Privacy Policy

Last updated: 1 May 2026 · Effective immediately

Quick summary. Social Cashback is operated by Tik Joy Inc. We collect only the data we need to deliver the service: your TikTok profile basics, the actions you take in our app, and payment info if you withdraw rewards. We never sell your data. You can disconnect your TikTok account and delete all your data at any time from your dashboard or by emailing privacy@thesocialcashback.com.

1. Who we are

Social Cashback ("Service", "we", "us") is a product operated by Tik Joy Inc ("Controller"), a US-incorporated company. This Privacy Policy explains how we collect, use, share and protect your personal data when you use the Service at www.thesocialcashback.com, the user dashboard at app.thesocialcashback.com, or any retailer site embedding the Social Cashback widget.

For privacy questions, contact: privacy@thesocialcashback.com.

2. Data we collect

2.1 Data you give us directly

2.2 Data we receive from TikTok when you connect your account

When you sign in with TikTok via the official TikTok Login Kit, TikTok shares with us — only after your explicit consent — the following data fields, scope by scope:

TikTok scopeData we receiveWhy
user.info.basicOpen ID, Union ID, display name, avatar URLIdentify you across logins; show your TikTok handle in the dashboard
user.info.profileProfile deep link, profile web link, bio description, verified statusDisplay your TikTok profile in your dashboard; verify your identity for premium features
user.info.statsFollower count, following count, likes count, video countInternal anti-fraud scoring (e.g. detecting fake or duplicate accounts). Never displayed publicly to other users.
video.listList of your own public videos and their performance counts (likes, comments, views)Show you performance insights for your own shared videos in your dashboard, and fraud prevention: confirm that content you report as shared actually exists on your account and belongs to you
video.uploadUpload status of drafts you choose to send to your TikTok inboxAllow you to draft promotional content from Social Cashback and finalize the post inside TikTok
video.publishPublish status of posts you explicitly choose to publish from the dashboardAllow you to publish user-generated videos about participating shops’ products directly to YOUR OWN TikTok profile, only after you review an on-screen preview, set the title, pick the privacy level yourself, and confirm. We never post on your behalf without this explicit per-post confirmation.

We do not request any scope beyond those listed above. We do not read your private videos, your direct messages, your contacts, or any data of users other than yourself.

Because we access your TikTok data through TikTok’s Login Kit and Content Posting API, TikTok Inc. acts as an independent data controller for the data it processes on its own platform. Your use of TikTok remains governed by TikTok’s own policies. Please review TikTok’s Privacy Policy and TikTok’s Cookie Policy to understand how TikTok handles your information.

2.3 Data generated by your use of the Service

3. How we use your data (purposes & legal bases)

PurposeLegal basis (GDPR)
Provide the Service: log you in, credit cashback, process payoutsContract performance (Art. 6(1)(b))
Attribute verified purchases to the links and content you shared, and credit cashback correctlyContract performance (Art. 6(1)(b))
Anti-fraud and abuse prevention (incl. follower-count scoring, IP/device pattern analysis)Legitimate interest (Art. 6(1)(f))
Comply with anti-money-laundering and tax law (KYC for large payouts)Legal obligation (Art. 6(1)(c))
Send transactional emails (confirmations, payout notifications, security alerts)Contract performance
Send marketing emails (only if you opt in)Consent (Art. 6(1)(a)) — withdrawable any time
Improve and secure the Service (logging, error tracking)Legitimate interest

4. Sharing your data

We share data only with the following categories of recipients, and only as strictly necessary:

We never sell your personal data. We never share your data with advertising networks or data brokers.

5. International transfers

Some processors are located outside the EEA/UK. Transfers are protected by Standard Contractual Clauses (SCC) and equivalent safeguards under GDPR Chapter V.

6. Data retention

7. Cookies

We use only strictly necessary cookies (session token, CSRF, language preference). We do not use third-party advertising or tracking cookies. You can clear cookies in your browser settings without losing your account.

8. Your rights

Under GDPR, UK GDPR, CCPA and equivalent laws, you have the right to:

To exercise any right: email privacy@thesocialcashback.com from the address on your account, or use the self-service tools at /disconnect. We respond within 30 days.

9. Disconnecting TikTok specifically

You may revoke our access to your TikTok account at any time by visiting /disconnect. When you do this:

  1. We immediately revoke the TikTok access token via the official TikTok revocation endpoint.
  2. We delete from our database all data derived from TikTok (open_id, union_id, profile fields, follower count, cached video list).
  3. You can also revoke our app independently from your TikTok account settings: TikTok app → Settings → Manage account → Apps and websites.

10. Security

We protect your data with industry-standard measures: TLS 1.2+ in transit, encryption at rest, hashed passwords (bcrypt), least-privilege access, audit logging, and regular security review.

11. Children

The Service is not intended for users under the age of 18 (or the higher local digital-consent age where applicable). We do not knowingly collect data from minors. If you believe a minor has used our Service, contact us and we will delete the account.

12. Changes to this policy

We may update this policy. Material changes will be notified by email and/or in-app banner at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.

13. Contact

Tik Joy Inc — Controller
Email: privacy@thesocialcashback.com
Postal address: provided on request
For TikTok-specific data deletion requests under TikTok's developer policy, the same contact applies and we respond within the SLA required by TikTok for Developers.