1. Introduction
Toktify ("we", "our", or "us") operates the website toktify.site. This Privacy Policy describes how we collect, use, and protect your information when you use our services. By using Toktify, you agree to the collection and use of information in accordance with this policy.
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and applicable TikTok Platform policies.
2. Information We Collect
We collect the following categories of information:
- Account Information: Email address, display name, and hashed password when you register directly.
- TikTok Data: When you connect your TikTok account via OAuth, we receive your TikTok user ID, display name, profile picture, and the permissions you explicitly grant. We only request the minimum permissions necessary.
- Usage Data: Tools used, content generated (hashtags, scripts), scheduled posts, and feature interactions.
- Technical Data: IP address, browser type, device type, operating system, and access timestamps.
- Cookies: Authentication session cookies and preference cookies. See Section 8 for details.
3. TikTok Integration & OAuth
Toktify integrates with TikTok via the official TikTok Login Kit and Content Posting API. When you connect your TikTok account:
- You will be redirected to TikTok's official authorization page to grant permissions.
- We request only the minimum permissions necessary:
user.info.basic (display name, avatar, open_id) and video.list (your public video metadata for analytics). - We store your TikTok access token securely in our database (Supabase) using encryption at rest.
- We never post content to your TikTok account without your explicit, manual action.
- We never sell, rent, or share TikTok user data with third parties for advertising or commercial purposes.
- We never use TikTok data to build profiles for targeting, profiling, or any purpose outside of providing the Service to you.
- We never access, store, or distribute TikTok content in ways that violate TikTok's Terms of Service or Platform Policies.
- TikTok data is used solely to display your profile and analytics within your Toktify dashboard.
- You can revoke our access at any time via TikTok Settings → Privacy → Apps and Websites → Manage Apps.
TikTok's own Privacy Policy applies to your TikTok account and activity on TikTok: tiktok.com/legal/privacy-policy
3a. TikTok Data Deletion
You have the right to request deletion of all TikTok data we hold about you. To delete your TikTok data:
- Option 1: Disconnect your TikTok account from your Toktify dashboard — this immediately deletes your TikTok access token and profile data from our database.
- Option 2: Delete your Toktify account via Settings → Delete Account — all data including TikTok data is permanently deleted within 30 days.
- Option 3: Email us at privacy@toktify.site with subject "TikTok Data Deletion Request" and we will delete all your TikTok data within 72 hours.
- Revoking access via TikTok's app settings also invalidates your token and we will not be able to access your TikTok data going forward.
4. How We Use Your Information
- To provide and maintain the Service
- To authenticate your identity and manage your account
- To display your TikTok analytics and profile data
- To enable content scheduling and AI-powered tools
- To improve and personalize the Service
- To send important service notifications (not marketing without consent)
- To detect and prevent fraud or abuse
- To comply with legal obligations
5. Data Sharing & Third Parties
We do not sell your personal data. We share data only with:
- Supabase — Database and authentication infrastructure (EU/US servers). Privacy Policy
- Vercel — Hosting and deployment platform. Privacy Policy
- Groq — AI inference for hashtag and script generation. Your input prompts are processed but not stored. Privacy Policy
- TikTok — When you connect your account, TikTok's API provides us with authorized data.
- Legal authorities — When required by applicable law or legal process.
6. Data Retention
- Account data is retained as long as your account is active.
- TikTok OAuth tokens are stored until you disconnect your TikTok account or revoke access.
- If you delete your account, we delete all personal data within 30 days.
- Anonymized usage analytics may be retained for up to 2 years.
7. Your Rights (GDPR)
If you are in the European Economic Area, you have the following rights:
- Right to Access — Request a copy of your personal data.
- Right to Rectification — Request correction of inaccurate data.
- Right to Erasure — Request deletion of your personal data ("right to be forgotten").
- Right to Restriction — Request restriction of processing your data.
- Right to Portability — Receive your data in a machine-readable format.
- Right to Object — Object to processing of your data.
- Right to Withdraw Consent — Withdraw consent at any time without affecting prior processing.
To exercise any of these rights, email us at: privacy@toktify.site
8. Cookies
We use the following types of cookies:
- Essential cookies — Required for authentication and session management. Cannot be disabled.
- Preference cookies — Remember your settings (e.g., language, connected TikTok username).
- Analytics cookies — Anonymous usage data to improve the Service. You can opt out.
You can manage cookie preferences through the cookie banner on our site or your browser settings.
9. Security
We implement industry-standard security measures including HTTPS encryption, hashed passwords (bcrypt), encrypted token storage, and access controls. However, no method of transmission over the Internet is 100% secure.
10. Children's Privacy
Toktify is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance.
12. Contact Us
For privacy-related questions or to exercise your rights: