1. Privacy Policy
Effective Date: 9 May 2025
1.1 Who We Are
SiliconFit ("we", "our", "us") operates the following websites and services:
siliconfit.comtiktok‑insights.com/dashboard– an analytics tool provided as part of SiliconFit’s services (the "Dashboard").
1.2 Information We Collect
| Category | Examples | Legal basis (GDPR) |
|---|---|---|
| Account Data | Name, email, company, password hash | Art. 6 (1)(b) – contract |
| Usage Data | IP address, browser type, pages visited, time spent, referral source | Art. 6 (1)(f) – legitimate interest (security & service improvement) |
| Analytics & Device Data | Cookies, device identifiers, click‑stream, log files | Art. 6 (1)(a) – consent (where required) |
| Third‑party Platform Data | Data pulled into the Dashboard from TikTok or other platforms via their APIs (e.g., post performance, follower counts) | Your consent & performance of contract |
* For CCPA these map to “Identifiers”, “Internet or other electronic network activity information”, and “Commercial information”.
1.3 How We Use Information
- Provide, operate and secure the websites and the Dashboard
- Authenticate users and manage subscriptions
- Generate aggregated, anonymised analytics and reports
- Respond to support requests
- Comply with legal obligations
We do not sell personal information.
1.4 Cookies & Tracking
We use first‑ and third‑party cookies for:
- Session management (essential)
- Preferences (functional)
- Traffic analytics (performance) – e.g., Plausible, Google Analytics
- Marketing (only with prior consent, if any)
You can manage cookies in your browser or via our cookie banner.
1.5 Sharing & Disclosure
| Recipient | Purpose | Safeguards |
|---|---|---|
| Cloud hosting providers (e.g., AWS/Hetzner/Other) | Serve and store the service | EU servers or SCCs |
| Payment processors (e.g., Stripe) | Billing, fraud prevention | PCI‑DSS, tokenised storage |
| API providers (e.g., TikTok, OpenAI) | Pull data you request | Data shared only under your authorisation |
| Advisors, auditors, or acquirers | Legal, accounting, corporate transactions | NDAs & GDPR Art. 28 contracts |
We disclose data if required by law or to protect rights, property, or safety.
1.6 International Transfers
Servers may be located outside your jurisdiction. When we transfer data outside the EEA/UK, we rely on:
- Adequacy decisions, or
- Standard Contractual Clauses (SCCs) plus supplementary measures.
1.7 Your Rights
| Region | Rights |
|---|---|
| GDPR / UK GDPR | Access, rectification, erasure ("right to be forgotten"), restriction, data portability, objection, lodge a complaint with supervisory authority |
| CCPA / CPRA | Know, delete, correct, opt‑out of "sale/share", non‑discrimination |
To exercise any right, email [email protected]. We may verify your identity before acting.
1.8 Data Retention
- We keep personal data while you have an account plus 12 months; or
- As required by law (e.g., tax records 7 years).
Aggregated, non‑identifiable data may be kept indefinitely.
1.9 Security
We employ TLS encryption, access controls, periodic penetration testing, and least‑privilege principles. No system is 100 % secure; you use the services at your own risk.
1.10 Children
Services are not directed to children under 16. If we learn we collected data from a child without parental consent, we will delete it.
1.11 Changes
We may amend this policy. Material changes will be announced via email or in‑app notice 14 days before they take effect. Continuing to use the services after that constitutes acceptance.
1.12 Contact
Controller: SiliconFitAddress: Street Barykadna 1, Dnipro, Ukraine
Email: [email protected]