Potential Privacy Issues Requiring Review
Dear Sesame Team,
We are reaching out regarding a potential privacy issue we observed while interacting with your voice AI system. Across multiple calls made without any logged-in account, the system appeared to recognize or persistently identify us over time, including after local cookies were deleted and after several days had passed.
Based on our testing, this raises concern that the system may be using some form of persistent identifier without clear notice or valid user consent. We are still evaluating the mechanism involved, so we are not making assumptions beyond what we can document, but the behavior is significant enough that it should be reviewed immediately by your product, privacy, and legal teams.
We have preserved evidence of our testing, including dates, observed behavior, and supporting materials. Please treat this message as a request to preserve all potentially relevant records relating to our interactions and any associated identification, authentication, profiling, session-linking, voice analysis, retention, or consent logs, including internal policies and model/system documentation relevant to that functionality.
We request a written response addressing the following:
Whether your system uses voiceprints, speaker recognition, or any other biometric or persistent identification method for unauthenticated users.
What notice, disclosure, or consent flow applies to that collection or use.
What data is retained, for how long, and for what purpose.
Whether this functionality can be disabled, and whether any stored data relating to our interactions can be deleted.
We would appreciate a substantive response within 7 calendar days. We are attempting to handle this directly and professionally before deciding on further steps.
Sincerely,
A concerned dev.
trail.elder2182@eagereverest.com