Privacy Policy

1. INFORMATION WE COLLECT

Account Information:

• TikTok profile data (username, display name, profile picture, follower count)
• TikTok authentication tokens and access credentials
• Video performance metrics (views, likes, comments, shares)
• Campaign participation and submission data

Payment Information:

• M-Pesa phone numbers for payouts (KES 50 per 1,000 likes)
• Transaction history and payout records (daily limits: KES 10K-20K)
• Subscription plan data (Gold/Platinum/Diamond: KES 1K-5.5K/month)
• Affiliate commission records (30% direct, 5% indirect, 4 levels)
• Campaign participation tracking (3-10 campaigns per month)

Usage Data:

• Platform activity logs and interaction data
• Device information and IP addresses
• Browser type, operating system, and referral sources
• Cookies and tracking technologies

2. HOW WE USE YOUR INFORMATION

We use collected information to:

• Calculate and process video payouts (KES 50 per 1,000 likes)
• Manage affiliate commissions (30% direct, 5% indirect up to 4 levels)
• Enforce campaign participation limits (3-10 per month based on plan)
• Apply daily payout limits (KES 10,000-20,000 based on subscription)
• Process monthly subscription billing (KES 1,000-5,500)
• Track TikTok video performance and engagement metrics
• Facilitate M-Pesa payments through Swapuzi integration
• Monitor platform usage and prevent fraud or abuse
• Communicate about account status, limits, and platform updates
• Comply with legal obligations and enforce our terms

3. INFORMATION SHARING & DISCLOSURE

We may share your information with:

• TikTok: Through API integrations for content posting and metrics
• Payment Processors: Swapuzi and other financial service providers
• Campaign Sponsors: Performance metrics and content data for campaigns you join
• Legal Authorities: When required by law or to protect our rights
• Service Providers: Third-party vendors supporting platform operations
• Business Transfers: In case of merger, acquisition, or asset sale

4. DATA SECURITY & PROTECTION

Security Measures:

• Encrypted data transmission and storage
• Access controls and authentication systems
• Regular security audits and monitoring
• Secure payment processing through certified providers

5. DATA RETENTION

We retain information:

• Account data: Until account deletion or 2 years of inactivity
• Payment records: 7 years (video payouts, affiliate commissions, subscriptions)
• TikTok performance data: 2 years for payout calculations
• Campaign participation history: 2 years for limit enforcement
• Usage logs: 12 months for platform optimization
• Legal compliance data: As required by Kenyan and international laws

6. COOKIES & TRACKING

We use cookies for:

• Authentication and session management
• Platform functionality and user preferences
• Analytics and performance monitoring
• Security and fraud prevention

Users can control cookies through browser settings, but this may affect platform functionality.

7. THIRD-PARTY INTEGRATIONS

Our platform integrates with:

• TikTok API: Subject to TikTok's privacy policy and terms
• Firebase: Google's privacy policy applies to data storage
• Swapuzi: Payment processor with separate privacy terms
• Analytics Services: For platform improvement and monitoring

We are not responsible for third-party privacy practices. Users should review all third-party privacy policies.

8. USER RIGHTS & CONTROLS

Depending on your location, you may have rights to:

• Access your personal information
• Correct inaccurate data
• Delete your account and associated data
• Restrict or object to certain processing
• Data portability (where technically feasible)

Contact us through the platform to exercise these rights. We may require identity verification and have up to 30 days to respond.

9. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries outside your residence, including Kenya, the United States, and other jurisdictions where our service providers operate. By using our platform, you consent to such transfers.

10. CHILDREN'S PRIVACY

Our platform is not intended for users under 18. We do not knowingly collect information from minors. If we discover such collection, we will delete the information immediately.

11. CALIFORNIA PRIVACY RIGHTS

California residents have additional rights under CCPA, including the right to know about personal information collection, sale, and disclosure. We do not sell personal information to third parties.

12. GDPR COMPLIANCE

For EU residents, we process data based on legitimate interests, contractual necessity, or consent. You have rights to access, rectify, erase, restrict, and port your data, as well as object to processing.

13. POLICY UPDATES

We may update this policy at any time. Material changes will be communicated through the platform or email. Continued use after updates constitutes acceptance of the revised policy.

14. DATA BREACH NOTIFICATION

In case of a data breach affecting your information, we will notify you and relevant authorities as required by law, typically within 72 hours of discovery.

15. CONTACT INFORMATION

For privacy-related questions or requests:

• Use the platform's support system
• Email: privacy@heartsontiktok.com
• Response time: Up to 30 business days