Privacy Policy

1. Introduction & Scope

Appicorn (“we,” “our,” or “us”) operates as an internal content management platform used exclusively by our company and authorized team members. This Privacy Policy explains how we collect, use, and protect information when our employees and contractors use our TikTok content management tools.

This platform is not a public SaaS product. Access is restricted to our company personnel who manage TikTok content for owned or authorized brand accounts.

2. Information We Collect

2.1 Internal User Information

• Employee/Contractor Data: Name, email address, role, and department for authorized platform users
• Account Credentials: Secure login information for platform access
• Activity Logs: Actions performed within the platform for audit and security purposes

2.2 TikTok Account Data

When connecting TikTok accounts owned or authorized by our company:

• Account Information: TikTok username, profile details, and follower counts for connected accounts
• Access Tokens: Encrypted OAuth tokens for authorized API access (stored with enterprise-grade encryption)
• Content Data: Drafts, scheduled posts, and publishing history for content management purposes
• Analytics: Performance metrics (views, likes, comments) for accounts we manage

Important: We only connect to TikTok accounts that our company owns or has explicit written authorization to manage.

2.3 Technical Data

• Log Data: IP addresses, browser types, timestamps, and device information for security monitoring
• Usage Analytics: Feature usage patterns to improve internal workflows
• Error Logs: Technical diagnostic information for platform maintenance

3. How We Use Information

We use collected information solely for legitimate business purposes:

• To provide platform access to authorized company personnel
• To manage TikTok content for our owned and authorized brand accounts
• To maintain platform security and prevent unauthorized access
• To generate internal reports on content performance and publishing activity
• To comply with legal obligations and TikTok's platform requirements
• To troubleshoot technical issues and improve internal workflows

4. TikTok Data Handling

Our platform connects to TikTok exclusively through the official TikTok for Developers API. We only request permissions necessary for content management on accounts our company owns or has explicit authorization to manage.

• All TikTok access tokens are encrypted at rest using AES-256 encryption
• API communications use TLS 1.3 encryption in transit
• Access tokens are never logged, exposed in URLs, or shared with unauthorized personnel
• Token refresh mechanisms comply with TikTok's security guidelines

5. Data Security

We implement enterprise-grade security measures:

• Encryption of sensitive data in transit (TLS 1.3) and at rest (AES-256)
• Multi-factor authentication for platform access
• Role-based access controls limiting data visibility to authorized personnel
• Regular security audits and vulnerability assessments
• Employee security training and background checks

6. Your Rights

Authorized platform users have the following rights regarding their personal data:

• Access: Request information about data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Portability: Request export of your data in a structured format

7. Contact Information