กลับ

TTsam Bridge — Privacy Policy

Effective date: 2026-05-19

1. Data we collect

The Desktop Bridge app collects and processes the following data on your machine:

  • Google account email — used to identify your TTsam account via Firebase Authentication.
  • Firebase ID token — stored in memory only, transmitted over TLS to api.ttsam.app.
  • TikTok session cookies — captured from an embedded WebView when you log into tiktok.com inside the app. Stored locally in %LOCALAPPDATA%\ttsam-bridge\ (encrypted by Windows DPAPI). Never transmitted to TTsam servers.
  • TikTok Live event stream — gift, like, chat, follow, share, member events from the TikTok room you connect to. Forwarded to api.ttsam.app for processing by your configured Actions/Events.
  • App diagnostic logs — written to %LOCALAPPDATA%\ttsam-bridge\logs\ for support. Not transmitted unless you explicitly use a "Send diagnostic" feature.

2. What we don't collect

  • We do not read or transmit your TikTok password.
  • We do not access your camera, microphone, or screen.
  • We do not transmit clipboard content or keystrokes.
  • We do not access files outside the app's own data directory.
  • We do not include third-party analytics SDKs (no Google Analytics, no PostHog, no Sentry).

3. How TikTok events are used

Events your app receives from TikTok Live (the same events that appear in any TikTok Live viewer's feed) are forwarded to TTsam backend over an encrypted WebSocket. The backend triggers your pre-configured Actions/Events (e.g., OBS scene switch, sound play, TTS) and updates leaderboards. Events are not stored long-term beyond what is needed for the immediate Action processing.

4. Data retention

  • Firebase user identity: kept as long as your TTsam account exists. Delete by contacting support.
  • TikTok cookies: stored only on your machine. Removed when you sign out or uninstall.
  • Event data: not persisted beyond the live session in normal flow. Leaderboards persist per session per Firestore retention.
  • App logs: rotate at 5 MB × 3 files locally. Never transmitted unless you explicitly upload.

5. Third parties

  • Firebase (Google) — authentication. Firebase Privacy
  • TikTok Live API — read-only event subscription via the tiktok-live-connector library. We do not have an official partnership with TikTok.
  • Cloudflare — TTsam.app is fronted by Cloudflare for DDoS protection. Cloudflare Privacy
  • Microsoft (WebView2) — Windows OS-level component used to render the app UI. Not configured to share data with Microsoft.

6. Your rights (GDPR / PDPA)

  • Access — request a copy of data tied to your TTsam account.
  • Deletion — uninstall the app + request account deletion via support@ttsam.app.
  • Portability — Firestore data is exportable on request.
  • Withdraw consent — sign out / uninstall at any time.

7. Security

  • All network traffic uses TLS 1.2+ (HTTPS / WSS).
  • Tauri ed25519 signature verification on auto-updates — tampered updates rejected.
  • Firebase ID tokens kept only in process memory (never written to disk).
  • TikTok cookies isolated to per-user WebView2 data partition.

8. Children

TTsam is not directed at users under 13. Do not use this product if you are under the age of consent in your jurisdiction.

9. Changes to this policy

We will post material changes here and update the "Effective date" above. Continued use after a change constitutes acceptance.

10. Contact

Questions or requests: support@ttsam.app