FYProfit

Log In

FYProfit

Get Started

Privacy Policy

Effective Date: March 24, 2026 | Last Updated: March 24, 2026

FYProfit LLC (“FYProfit,” “we,” “our,” or “us”) provides profit and loss analytics software for TikTok Shop sellers, brands, and agencies. This Privacy Policy describes how we collect, use, share, and protect personal information when you access our website (FYProfit.com), web application, or any TikTok Shop integrations (collectively, the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. FYProfit is an independent software provider and is not affiliated with, endorsed by, or officially connected to TikTok, TikTok Shop, or ByteDance Ltd.

This Privacy Policy applies to all users of the Service, including TikTok Shop sellers, brand owners, and agency users.

1. Data We Collect

1.1 Data From TikTok Shop (via Official OAuth APIs)

When you connect your TikTok Shop account, we may access the following data solely to provide the Service:

  • Orders: order IDs, SKUs, product details, timestamps, order values, discounts, refunds, shipping and handling fees
  • Products: SKUs, product IDs, names, pricing, inventory levels, and listing metadata
  • Financials: TikTok commissions, transaction fees, taxes, promotions, and payout data
  • Advertising: TikTok Ads spend and performance data (only if separately authorized by you)
  • Shop information: store name, region, currency, and account identifiers
  • Customer data: shipping addresses, total spend, and order counts (used solely for shipping fee calculations and customer analytics within your dashboard)
1.2 Data You Provide Directly
  • Account information: name, email address, and hashed password
  • Business inputs: cost of goods (COGS), supplier information, inventory adjustments, and purchase orders
  • Billing details: subscription plan and invoices (payment card details are processed securely by our payment processor; we do not store card numbers)
  • Support communications: messages you send via email or in-app support channels
1.3 Automatically Collected Data
  • Device and browser type, IP address, and approximate geolocation
  • Session data, login timestamps, usage logs, and crash/error reports
  • Feature usage analytics collected to improve the platform
1.4 Cookies & Tracking Technologies

We use the following tracking technologies:

  • Cookies: data files placed on your device, often including an anonymous unique identifier
  • Log files: track actions on the site, including IP address, browser type, ISP, referring/exit pages, and date/time stamps
  • Web beacons, tags, and pixels: electronic files used to record how you browse the Service

Cookie categories we use:

  • Essential: authentication, session management, and security
  • Analytics: anonymized usage tracking (e.g., Google Analytics)
  • No third-party advertising cookies are used inside our application

You can learn more about cookies and how to disable them at https://www.allaboutcookies.org.

2. How We Use Your Data

We use collected data to:

  • Deliver profit and loss dashboards, financial reporting, product analytics, and alerts
  • Provide user support via email and in-app channels
  • Improve the reliability, security, and features of the platform
  • Ensure compliance with TikTok Developer Terms, GDPR, CCPA, and other applicable regulations
  • Communicate service updates and, with your explicit consent, send marketing communications
  • Conduct aggregated and anonymized research to improve the Service — all personally identifiable information is removed before any such analysis
  • Evaluate or facilitate a merger, acquisition, or sale of assets, where your data may be among the assets considered

We do not use your data for the following:

  • We do not sell your personal data to third parties
  • We do not use personal data to develop, train, or improve generalized AI or machine learning models
  • We do not use TikTok-derived data to build competing datasets or analytics products

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), our legal bases for processing your personal data are:

  • Contract: to deliver the services you subscribed to and fulfill our agreement with you
  • Legitimate interests: to improve our services, prevent fraud, ensure platform security, and analyze usage trends
  • Consent: for optional marketing communications and non-essential cookies — you may withdraw consent at any time
  • Legal obligation: when required by applicable law, court order, or regulatory authority

4. Data Sharing & Subprocessors

We do not sell your personal data. We share information only with trusted service providers and subprocessors, each bound by appropriate Data Processing Agreements (DPAs):

  • Hosting: cloud infrastructure providers (e.g., AWS or DigitalOcean) operating secure, audited data centers
  • Payments: Stripe (PCI-DSS certified) — processes billing; we do not store card numbers
  • Analytics: Google Analytics (anonymized usage data only)
  • Error tracking & monitoring: Sentry (error tracking) and Datadog (infrastructure monitoring)
  • Support: email and, where applicable, third-party support chat tools

