Privacy Policy
Last updated: July 2026
1. Overview
This Privacy Policy describes how TikPipe (“the App”), a content scheduling and publishing tool for TikTok creators and social media managers developed by Stephanie Losert, handles information when it interacts with the TikTok platform on behalf of authorized users. TikPipe enables creators and social media managers to connect their own TikTok account and publish video content to it, either directly or as a draft for manual review.
2. Who This Policy Applies To
This policy applies to any TikTok content creator or social media manager who authorizes TikPipe to access their TikTok account via TikTok's OAuth 2.0 Login Kit. Each user authorizes the app independently with their own TikTok credentials and can only manage their own connected account(s).
3. Data Collected via TikTok API
TikPipe uses the following TikTok API scopes:
user.info.basic — used to verify the authenticated user's identity after the OAuth login flow and to display the connected account's name in the dashboard. We retrieve the open_id (an anonymous, TikTok-assigned identifier) and the account's public display_name. No other profile data is accessed or stored.
video.publish — used to publish video content directly to the creator's own TikTok account (Direct Post). During the sandbox / audit phase, all content published through this scope is restricted to private (“Only Me”) visibility, as required by TikTok.
video.upload — used to upload video files to the creator's own TikTok account via the Upload-to-Inbox (Creator Inbox) flow. Videos uploaded this way arrive as drafts and are never published without the creator reviewing and confirming them in the TikTok app.
4. How Data Is Used
- The
open_idand access/refresh tokens are used exclusively to make authorized API calls to TikTok on the creator's behalf (publishing or uploading content they explicitly submitted through the App). - The
display_nameis shown in the App's dashboard so the user can confirm which account is connected. - Video files are uploaded only to the creator's own connected account. No video content is transmitted to any third party other than TikTok.
- No analytics, advertising, or behavioral tracking is performed.
5. Data Storage and Security
In the current version of TikPipe, OAuth tokens and the connected account's display name are stored in encrypted, HTTP-only session cookies in the user's own browser session. They are not stored in a shared database and are not transmitted to any third party other than TikTok itself. As TikPipe grows beyond the sandbox stage, this section will be updated to reflect any change in storage architecture (e.g. a per-account server-side database) before that change goes live.
6. Data Sharing
TikPipe does not share, sell, rent, or otherwise disclose any data obtained via TikTok's API to any third party. The App does not use advertising networks, analytics platforms, or external data processors beyond what is required to operate the App itself (e.g. hosting infrastructure).
7. Data Retention
OAuth tokens are retained only for the lifetime of the browser session cookie (per TikTok's token expiry) and are deleted when the session expires or the user disconnects their account.
8. Your Rights
As the owner of the connected TikTok account, you have full control over your data. You may revoke the App's access at any time through TikTok's connected apps settings at tiktok.com/setting/connected-apps. Revoking access immediately invalidates all tokens.
9. Children's Privacy
TikPipe is not intended for use by individuals under the age of 18. The application is a tool for adult creators and social media professionals only.
10. Changes to This Policy
This Privacy Policy may be updated from time to time. Changes will be reflected in the “Last updated” date at the top of this page.
11. Contact
Stephanie Losert
Email: hallo@tikpipe.com