What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: This policy engages GDPR and UK GDPR (lawful basis requirements, data subject rights, restrictions on biometric data processing under Article 9, cross-border transfer mechanisms), CCPA/CPRA (right to know, delete, opt out of sale/sharing of personal information, sensitive personal information restrictions), COPPA (age verification and minor user data restrictions), Singapore PDPA (as the entity is incorporated there), and potentially the EU AI Act (given explicit use o…

How does TikTok Ads's TikTok Privacy Policy affect users?

The policy establishes that TikTok collects and processes biometric-adjacent data (facial and body features from videos), keystroke patterns, precise location data (where permitted), clipboard content, and phone contacts alongside off-platform behavioral data provided by advertiser partners to develop advertising profiles. This data is used to deliver personalized advertising both within and outside TikTok's platform, train machine learning models, and may be shared with corporate affiliates, a…

How often is TikTok Ads's TikTok Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when TikTok Ads updates this document?

Yes. Monitor subscribers ($19/month) can add TikTok Ads to their watchlist and receive same-day email alerts whenever this document or any other TikTok Ads document changes.

CA-D-000673

TikTok Privacy Policy

TikTok Ads

Last change detected May 5, 2026 Privacy policy

SHA-256: 4ea25d87dda793e626e… 2 versions captured 1 change documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at TikTok Ads ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

10 Total

4 High severity

5 Medium severity

1 Low severity

Summary

This document establishes TikTok's global privacy policy governing personal data collection, processing, and sharing for users of its app and website. The policy authorizes collection of location data, biometric features extracted from video content, keystroke patterns, device contacts, and off-platform shopping and browsing behavior supplied by advertising partners, with this data used to construct user profiles for personalized advertising served on and off the TikTok platform. Users may access, modify, or request deletion of personal data through TikTok's Privacy Center, with availability of these rights varying by jurisdiction.

Technical / Legal Breakdown

This document is TikTok's global Privacy Policy (last updated July 8, 2025), governing data collection, processing, and sharing practices for TikTok apps, websites, and related services operated by TikTok Pte. Ltd. (Singapore), and applies to all users of the Platform outside jurisdictions with separate dedicated policies. The policy states that TikTok collects an extensive range of personal data including account credentials, user-generated content and associated metadata, messages and message metadata, precise and approximate location, device identifiers (including keystroke patterns and audio settings), face and body feature data extracted from videos and images, clipboard content, phone and social network contacts, and off-platform behavioral data supplied by advertisers and business partners; the terms authorize use of this data for purposes including personalized advertising on and off the Platform, training machine learning models and algorithms, inferred profiling of age, gender, and interests, and sharing with corporate affiliates, advertisers, measurement partners, and independent researchers. The policy's scope of biometric-adjacent data collection (face and body feature identification from user content) and the explicit authorization to use user content in advertising and marketing campaigns, combined with broad off-platform data ingestion from advertiser partners, are operationally notable; the agreement asserts these rights on a global basis, though applicable law in specific jurisdictions (including GDPR in the EU/EEA, UK GDPR, CCPA/CPRA in California, and PDPA in Singapore) may constrain the legal bases, consent requirements, and data subject rights that govern these practices in practice. The policy engages GDPR, UK GDPR, CCPA/CPRA, COPPA (given minor-user considerations), Singapore PDPA, and potentially the EU AI Act given AI/ML training uses; material compliance considerations include the adequacy of consent mechanisms for biometric-adjacent processing, the legal basis for cross-context behavioral advertising, and the robustness of data subject rights mechanisms across jurisdictions.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

1 important change detected

2 versions captured · Last updated: May 2026

May 5, 2026

high

What changed TikTok Ads replaced its U.S.-specific privacy policy with language covering "other regions." The controlling entity shifted from TikTok USDS Joint Venture LLC to TikTok Pte. Ltd., a Singapore-registered company.

Why this matters The updated policy changed the controlling entity from TikTok USDS Joint Venture LLC to TikTok Pte. Ltd., a Singapore-registered company. The U.S.-specific privacy policy language was replaced with terms covering "other regions." Users previously governed under U.S. privacy protections are now subject to different jurisdictional terms.

View full change record →

High — 4 provisions

Face and Body Feature Data Collection Compare →

TikTok analyzes the videos and images you upload to identify faces, body features, and other attributes, and uses this information for purposes including personalizing ads and classifying your demographic profile.

Added May 10, 2026 Standard Seen across 284 platforms
Off-Platform Behavioral Data Ingestion for Ad Targeting Compare →

Advertisers and data partners send TikTok information about your activity on other websites, apps, and in physical stores, including what you buy, and TikTok uses this to match you to your account and target you with personalized ads on and off TikTok.

Added May 10, 2026 Standard Seen across 252 platforms
Keystroke Pattern and Device Sensor Data Collection Compare →

TikTok collects information about how you type on your device, including the rhythm and patterns of your keystrokes, as well as detailed device and sensor information.

Added May 10, 2026 Common Seen across 170 platforms
Data Sharing with Corporate Group Affiliates Compare →

TikTok may share your personal data with other companies within its corporate group, including affiliated entities and subsidiaries, for a range of stated operational purposes.

Added May 10, 2026 Standard Seen across 252 platforms

Medium — 5 provisions

Machine Learning and Algorithm Training Using Personal Data Compare →

TikTok uses your personal data, including your content, behavior, and profile information, to train its AI and machine learning systems.

Added May 10, 2026 Standard Seen across 284 platforms
User Content Used in TikTok Advertising Campaigns Compare →

TikTok reserves the right to use videos, photos, and other content you post on the platform in its own advertising and marketing campaigns.

Added May 10, 2026 Standard Seen across 242 platforms
Phone and Social Network Contact Syncing Compare →

If you allow TikTok to access your phone contacts or social network contacts, TikTok collects names, phone numbers, and email addresses of your contacts and matches them against TikTok's user database.

Added May 10, 2026 Standard Seen across 284 platforms
Inferred Profiling of Age, Gender, and Interests Compare →

TikTok uses your behavior and content on the platform to infer personal attributes about you, including your estimated age range, gender, and interests, even if you have not provided this information directly.

Added May 10, 2026 Standard Seen across 284 platforms
Message Content Collection and Metadata Processing Compare →

TikTok collects the actual content of messages you send and receive through its messaging feature, as well as metadata about those messages including timing, read receipts, and who the participants are.

Added May 10, 2026 Standard Seen across 284 platforms

Low — 1 provision

Clipboard Content Access Compare →

TikTok can access the content of your device's clipboard (copied text, images, or videos) when you use certain features, such as pasting or sharing content.

Added May 8, 2026 Standard Seen across 284 platforms

Monitoring

TikTok Ads has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle Behavioral Advertising and Third-Party Data Sharing and similar clauses.

Compare across platforms →