Privacy Policy

Last updated April 1, 2026

Data Collection

None. Sesame makes zero network calls. There are no analytics, no crash reporting, no telemetry, and no third-party SDKs. The app does not communicate with any server, ever.

Keychain Storage

Your TOTP and HOTP secrets are stored in the iOS Keychain, which is hardware-encrypted by the Secure Enclave on your device. These secrets are inaccessible to other apps and are never transmitted.

Backups

Backups are optional and user-initiated. They are encrypted with AES-GCM using a key derived via Argon2id from a password you choose. Backups can be stored in your own iCloud Drive or exported as a file. Sesame has no server and never receives your backup data.

Third Parties

None. Sesame includes no third-party SDKs, no advertising frameworks, and no tracking libraries.

Contact

Questions about this policy? Reach out at sam@samking.studio