compliance

  • Sesame is not currently subject to GDPR, CCPA, or other regulatory compliance requirements.
  • There are no age restrictions for using Sesame.

6. Contact Information

For privacy-related inquiries, data access, or deletion requests, please contact:

Email: [email protected]