TikFlow

Privacy Policy

Last updated: December 21, 2024

1. Introduction

This Privacy Policy describes how TikFlow ("we", "our", or "Service") collects, uses, and protects your personal information when you use our Service to connect your TikTok account and publish content.

2. Information We Collect

2.1 Information from TikTok

When you connect your TikTok account, we collect:

  • Basic user information (display name, avatar URL, user ID) via the user.info.basic scope
  • OAuth access tokens and refresh tokens (stored securely and encrypted)

2.2 Information You Provide

We collect information you provide when:

  • Uploading videos (video files are transmitted directly to TikTok, not stored by us)
  • Creating posts (captions, privacy settings)
  • Contacting us through the contact form

2.3 Technical Information

We automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Usage data (pages visited, actions taken)

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the Service
  • Authenticate your TikTok account connection
  • Display your connected account information in the dashboard
  • Upload and publish videos to your TikTok account (only when you explicitly click "Export to TikTok")
  • Track post status and history
  • Respond to your inquiries and provide support
  • Improve the Service and user experience
  • Comply with legal obligations

4. Data Storage and Security

4.1 Stateless Architecture

Our Service is designed to be stateless. We do not maintain a traditional database. Session information (including encrypted tokens) is stored in secure, HTTP-only cookies that expire after 30 days of inactivity.

4.2 Video Storage

Video files are not stored on our servers. When you upload a video, it is transmitted directly to TikTok's servers using their Content Posting API. We do not retain copies of your videos.

4.3 Security Measures

We implement security measures to protect your information:

  • Encryption of sensitive data (tokens) using AES encryption
  • Secure HTTP-only cookies
  • HTTPS encryption for all data transmission
  • CSRF protection for OAuth flows
  • Content Security Policy headers

5. Third-Party Services

5.1 TikTok

Our Service integrates with TikTok's APIs. When you use our Service, TikTok may collect information according to their Privacy Policy. We encourage you to review TikTok's Privacy Policy at https://www.tiktok.com/legal/privacy-policy.

We share the following information with TikTok:

  • Video files you upload for publishing
  • Post metadata (captions, privacy settings)
  • OAuth tokens for API authentication

6. Data Retention

We retain your information only as long as necessary to provide the Service:

  • Session data: Stored in encrypted cookies, expires after 30 days of inactivity
  • Post history: Stored locally in your browser (localStorage), cleared when you disconnect or delete your account
  • Contact form submissions: Retained for up to 1 year for support purposes

When you disconnect your TikTok account or delete your account, we immediately delete all stored session data and tokens.

7. Your Rights and Choices

You have the right to:

  • Access: View your connected account information in the dashboard
  • Disconnect: Disconnect your TikTok account at any time through Settings
  • Delete: Delete your account and all associated data through Settings
  • Control Publishing: All publishing actions require your explicit confirmation

8. Children's Privacy

Our Service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. By using the Service, you consent to the transfer of your information to TikTok's servers, which may be located in different jurisdictions.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us through the Contact page.

Legal Disclaimer: This Privacy Policy is provided for informational purposes and may not constitute legal advice. Please consult with a legal professional for specific legal guidance regarding data protection and privacy laws applicable to your jurisdiction.