AI Content System is the data controller for personal data processed through this Service. Operating name: AI Content System. Country of establishment: France. Contact email: privacy@aicontentsystem.org. Data Protection Officer: dpo@aicontentsystem.org.
This Privacy Policy applies to all personal data collected, processed, and stored by AI Content System through our website at aicontentsystem.org, our integration with TikTok via the TikTok for Developers API, our automated content processing pipeline, and any communications you have with us.
When you connect your TikTok account, we collect the following data via the official TikTok API:
| Data Type | API Scope | Purpose | Retention |
|---|---|---|---|
| TikTok Open ID (unique identifier) | user.info.basic | Account identification | Duration of service use |
| Display name | user.info.basic | Account display | Duration of service use |
| Avatar URL | user.info.basic | Account display | Duration of service use |
| Access token | All scopes | API authentication | Until revoked or expired |
| Published video IDs | video.upload, video.publish | Content tracking | 90 days |
We collect publicly available metadata from YouTube including video IDs, titles, license information, channel IDs, and engagement metrics for compliance verification and trend detection. No personally identifiable information of content creators is stored.
We collect server logs including IP addresses retained for 30 days then anonymized, error logs for system debugging retained for 14 days, and performance metrics for published content.
| Processing Activity | Legal Basis (GDPR Article) |
|---|---|
| TikTok account authentication and publishing | Art. 6(1)(b) - Performance of contract |
| Analytics and performance tracking | Art. 6(1)(f) - Legitimate interests |
| Security logging | Art. 6(1)(f) - Legitimate interests |
| Responding to communications | Art. 6(1)(f) - Legitimate interests |
In strict compliance with TikTok Developer Platform Policies:
| Recipient | Data Shared | Purpose | Safeguards |
|---|---|---|---|
| TikTok via API | Video files, captions, hashtags | Content publishing | TikTok Developer Agreement |
| Anthropic Claude API | Video transcripts with no PII | Content generation | Anthropic Privacy Policy |
| Google YouTube API | Search queries, video IDs | Content discovery | Google Privacy Policy |
| WordPress.com | Generated blog content | Blog publication | Automattic Privacy Policy |
| GitHub Pages | Static website files | Website hosting | GitHub Privacy Policy |
We do not sell personal data. We do not share personal data with data brokers or advertising networks under any circumstances.
Where we transfer data outside the European Economic Area, we ensure appropriate safeguards are in place including Standard Contractual Clauses approved by the European Commission and adequacy decisions where applicable.
We implement the following technical and organizational measures to protect personal data: all data transmitted over HTTPS and TLS 1.3, API keys and access tokens encrypted at rest with AES-256, access to personal data limited to authorized personnel only, regular security audits of our systems, and an incident response plan with 72-hour breach notification to the supervisory authority as required by GDPR Article 33.
| Data Category | Retention Period |
|---|---|
| TikTok account identifiers | Duration of service use plus 30 days |
| TikTok access tokens | Until revoked, expired, or account deletion |
| Published content metadata | 90 days |
| Server access logs | 30 days then anonymized |
| Error logs | 14 days |
| Email communications | 2 years from last communication |
To exercise any of these rights, contact privacy@aicontentsystem.org. We will respond within 30 days as required by GDPR.
You have the right to lodge a complaint with the French supervisory authority: Commission Nationale de l'Informatique et des Libertes (CNIL), website www.cnil.fr, address 3 Place de Fontenoy TSA 80715 75334 PARIS CEDEX 07, telephone plus 33 1 53 73 22 22.
Our website uses only strictly necessary cookies required for basic functionality. We do not use advertising cookies, tracking cookies, or third-party analytics cookies without your explicit consent. We use Google Consent Management Platform to manage cookie consent for European visitors in compliance with the ePrivacy Directive and GDPR.
Our Service is not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without verifiable parental consent, we will delete that data immediately and notify the appropriate authorities if required.
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the effective date and where required by law by obtaining renewed consent. The current version is always available at aicontentsystem.org/privacy.html.
Privacy requests: privacy@aicontentsystem.org. Data Protection Officer: dpo@aicontentsystem.org. Legal inquiries: legal@aicontentsystem.org. Response time: within 30 days for GDPR requests and within 48 hours for general inquiries.