Affli.ai LogoAffli.ai

Privacy Policy for Affli.ai

Effective Date: April 15, 2025

Applies To: All users of Affli.ai and its affiliated applications, including integrations with TikTok Shop, TikTok Creator Marketplace, and any API-powered features.

1. Purpose

This privacy policy explains how Affli.ai collects, uses, shares, stores, and protects personal data, in line with TikTok's platform requirements, GDPR, CCPA, and ISO/IEC 27701.

2. Types of Data We Collect

  • User Profile Data: Name, email address, business name, region.
  • TikTok-linked Data: Product listings, sales data, creator campaign stats, affiliate activity.
  • Behavioral Data: Clickstream, usage behavior within Affli.ai platform.
  • Technical Data: IP address, device ID, browser type, session metadata.

3. How We Collect Data

  • Direct user input through signup and onboarding.
  • Authorized access via TikTok API after user consent.
  • Tracking cookies and local storage (fully disclosed in cookie banner).

4. Purpose of Use

  • To provide users with creator performance insights, sales analytics, and affiliate campaign management tools.
  • To fulfill legal and contractual obligations with platform partners (e.g., TikTok).
  • To respond to support queries and user service requests.
  • To improve platform features, security, and personalization.

5. Lawful Basis for Processing

  • Consent: For data collected via TikTok integration and tracking technologies.
  • Contract: For users using paid or free accounts with Affli.ai.
  • Legitimate Interest: For usage analytics and fraud prevention.

6. Sharing and Disclosure

  • We do not sell personal data.
  • We may share anonymized analytics data with trusted partners.
  • We use third-party processors (e.g., AWS, Stripe, Google Analytics) with signed DPAs.
  • All subprocessors are listed on our privacy webpage.

7. International Transfers

  • All data is stored in the United States via secure cloud environments.
  • Standard Contractual Clauses (SCCs) are in place for GDPR-compliant transfers.

8. Data Retention

  • We retain user data as long as the account is active or as required by law.
  • Upon termination, user data is securely deleted within 60 days unless required for dispute resolution or legal compliance.

9. Data Subject Rights

Under applicable law (e.g., GDPR, CCPA), users have the right to:

  • Access their data
  • Request correction or deletion
  • Object to processing
  • Request data portability
  • Withdraw consent at any time

To exercise these rights, users can contact us at: privacy@affli.ai

10. Security Measures

  • Data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
  • MFA required for administrative access.
  • Regular third-party penetration testing and internal audits.
  • Access is governed by least privilege and RBAC.

11. Children's Privacy

Affli.ai is not intended for use by individuals under the age of 16. We do not knowingly collect data from children.

12. Changes to This Policy

  • We update this policy periodically and notify users via email or dashboard alerts.
  • Users may review changes at any time on our Privacy Policy page.

13. Contact Details

Data Protection Officer (DPO):

Name: Vitaliy Zurov

Email: dpo@affli.ai