NapticPrivacy Policy

Privacy Policy

Last updated: May 11, 2026

This Privacy Policy describes how Naptic LLC ("Naptic," "we," "us," or "our") collects, uses, and protects information in connection with Naptic (our AI-character content engine for TikTok, referred to in this policy as "the Service") and our integrations with third-party platforms, including TikTok. By using our services, you agree to the practices described below.

1. Who We Are

Naptic LLC is a Florida limited liability company located at 7901 4th St N, Suite 300, St. Petersburg, FL 33702, USA. You can reach us at jordan@synapticstack.ai.

2. Scope

This policy applies to data we process while operating Naptic (our AI-character content engine for TikTok), our website at synapticstack.ai, and any integrations we maintain with third-party platforms such as TikTok. Naptic operates AI-persona accounts that we own and control; we do not collect personal information from third-party end users of those platforms.

3. Information We Collect

In connection with our TikTok integration, we collect and process only the data required to publish AI-generated content to Naptic-owned TikTok accounts:

  • OAuth credentials. When an authorized Naptic operator connects a TikTok account to the Service, TikTok provides us with an access token and refresh token. These tokens authorize the Service to act on behalf of that specific TikTok account within the requested scopes.
  • Basic account information. Through theuser.info.basic scope, we receive the connected account's open ID, display name, and avatar URL.
  • Content metadata. For each post the Service publishes, we store the source video file, caption, AI-generation disclosure flag, the publish ID returned by TikTok, and the resulting post status.
  • Operational logs. Standard application logs (timestamps, request IDs, error messages) used to operate and debug the service.

We do not collect personal information about TikTok viewers, followers, commenters, or any other third-party end users, and we do not request scopes that would expose such data.

4. Scopes We Request

The Service requests only the TikTok scopes necessary to publish content:

  • user.info.basic — to identify which Naptic-owned account a token is associated with.
  • video.upload — to upload video files into the connected account's draft area.
  • video.publish — to publish uploaded videos as posts on the connected account.

5. AI-Generated Content Disclosure

All content the Service publishes is generated with the assistance of artificial intelligence. We mark every TikTok post with the platform's AI-generated content flag (is_aigc=true) so that viewers can identify it as AI-generated, consistent with TikTok's policies on synthetic media.

6. How We Use Information

  • To authenticate the Service with the connected TikTok account and post content on its behalf.
  • To track publish status and surface failures to internal operators.
  • To comply with TikTok's developer policies, including content disclosure requirements.
  • To operate, secure, and improve our internal tooling.

7. How We Store and Protect Information

TikTok OAuth tokens are stored in AWS Secrets Manager with encryption at rest and TLS in transit, and access is restricted to authorized Naptic systems and personnel. Content metadata is stored in private internal systems. We follow industry-standard practices to safeguard the information we hold, but no system is perfectly secure.

8. Sharing of Information

We do not sell personal information, and we do not share it with third parties for their own marketing. We share information only with:

  • TikTok. Content, metadata, and authenticated requests are sent to TikTok in order to publish posts on the connected account, in accordance with TikTok's Terms of Service and developer policies.
  • Infrastructure providers. Cloud services such as Amazon Web Services that host our systems and store credentials, under their respective data-processing terms.
  • Legal compliance. Where required by law, regulation, legal process, or governmental request.

9. Data Retention

We retain OAuth tokens for as long as the integration is active. If an account is disconnected — by revoking access in TikTok's settings, rotating credentials, or contacting us — we delete the associated tokens from our systems. Operational logs and content metadata are retained for the period necessary to operate and audit the service.

10. Your Choices

Because Naptic only connects accounts that it owns or operates, the primary control available is to revoke Naptic's authorization through TikTok's account settings, or to contact us directly to disconnect a specific account. Revoking authorization will immediately stop new posts from being published through the Service for that account.

11. Children's Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be highlighted on this page or communicated through other reasonable means.

13. Contact Us

Questions about this Privacy Policy or our data practices? Reach us at:

Naptic LLC
7901 4th St N, Suite 300
St. Petersburg, FL 33702
USA
jordan@synapticstack.ai