Legal
Privacy Policy
Last updated: June 15, 2026
1. Introduction and Who We Are
TikCut ("TikCut", "we", "us", or "our") operates a video editing platform available as a web application at tikcut.app and as a native iOS application ("TikCut for iOS"), designed primarily for TikTok Shop affiliates and short-form content creators. This Privacy Policy explains what personal information we collect, how we use and share it, how long we keep it, and what rights you have over it.
This Policy applies to all users of the TikCut website, progressive web application, iOS app, and any related services (collectively, the "Service"). By creating an account or using TikCut you agree to the data practices described in this Policy. If you do not agree, please do not use the Service.
For questions or requests about this Policy, contact us at privacy@tikcut.app.
2. Information We Collect
2.1 Account and Registration Information
When you create a TikCut account you provide us with:
- Email address — used for authentication, account communication, and subscription management.
- Password — stored as a salted cryptographic hash. We never store or have access to your plaintext password.
- Google Sign-In data — if you sign in via Google, we receive your name, email address, and profile picture URL as shared by Google. We do not receive your Google account password.
- Apple Sign-In data — if you sign in via Sign in with Apple on iOS, we receive your email address and, on your first sign-in only, your name if you choose to share it. Apple may provide a private relay email address at your discretion.
2.2 Video and Audio Content
TikCut's core editing features (silence removal, manual trimming, and video export) run entirely on your device. On the web app, this uses the Web Audio API, WebCodecs, and WebAssembly (FFmpeg). On the iOS app, this uses Apple's AVFoundation framework and on-device FFmpeg. Your raw video files are never uploaded to our servers during these operations. They are processed locally on your device and the output is saved directly to your device.
However, if you choose to use AI-powered features, limited data is sent to third-party servers:
- Auto-transcription: Audio segments extracted from your video are transmitted to our third-party AI provider for speech-to-text processing. Only audio data is sent — video frames are not transmitted.
- AI editorial features (editorial review, script polish, duplicate detection): The transcript text generated from your video — not the audio or video itself — is sent to our AI provider's language model for analysis.
These AI features are optional and only activated when you explicitly click the relevant button. You can use TikCut's silence removal and export features without ever triggering any data transmission.
2.3 Usage and Analytics Data
iOS app: The TikCut iOS app does not include any third-party analytics SDKs and does not collect usage events, device identifiers, crash reports, or behavioral data. IP addresses may be logged transiently by our infrastructure provider for security purposes only.
Web app: We collect information about how you use the web Service to operate, secure, and improve it. This may include:
- Events such as video uploads, analysis runs, feature activations, and exports (type, duration, file size — not file content).
- Session duration and timestamps.
- Browser type, operating system, device type, and screen resolution.
- IP address (used for security, fraud prevention, and geographic region — not used for tracking).
- Error logs and performance diagnostics.
Web usage events may be linked to your account and stored in our database. We use this data internally for product analytics; we do not sell it or use it for cross-site behavioral advertising.
2.4 Payment Information
If you subscribe to a paid plan, payment is processed by our third-party payment processor. We do not store your full card number, CVV, or bank account details on our servers. Our payment processor transmits to us transaction metadata including: payment amount, currency, billing country, card type, last four digits, subscription status, and invoice identifiers. This is used to manage your subscription and comply with legal obligations.
2.5 Communications
If you contact our support team, join our waitlist, submit feedback, or opt in to product updates, we retain the content of those communications along with your email address and contact metadata. We use this to respond to you and to improve the product.
2.6 Local Storage and Session Data
Web app: TikCut uses your browser's localStorage to save your editing progress (segment data, mode settings, timestamps) so you can resume after a page refresh. This data is stored only on your device and is never transmitted to our servers. You can clear it at any time through your browser settings or by clicking "New video" in the app.
iOS app: The TikCut iOS app stores your authentication session securely on your device using standard iOS Keychain-backed storage managed by Supabase. No editing progress is persisted between sessions. Deleting the app removes all locally stored data.
2.7 Cookies and Similar Technologies
We use the following types of browser storage:
- Authentication cookies/tokens — Session tokens are set to keep you signed in. These are strictly necessary for the Service to function.
- Preference storage — We store UI preferences (e.g., language selection) in localStorage.