We may also share your information in the following circumstances:

  • Business transfers: in connection with a merger, acquisition, or sale of company assets, with prior notice to you
  • Legal compliance: when required by law, subpoena, court order, or valid request from a governmental or regulatory authority
  • Protection of rights: to protect and defend the rights, property, or safety of the company, our users, or the public
  • With your consent: for any other purpose with your explicit consent

5. Security Measures

We employ industry-standard safeguards to protect your data:

  • Encryption: TLS 1.2+ in transit; AES-256 at rest
  • Passwords: hashed and salted using bcrypt or argon2
  • Access control: Role-Based Access Control (RBAC), least-privilege model, and audit logs
  • Monitoring: real-time infrastructure monitoring, anomaly detection, and incident response protocols
  • Backups: encrypted, regularly rotated, retained only as necessary
  • Employee training: regular internal security and privacy training
  • Testing: periodic penetration testing by independent security professionals

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention & Deletion

We retain your data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Account data: retained while your account is active
  • TikTok-derived data: deleted automatically within 30 days of app uninstall or account termination
  • Backup copies: purged securely within 60 days of account termination
  • Billing records: retained for up to 7 years for tax and legal compliance purposes
  • Usage data: generally retained for a shorter period unless required for security or legal purposes

You may request deletion of your personal data at any time by contacting us at privacy@FYProfit.com or through our Data Deletion page at FYProfit.com/data-deletion. We will respond to verified deletion requests within 30 days.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate or incomplete data
  • Right to erasure: request deletion of your personal data (‘right to be forgotten’)
  • Right to restriction: request that we limit how we process your data
  • Right to data portability: receive your data in a machine-readable format
  • Right to object: object to certain types of processing, including direct marketing
  • Right to withdraw consent: withdraw consent for any processing based on consent, at any time
  • CCPA rights (California residents): opt out of sale of personal data; we do not sell personal data

To exercise any of these rights, please contact us at privacy@FYProfit.com. We will respond to verified requests within 30 days. Under CCPA, you may appoint an authorized agent to submit requests on your behalf.

8. International Data Transfers

Your data may be processed in the United States or other countries where our service providers operate. For transfers of personal data outside the European Economic Area (EEA), we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the European Commission where applicable

By using the Service, you consent to the transfer of your information to countries that may have different data protection laws than your jurisdiction. We take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy.

9. Data Breach & Incident Response

We maintain a formal incident response plan. In the event of a personal data breach:

  • We will notify affected users within 72 hours of becoming aware of the breach (in accordance with GDPR requirements)
  • We will cooperate with relevant regulatory authorities and take prompt mitigation steps
  • We will document the breach and our response in accordance with legal obligations

10. Children’s Privacy

The Service is intended for business use only and is not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will promptly delete that information.

11. Third-Party Links & Services

The Service may contain links to third-party websites or integrate with third-party platforms (including TikTok Shop). We are not responsible for the privacy practices or content of those third-party sites and services. We strongly encourage you to review the privacy policies of any third-party service you use in connection with our platform.

12. Behavioral Advertising

We may use your information to provide you with relevant communications about our products and services. We do not use third-party advertising cookies inside our application. You can opt out of targeted advertising through:

  • Facebook: https://www.facebook.com/settings/?tab=ads
  • Google: https://www.google.com/settings/ads/anonymous
  • Digital Advertising Alliance opt-out portal: https://optout.aboutads.info/

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you via email and/or a prominent notice within the Service prior to the change becoming effective, and update the “Last Updated” date at the top of this page.

We encourage you to review this Privacy Policy periodically. The current version will always be available at fyprofit.com/privacy-policy.

14. Complaints & Data Protection Authority

If you believe your privacy rights have been violated, you may:

  • Contact us directly at privacy@FYProfit.com
  • File a complaint with your local Data Protection Authority (DPA)
  • For EEA residents: contact the supervisory authority in your EU member state

We take all privacy complaints seriously and will respond promptly.

15. Contact Us

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:

FYProfit LLC

6130 West Flamingo Rd #3170
Las Vegas NV 89103
Privacy inquiries: privacy@fyprofit.com
General support: support@fyprofit.com
Website: fyprofit.com

We will respond to all verified privacy requests within 30 days.