Privacy Policy
Last updated: June 25, 2026
Midx is a beta creator workspace for connecting a TikTok account, preparing video uploads, sending videos to TikTok, and monitoring publishing status. This policy explains what data we collect in the current MVP and why.
Information we collect
- TikTok profile information: TikTok open ID, username, nickname/display name, avatar URL, authorization scopes, connection time, and last seen time.
- Upload activity: upload mode, file name, file size, MIME type, caption/title, selected privacy level, selected cover timestamp, TikTok publish ID, upload status, timestamps, and error codes/messages if an upload fails.
- Authentication data: TikTok access tokens and refresh tokens needed to keep your TikTok connection working. These are stored encrypted in our database and are not shown in the admin dashboard.
- Technical data: basic request, cookie, and operational data needed to run the service, troubleshoot errors, protect the service, and improve the product.
Why we use this data
- To connect your TikTok account after you authorize Midx.
- To let you upload or send videos to TikTok through the official TikTok integration.
- To keep your session working without asking you to log in every 24 hours.
- To show internal service information such as users, recent uploads, statuses, and failures in our private admin dashboard.
- To improve reliability, debug upload issues, and prepare the product for review and approval.
TikTok tokens
TikTok access tokens expire quickly. TikTok refresh tokens allow our backend to request a new access token after the old one expires. We store these tokens only to provide the service you authorized. Tokens are encrypted at rest and never intentionally exposed in the frontend or admin UI.
What we do not do
- We do not sell your TikTok account data.
- We do not show raw access tokens, refresh tokens, client secrets, or OAuth secrets in the admin dashboard.
- We do not publish videos without a user-initiated upload flow or user authorization.
- We do not claim to be TikTok or sell TikTok's API access.
Storage and security
For the current MVP, data is stored using Cloudflare services, including Cloudflare D1 for database records and Cloudflare Pages Functions for backend logic. Sensitive TikTok tokens are encrypted before they are stored.
Data deletion and disconnect
You can log out from Midx, which clears the browser session cookies. A full TikTok disconnect/data deletion flow will be added as the product moves closer to approval. For now, contact us if you want your MVP test data removed.
Contact
Contact: contact@midx.app