- Analytics — We may use privacy-respecting, cookieless analytics to measure aggregate usage. We do not use advertising cookies or third-party tracking pixels.
You can disable cookies in your browser settings, but doing so may prevent you from signing in or using certain features.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Providing the Service: Creating and managing your account, authenticating you, processing your videos (locally), and delivering the features you request.
- AI features: Transmitting audio or transcript data to our third-party AI provider to deliver transcription and AI editorial features when you activate them.
- Payment and subscription management: Processing payments, managing billing cycles, issuing invoices, and handling subscription changes or cancellations.
- Communication: Sending transactional emails (account creation, password reset, payment receipts, subscription notices). If you have opted in, sending product news and updates. You can unsubscribe from marketing emails at any time.
- Support: Responding to your questions and resolving issues.
- Security and fraud prevention: Detecting and preventing unauthorized access, abuse, and fraudulent activity.
- Legal compliance: Meeting tax, accounting, and regulatory obligations; responding to valid legal requests.
- Product improvement: Analyzing aggregate, de-identified usage patterns to improve performance and features. Individual users are not identified in this analysis beyond internal administrative purposes.
4. Legal Bases for Processing (EEA, UK, and Switzerland)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under the GDPR and applicable national law:
- Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide the Service you have signed up for, including account management, authentication, and subscription billing.
- Legitimate interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate interests in operating, securing, and improving TikCut, where such interests are not overridden by your rights. This includes usage analytics, fraud detection, and service communications.
- Consent (Art. 6(1)(a) GDPR): Where you have given specific consent, such as enabling AI transcription features (which transmit data to third-party AI providers) or opting in to marketing communications. You may withdraw consent at any time without affecting the lawfulness of prior processing.
- Legal obligation (Art. 6(1)(c) GDPR): Processing required to comply with applicable law, including tax, accounting, and anti-fraud regulations.
5. How We Share Your Information
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We share information only in the following limited circumstances:
5.1 Service Providers
We share data with third-party vendors who help us operate the Service under contractual data-protection obligations:
- Authentication and database infrastructure provider — stores account data, usage events, and subscription metadata.
- Payment processor — handles payment processing and subscription management. PCI-DSS compliant.
- AI service provider — processes audio and transcript data to power AI features, only when you activate them.
- Hosting and infrastructure provider — delivers the Service globally and may process request metadata such as IP addresses for security and performance.
5.2 Legal Requirements
We may disclose your information if required to do so by law, court order, subpoena, or other governmental authority, or if we believe in good faith that such disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing in connection with the Service; (d) protect the personal safety of users of the Service or the public; or (e) protect against legal liability.
5.3 Business Transfers
If TikCut is involved in a merger, acquisition, asset sale, or similar corporate transaction, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the Service before your data is transferred and becomes subject to a different privacy policy.
5.4 With Your Consent
We may share your information with third parties when you have given explicit consent for us to do so.
6. Third-Party AI Processing — Important Notice
When you use TikCut's AI features, your content is processed by our third-party AI service provider under their own terms and privacy policy. Specifically:
- Audio data from your video is transmitted to our AI provider's servers when you use auto-transcription.
- Transcript text is transmitted to our AI provider's language model when you use editorial review, script polish, or duplicate detection.
We have contractual protections in place that prohibit our AI provider from using your data to train their models. However, we recommend reviewing the privacy practices of any third-party service independently, as their terms may change over time.
If your videos contain sensitive personal information, confidential business information, or third-party personal data, you should carefully consider whether to use these AI features, and ensure you have appropriate rights and consents to submit that content to third-party AI processing.
TikCut is not responsible for our AI provider's data handling. By activating AI features you accept the additional data processing described above.
7. International Data Transfers
TikCut and some of our service providers operate in the United States and other countries that may not provide the same level of data protection as your home country. When we transfer personal data from the EEA, UK, or Switzerland to countries not recognized as providing adequate protection, we rely on appropriate safeguards, which may include:
- Standard Contractual Clauses approved by the European Commission or UK ICO.
- Adequacy decisions issued by relevant regulatory authorities.
- Other legally recognized transfer mechanisms.
You may request a copy of the relevant safeguards by contacting privacy@tikcut.app.
