Revised TikTok Policy Reveals That Employees in China Can Access EU and UK User Data

Popular short-video-sharing platform TikTok recently updated its privacy policy, making it clear that its employees from across the world can access data of European users.

China-based ByteDance, the company that owns the platform, claims the policy revision is meant to bring more transparency to the company’s data handling outside of Europe and the collection of user location data.

The privacy policy update applies to European customers. More specifically, it addresses users in the European Economic Area (EEA), Switzerland and the United Kingdom.

“Building on our ongoing work to advance our data security around the world, we are continuing to make progress in our approach to Data Governance in Europe,” the company’s announcement reads. “Our efforts are centred on limiting the number of employees with access to European user data, minimising data flows outside of the region, and storing European user data locally.”

ByteDance currently stores European user data on servers in the US and Singapore. Furthermore, it says the data can be accessed remotely by employees from Brazil, Israel, Japan, Canada, China, the Philippines, Malaysia, Singapore, South Korea and the United States.

The company’s announcement also emphasizes the number of security mechanisms that regulate employees’ access to sensitive data, including system access controls, network security and encryption, all of which are “recognized under the GDPR.”

“TikTok strives to be open and transparent about how we collect and process our users' information,” the announcement concludes. “We'll continue to work to earn and build trust with our community with updates centred on transparency into our data practices and the investments we're making in the people, processes, and technology to keep our community safe.”

Guarding your online privacy can be daunting without proper assistance from specialized tools. Bitdefender VPN can help you protect your privacy by:

• Cloaking your IP address
• Encrypting and routing your traffic through a secure network
• Securing your traffic on public networks
• Bypassing ISP-set limitations (bandwidth throttling)
• Protecting you against targeted attacks