Privacy Policy

Effective Date: May 11, 2026
Last Updated: May 11, 2026

This Privacy Policy describes how HT TikTok Connector ("we", "us", "our", or the "App") collects, uses, stores, and shares information when you install and use our application with your Shopify or Wix store to integrate with TikTok Shop.

By installing or using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please uninstall the App and discontinue use.

1. Who We Are

HT TikTok Connector is a software-as-a-service (SaaS) application that enables merchants to connect their Shopify or Wix stores with TikTok Shop for product synchronization, order management, returns handling, and sales analytics.

For the purposes of data protection law (including the GDPR and UK GDPR), we act as a data processor on behalf of the merchant for end-customer data, and as a data controller for merchant account data and App usage data.

2. Information We Collect

2.1 Merchant Account Information

When you install and use the App, we collect information about you and your store, including:

• Store name, domain, and unique store identifiers (e.g. Shopify shop ID, Wix site ID)
• Merchant contact details (name, email address, business address, phone number)
• Store currency, country, language, and timezone
• Plan and billing information (subscription tier, billing status)
• Authentication tokens and API credentials issued by Shopify, Wix, and TikTok Shop (stored in encrypted form)

2.2 Store and Catalog Data

To provide syncing and integration features, we access and process:

• Product catalog data: titles, descriptions, images, variants, SKUs, barcodes, pricing, inventory levels, categories, tags, and metafields
• Collections, product categorisations, and merchandising rules
• Inventory and stock-level data across locations
• Shipping profiles, fulfilment locations, and rate information
• Discounts, promotions, and pricing rules where relevant to a sync

2.3 Order, Fulfilment, and Returns Data

For order management, fulfilment, and returns workflows (including B2B and wholesale scenarios), we process:

• Order details: order numbers, line items, quantities, totals, taxes, discounts, and currency
• Fulfilment status, tracking numbers, carrier information, and delivery status
• Return and refund requests, return reasons, RMA numbers, and restocking decisions
• Draft orders, purchase orders, and B2B-specific data such as company names, company locations, net payment terms, assigned price lists, and tax exemption status
• Customer-facing order notes and internal staff notes

2.4 End-Customer Personal Data

When required to process orders or returns, we may process personal data belonging to your customers, including:

• Name, email address, and phone number
• Billing and shipping addresses
• Order history associated with the merchant's store
• Company affiliation and B2B buyer role (for B2B merchants)

We do not collect or store full payment card numbers, CVV codes, or bank account details. All payment processing is handled by Shopify, Wix, TikTok Shop, or their approved payment processors.

2.5 Analytics and Usage Data

To power dashboards and analytics features, we aggregate and process:

• Sales metrics, conversion data, and revenue reports per channel
• Product performance, best-sellers, and inventory velocity
• Sync status, sync history, and error logs
• App usage telemetry: pages visited, features used, timestamps, and error events
• Device and connection information: IP address, browser type, operating system, and session identifiers

2.6 TikTok Shop Data

When you connect your TikTok Shop, we access TikTok-side data needed for integration, including your TikTok Shop ID, product listings on TikTok, TikTok orders, TikTok fulfilment events, and TikTok-side return requests.

3. How We Use Information

We use the information we collect to:

• Authenticate your store and maintain secure sessions
• Synchronise products, inventory, pricing, and collections between Shopify/Wix and TikTok Shop
• Route, update, and fulfil orders across sales channels
• Process returns, refunds, and exchanges
• Support B2B workflows including company accounts, custom price lists, wholesale catalogs, and net-term orders
• Provide analytics, reporting, and dashboards
• Send service notifications, sync alerts, and billing communications
• Provide customer support and troubleshoot integration issues
• Enforce subscription entitlements and process billing
• Detect, prevent, and respond to fraud, abuse, or security incidents
• Comply with legal obligations and enforce our terms
• Improve and develop the App's features and reliability

4. Legal Bases for Processing (GDPR / UK GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Contract: to provide the App and its services to merchants
• Legitimate interests: to improve the App, secure our systems, and communicate with merchants
• Legal obligation: to meet tax, accounting, and regulatory requirements
• Consent: where required (for example, for non-essential cookies or marketing emails)

5. How We Share Information

We do not sell personal information. We share information only as described below:

• Platform partners: Shopify, Wix, and TikTok Shop, to enable the integration you requested
• Service providers: cloud hosting, database, logging, email delivery, and error-monitoring vendors that process data on our behalf under written agreements
• Payment processors: for subscription billing (e.g. Shopify Billing API, Stripe, or Wix Payments)
• Legal and regulatory authorities: where required by law, legal process, or to protect rights and safety
• Business transfers: in the event of a merger, acquisition, or sale of assets, subject to equivalent privacy protections

6. International Data Transfers

Your data may be stored and processed in countries other than the one in which you are based, including the United Kingdom, European Economic Area, and United States. Where we transfer personal data across borders, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms.

7. Data Retention

We retain information for as long as your store is connected to the App, and for a limited period afterwards to meet legal, accounting, and operational requirements.

• Active merchants: data retained for the duration of the subscription
• After uninstall: we delete or anonymise merchant and end-customer personal data within 30 days, unless a longer retention period is required by law
• Backup copies: may persist in encrypted backups for up to 90 days before being purged
• Aggregated and anonymised data: may be retained indefinitely for analytics and product improvement

8. Data Security

We take the security of your data seriously and apply industry-standard safeguards, including:

• Encryption of data in transit (TLS/HTTPS) and at rest
• Encryption of API access tokens and sensitive credentials
• Role-based access controls and the principle of least privilege
• Regular security reviews, dependency updates, and vulnerability monitoring
• Audit logging of administrative and sensitive operations
• Secure software development practices and code review

No system is perfectly secure. If we become aware of a breach affecting your data, we will notify you and the relevant authorities as required by law.

9. Your Rights

Depending on your jurisdiction, you or your customers may have the following rights regarding personal data:

• Access a copy of the personal data we hold
• Correct inaccurate or incomplete data
• Request deletion of personal data
• Restrict or object to certain processing
• Request data portability
• Withdraw consent where processing is based on consent
• Lodge a complaint with a supervisory authority

To exercise these rights, contact us using the details at the end of this policy. End customers should typically direct requests to the merchant, who is the controller of their data.

10. Shopify and Wix Platform Requirements

10.1 GDPR Webhooks

We comply with the mandatory Shopify and Wix GDPR webhooks and honour requests for:

• customers/data_request — providing customer data on request
• customers/redact — deleting customer data
• shop/redact — deleting shop data 48 hours after uninstall

10.2 Scopes and Permissions

We request only the scopes necessary to deliver the App's features. You can review the requested scopes during installation and at any time from the app configuration page.

11. Children's Privacy

The App is intended for business use by merchants and is not directed at children under 16. We do not knowingly collect personal data from children.

12. Cookies and Tracking

The App uses strictly necessary cookies and similar technologies to maintain session state, remember preferences, and secure authenticated areas. We do not use advertising cookies or share data with third-party ad networks.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the App or via email. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of the App after changes take effect constitutes acceptance of the updated policy.

14. Contact Us