8. Data Retention
We retain personal data for as long as necessary to fulfill the purposes described in this Policy, subject to the following:
- Account data: Retained while your account is active and for up to 90 days after deletion (to enable account recovery and resolve disputes). After that, account data is permanently deleted.
- Usage event data: Retained for up to 2 years to support product analytics, then aggregated or deleted.
- Payment records: Retained for 7 years as required by tax and accounting law.
- Support communications: Retained for up to 3 years or until resolved, whichever is longer.
- Transcripts and AI outputs: Processed in real time. We do not persistently store your video transcripts unless you explicitly save them within a feature that stores them to your account.
- Video files: Not stored on our servers (processed locally in your browser).
When data is no longer required, it is securely deleted or anonymized. Anonymized aggregate data may be retained indefinitely for product analytics.
9. Security
We implement technical and organizational measures designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These include:
- TLS/HTTPS encryption for all data in transit.
- Encryption at rest for all database storage.
- Passwords stored as bcrypt hashes — never in plaintext.
- Row-level security (RLS) policies ensuring users can only access their own data.
- Role-based access controls limiting internal access to personal data.
- Regular dependency updates and security reviews.
No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at support@tikcut.app.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and applicable regulatory authorities as required by law.
10. Your Privacy Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
10.1 Rights for All Users
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, subject to legal retention obligations.
- Opt out of marketing: Unsubscribe from marketing emails at any time via the unsubscribe link or by contacting us.
10.2 Additional Rights — EEA, UK, and Switzerland (GDPR)
- Restriction: Request that we restrict processing of your data in certain circumstances.
- Portability: Receive your data in a structured, machine-readable format and transmit it to another controller.
- Objection: Object to processing based on legitimate interests or for direct marketing purposes.
- Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.
- Lodge a complaint: File a complaint with your local data protection authority (e.g., the ICO in the UK, or your EU member state's supervisory authority).
10.3 Additional Rights — California Residents (CCPA/CPRA)
California residents have the right to:
- Know what personal information we collect, use, disclose, and sell (we do not sell personal information).
- Delete personal information we have collected, subject to exceptions.
- Correct inaccurate personal information.
- Opt out of the "sharing" of personal information for cross-context behavioral advertising (we do not share for this purpose).
- Non-discrimination for exercising your CCPA rights.
To submit a CCPA request, email privacy@tikcut.app with "CCPA Request" in the subject line. We will respond within 45 days.
10.4 How to Exercise Your Rights
Email privacy@tikcut.app with your request. We will verify your identity before processing the request and respond within the timeframe required by applicable law (typically 30 days, with possible extension for complex requests). Some requests may be limited where we have legitimate grounds to retain data (e.g., legal obligations).
11. Children's Privacy
The Service is not directed to children under the age of 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children below the applicable age threshold. If we become aware that we have collected personal information from a child without verifiable parental consent, we will take steps to delete that information as quickly as possible.
If you believe a child has provided personal information to us, please contact us at privacy@tikcut.app.
12. Third-Party Links and Integrations
The Service may contain links to third-party websites or integrate with third-party platforms (such as TikTok, Instagram, or YouTube for sharing exported videos). This Privacy Policy applies only to TikCut. We are not responsible for the privacy practices of third-party sites and encourage you to read their privacy policies before providing them with your personal information.
TikCut is not affiliated with TikTok, ByteDance, Meta, or Google. Your interactions with those platforms are governed by their respective privacy policies.
13. Do Not Track
Some browsers include a "Do Not Track" (DNT) feature. TikCut does not currently respond to DNT signals because there is no industry-standard mechanism for doing so. We do not engage in cross-site tracking or behavioral advertising regardless of DNT settings.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:
- Update the "Last updated" date at the top of this page.
- Notify you via in-app notice or email at least 14 days before the changes take effect (except where immediate changes are required by law).
Your continued use of the Service after changes take effect constitutes your acceptance of the revised Policy. If you disagree with the changes, you should stop using the Service and may request deletion of your account.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Privacy enquiries: privacy@tikcut.app
- General support: support@tikcut.app
- Website: tikcut.app
We aim to respond to all privacy-related enquiries within 5 business days.
See also our Terms of Service.