Privacy Policy

Last updated: July 2026

1. Overview

This Privacy Policy describes how TikPipe (“the App”), a content scheduling and publishing tool for TikTok creators and social media managers developed by Stephanie Losert, handles information when it interacts with the TikTok platform on behalf of authorized users. TikPipe enables creators and social media managers to connect their own TikTok account and publish video content to it, either directly or as a draft for manual review.

2. Who This Policy Applies To

This policy applies to any TikTok content creator or social media manager who authorizes TikPipe to access their TikTok account via TikTok's OAuth 2.0 Login Kit. Each user authorizes the app independently with their own TikTok credentials and can only manage their own connected account(s).

3. Data Collected via TikTok API

TikPipe uses the following TikTok API scopes:

user.info.basic — used to verify the authenticated user's identity after the OAuth login flow and to display the connected account's name in the dashboard. We retrieve the open_id (an anonymous, TikTok-assigned identifier) and the account's public display_name. No other profile data is accessed or stored.

video.publish — used to publish video content directly to the creator's own TikTok account (Direct Post). During the sandbox / audit phase, all content published through this scope is restricted to private (“Only Me”) visibility, as required by TikTok.

video.upload — used to upload video files to the creator's own TikTok account via the Upload-to-Inbox (Creator Inbox) flow. Videos uploaded this way arrive as drafts and are never published without the creator reviewing and confirming them in the TikTok app.

4. How Data Is Used

  • The open_id and access/refresh tokens are used exclusively to make authorized API calls to TikTok on the creator's behalf (publishing or uploading content they explicitly submitted through the App).
  • The display_name is shown in the App's dashboard so the user can confirm which account is connected.
  • Video files are uploaded only to the creator's own connected account. No video content is transmitted to any third party other than TikTok.
  • No analytics, advertising, or behavioral tracking is performed.

5. Data Storage and Security

In the current version of TikPipe, OAuth tokens and the connected account's display name are stored in encrypted, HTTP-only session cookies in the user's own browser session. They are not stored in a shared database and are not transmitted to any third party other than TikTok itself. As TikPipe grows beyond the sandbox stage, this section will be updated to reflect any change in storage architecture (e.g. a per-account server-side database) before that change goes live.

6. Data Sharing

TikPipe does not share, sell, rent, or otherwise disclose any data obtained via TikTok's API to any third party. The App does not use advertising networks, analytics platforms, or external data processors beyond what is required to operate the App itself (e.g. hosting infrastructure).

7. Data Retention

OAuth tokens are retained only for the lifetime of the browser session cookie (per TikTok's token expiry) and are deleted when the session expires or the user disconnects their account.

8. Your Rights

As the owner of the connected TikTok account, you have full control over your data. You may revoke the App's access at any time through TikTok's connected apps settings at tiktok.com/setting/connected-apps. Revoking access immediately invalidates all tokens.

9. Children's Privacy

TikPipe is not intended for use by individuals under the age of 18. The application is a tool for adult creators and social media professionals only.

10. Changes to This Policy

This Privacy Policy may be updated from time to time. Changes will be reflected in the “Last updated” date at the top of this page.

11. Contact

Stephanie Losert

Email: hallo@tikpipe.com