Effective date: June 11, 2026 | Last updated: June 11, 2026
1. Who We Are
TokWriter is operated by Practical Business AI (PBAI). TokWriter is an official TikTok Shop Partner application that helps TikTok Shop creators and sellers write compliant, high-converting video scripts. This policy explains what data we collect, why, how we use it, and how you can control it.
2. What Data We Collect
2.1 Account Data
When you create an account, we collect your email address and an authentication token. If you sign in via magic link, we store only your email. If you set a password, it is hashed and never stored in plain text.
2.2 Scripts You Generate
When you use TokWriter to generate, analyze, or check scripts, we store the product name, category, script text, and AI analysis results in your account history so you can access them later. You can delete individual scripts from your history at any time.
2.3 TikTok Shop Data (via API)
If you choose to connect your TikTok Shop account, we access your data through the official TikTok Shop Partner API using OAuth authorization. We access:
- Product catalog data — product names, images, prices, and categories for products you sell or promote as an affiliate
- Showcase products — products in your TikTok Shop showcase
We do NOT access: your order data, financial data, customer data, personal messages, video content, follower lists, or any data beyond what is needed to help you write scripts for your products.
2.4 Usage Data
We collect anonymous pageview data (page visited, timestamp, referrer) to understand how TokWriter is used. No personal identifiers are attached to this data.
3. How We Use Your Data
We use your data solely to provide TokWriter's script writing and compliance checking services. Specifically:
- Product data from TikTok Shop is used only to auto-fill product details for script generation. It is not stored beyond your active session unless you explicitly save a script.
- Script history is stored so you can access past scripts. You control what is saved.
- Account data is used for authentication and to associate your scripts with your account.
4. What We Do NOT Do With Your Data
In compliance with the TikTok Shop Partner Terms of Service:
- We do NOT sell your data to anyone, ever.
- We do NOT aggregate subscriber data (your TikTok Shop product data) for our own purposes.
- We do NOT share your TikTok Shop data with third parties.
- We do NOT use your product data for competitive intelligence, analytics, or any purpose other than generating scripts for you.
- We do NOT retain TikTok Shop API data longer than necessary. Product data fetched from the API is used for your current session and is not permanently stored.
5. TikTok Shop API Authorization
When you connect your TikTok Shop account:
- You are redirected to TikTok's official OAuth screen where you review and approve the specific permissions TokWriter requests.
- TokWriter receives an access token that expires after 7 days. We refresh it automatically while your account is connected.
- You can disconnect your TikTok Shop account at any time from your TokWriter settings. When you disconnect, we immediately delete your access token and all cached TikTok Shop data.
- If you revoke access from TikTok's side (via TikTok Shop Partner Center), we cease all data access immediately upon token expiration.
6. Data Storage and Security
- Account and script data is stored in Supabase (hosted on AWS) with row-level security policies.
- All data transmission uses TLS encryption.
- TikTok Shop API tokens are stored encrypted and are never exposed to the client browser.
- We follow minimum-retention practices: data that is no longer needed is deleted promptly.
7. Your Rights
You have the right to:
- Access your data — view your scripts and account information at any time.
- Delete your data — delete individual scripts, or request full account deletion by contacting us.
- Disconnect TikTok Shop — revoke API access at any time from TokWriter settings or from TikTok's Partner Center.
- Export your data — copy or print any script from TokWriter at any time.
8. AI-Generated Content
TokWriter uses AI (Claude by Anthropic) to generate scripts and analyze compliance. AI output is a suggestion only. You are responsible for reviewing all generated content for accuracy before use. TokWriter's compliance checks are policy-informed risk assessments, not guarantees of TikTok approval. Always verify compliance with TikTok's current policies before posting.
9. Cookies and Local Storage
TokWriter uses localStorage in your browser to store authentication tokens and UI preferences. We do not use third-party tracking cookies. Anonymous pageview analytics do not use cookies.
10. Changes to This Policy
We may update this policy as TokWriter's features evolve. Material changes will be communicated via the app or email. The "last updated" date at the top reflects the most recent revision.
11. Contact
For privacy questions, data deletion requests, or concerns:
Email: [email protected]
Company: Practical Business AI (PBAI)