Security
How EcomSelect AI protects TikTok data
1. Official authorization flows
EcomSelect AI uses official TikTok authorization flows to connect TikTok Business and advertiser accounts. We never ask users to share their TikTok password.
2. HTTPS protection
All public traffic to EcomSelect AI websites and APIs is protected with HTTPS. This helps secure communication between the user’s browser, our frontend, and our backend API.
3. Token protection
TikTok access tokens are stored server-side and are not exposed in the browser. Access to tokens is limited to backend processes that require them to provide authorized features.
4. Limited internal access
Access to production data is restricted to authorized technical administrators for maintenance, support, security, and troubleshooting purposes.
5. Data minimization
We store only the data necessary to provide the service, such as advertiser IDs, account metadata, campaign metrics, video metrics, AI recommendations, decision logs, and comment drafts.
6. User validation for sensitive actions
Sensitive advertising actions such as creating campaigns, increasing budgets, pausing ads, or publishing comment replies may require user review and validation from the dashboard. AI recommendations are designed to assist the user, not replace user responsibility.
7. Revocation and deletion
Users can revoke TikTok access from TikTok Business settings or request deletion of TikTok-related data by contacting contact@ecomselect.fr.
8. Incident contact
To report a security issue:
contact@ecomselect.fr