Privacy Policy

Last updated: January 1, 2026

This Privacy Policy describes how Insights TT (the "Service") collects, uses, stores, and shares information when you use the Service. We designed the Service to collect only what we need to provide analytics back to you, and to keep that data inside our own infrastructure on Amazon Web Services (AWS).

1. Who we are

Insights TT is operated by an individual ("we", "us"). It is a personal, non-commercial analytics tool. For questions about this policy or to request deletion of your data, contact us at the address listed in Section 10.

2. Information we collect

2.1 Information you provide

• Account email and password (handled by Amazon Cognito) when you create an Insights TT account.
• Profile information you enter into the Service.

2.2 Information from TikTok

When you connect a TikTok account using TikTok Login Kit, we receive an OAuth access token and use it to call TikTok's Display API and (if your account is a Business account) the Business API. Through these APIs we retrieve:

• Your TikTok basic profile (open id, display name, avatar, username);
• Metadata about videos you have posted (id, title, description, cover image, share URL, duration, dimensions, creation time);
• Public engagement metrics for those videos (views, likes, comments, shares, saves);
• Where available, aggregated analytics such as watch time and audience retention;
• The video files themselves, which we download to S3 for AI analysis.

We do not request, store, or process data about TikTok users other than the account holder who connected the account, except for aggregated engagement counts that TikTok exposes on the account holder's own videos.

2.3 Information generated by the Service

• AI-generated analyses, scores, and suggestions about your videos;
• Keyframe images extracted from your videos;
• Transcripts generated from the video's audio or captions;
• Standard server logs (timestamps, status codes, IP addresses) retained for up to 7 days for operational purposes.

3. How we use information

We use the information described above only to:

• Authenticate you and operate the Service;
• Generate and display analytics, AI-generated critiques, and recommendations about your own TikTok content;
• Detect and prevent abuse, fraud, or technical failures;
• Communicate with you about your account when necessary.

We do not use your information for advertising, sell it to third parties, or share it with data brokers.

4. AI model providers

To generate analyses, we send extracted keyframes, transcripts, and engagement statistics to large language and vision models hosted on Amazon Bedrock. These calls remain within AWS infrastructure and are governed by the AWS Service Terms and Amazon Bedrock's data privacy commitments, which state that customer content submitted to Bedrock is not used to train the underlying models and is not shared with model providers.

5. Where we store information

All data is stored in AWS in the United States, using the following services:

• Amazon S3 — video files, keyframes, transcripts;
• Amazon DynamoDB — video metadata, statistics, AI-generated analyses;
• AWS Secrets Manager / Parameter Store — OAuth tokens (encrypted at rest);
• Amazon Cognito — your account credentials;
• Amazon CloudWatch Logs — operational logs (7-day retention).

All data is encrypted in transit (TLS) and at rest (AWS-managed keys).

6. Data sharing

We do not share your information with third parties except:

• AWS, as our infrastructure provider, strictly to operate the Service;
• TikTok, when calling its APIs on your behalf;
• When required by law, valid legal process, or to protect the rights, property, or safety of any person.

7. Data retention

• Video metadata, statistics, and AI analyses are retained as long as your account is active.
• Raw video files in S3 are moved to cold storage (Glacier Instant Retrieval) after 30 days to reduce cost.
• Server logs are retained for 7 days.
• When you delete your account or request deletion, we delete all associated data within 30 days.

8. Your rights

Regardless of where you live, you may:

• Access the data we hold about you;
• Correct inaccurate data;
• Request deletion of all of your data;
• Revoke the Service's access to your TikTok account at any time from your TikTok settings;
• Export your data on request.

To exercise any of these rights, contact us at the email below.

9. Children

The Service is not directed to children under 13 (or under 16 in the EEA / UK). We do not knowingly collect personal information from children. If we learn we have, we will delete it.

10. Contact

For privacy questions or deletion requests, contact us at chris@northbridgeimports.com.

11. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect the most recent revision. Significant changes will be highlighted on the homepage.