If you allow TikTok to access your phone contacts or social network contacts, TikTok collects names, phone numbers, and email addresses of your contacts and matches them against TikTok's user database.
This analysis describes what TikTok Ads's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision means TikTok collects personal data about people who are not TikTok users and have not consented to any TikTok data collection, raising third-party privacy concerns.
The updated policy changed the controlling entity from TikTok USDS Joint Venture LLC to TikTok Pte. Ltd., a Singapore-registered company. The U.S.-specific privacy policy language was replaced with terms covering "other regions." Users previously governed under U.S. privacy protections are now subject to different jurisdictional terms.
View change record →When you sync your phone contacts with TikTok, the personal data of your contacts, including people who do not use TikTok, is collected and processed by TikTok; those individuals have no direct ability to control or object to this data collection.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
Monitoring
TikTok Ads has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you choose to sync your phone contacts, we will access and collect information such as names, phone numbers, and email addresses, and match that information against existing users of the Platform. If you choose to share your social network contacts, we will collect your public profile information as well as names and profiles of your social network contacts.— Excerpt from TikTok Ads's TikTok Privacy Policy
(1) REGULATORY LANDSCAPE: This provision engages GDPR Articles 6 and 14 (lawful basis for and transparency obligations toward data subjects whose data is obtained from third parties), CCPA/CPRA (which may apply to personal information of California residents collected indirectly through contact syncing), and the FTC Act Section 5 (unfair practices relating to collection of non-user personal data). EU data protection authorities have historically scrutinized contact uploading features and the use of non-user personal data on social platforms. The Irish DPC and other EU supervisory authorities are the primary GDPR enforcement contacts. (2) GOVERNANCE EXPOSURE: Medium. Contact syncing is a common feature on social platforms, but the collection of personal data about non-users raises specific GDPR transparency and lawful basis concerns. Non-users have no contractual relationship with TikTok and cannot exercise data rights through standard account-based mechanisms, which creates a governance gap. EU regulators have previously taken enforcement action against similar practices on other social platforms. (3) JURISDICTION FLAGS: EU/EEA (GDPR Articles 6 and 14, non-user data subject rights), UK (UK GDPR), California (CPRA right to know and delete applies to indirectly collected personal information). The lack of a direct notice mechanism for non-users whose data is collected creates heightened GDPR Article 14 compliance exposure. (4) CONTRACT AND VENDOR IMPLICATIONS: No direct vendor implications for this specific provision, but the policy's reference to matching contact data against the platform user database implies data enrichment processing that should be specifically documented in internal data maps and privacy impact assessments. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should assess whether the GDPR Article 14 obligation to provide privacy information to data subjects whose data is obtained from third parties (i.e., non-user contacts) is being met, and whether an exception applies. The purpose limitation for contact data (matching against existing users) should be documented and not expanded without reassessment. The opt-in nature of contact syncing is noted in the policy ('if you choose'), which is relevant to consent-based legal basis arguments.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision means TikTok collects personal data about people who are not TikTok users and have not consented to any TikTok data collection, raising third-party privacy concerns.
When you sync your phone contacts with TikTok, the personal data of your contacts, including people who do not use TikTok, is collected and processed by TikTok; those individuals have no direct ability to control or object to this data collection.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by TikTok Ads.