JetaMediakit Logo

Privacy Policy

Last updated: October 12, 2025

1. Introduction

Welcome to JetaMediakit ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our creator verification and media kit platform.

JetaMediakit is a platform that helps content creators verify their engagement metrics by connecting their TikTok or Instagram accounts. We calculate authentic metrics from platform APIs and create shareable creator profiles.

2. Data We Collect

2.1 Public Profile Data

When you verify your account, we collect:

  • Display name and username/handle
  • Profile picture (avatar URL)
  • Bio/description
  • Follower and following counts
  • Total likes and video counts
  • Verification status on platform
  • Profile URL on platform

2.2 Post Metrics

We fetch your last 10 public posts to calculate metrics:

  • Post IDs and permalinks
  • Posted dates
  • View counts
  • Likes, comments, shares, and saves

2.3 OAuth Credentials

We store encrypted OAuth access and refresh tokens to enable automatic data refreshing. These tokens are encrypted at rest using Laravel's encryption and never exposed in logs or API responses.

2.4 Optional Profile Settings

You may optionally provide:

  • Country (2-character ISO code)
  • Content niche/category
  • Languages you create content in

2.5 Usage Data

For security and audit purposes, we log:

  • IP addresses
  • User agents (browser/device info)
  • Timestamps of actions
  • Actions performed (created, updated, deleted, etc.)

2.6 Email (Optional Mailing List)

Subscribing to our mailing list is completely optional and separate from your creator profile. If you choose to subscribe, we collect and process the following:

  • Email address - For sending platform updates and newsletters
  • Subscription source - Where you subscribed from (e.g., "verify tool", "website")
  • Creator ID - If you subscribed after verifying (optional link to your profile)
  • Confirmation token - For double opt-in email verification
  • Confirmation timestamp - When you confirmed your subscription

Email Services Used:

  • MailerSend - Sends transactional confirmation emails (double opt-in)
  • MailerLite - Manages marketing email list and sends newsletters

Both services are GDPR-compliant. After you confirm your email via MailerSend, your email address is automatically added to our MailerLite list for marketing communications. You can unsubscribe anytime via the link in every email or by contacting us. Unsubscribing removes your email from both our database and MailerLite.

3. How We Use Your Data

We use your data to:

  • Calculate Metrics: Compute average views, engagement rate, and other statistics from your posts
  • Create Your Profile: Display your verified metrics on a public creator profile at /@yourhandle
  • Enable Discovery: List you in the public creator directory (if you choose to be visible)
  • Auto-Refresh Data: Automatically update stale metrics (older than 14 days) if you have valid OAuth credentials
  • Security & Auditing: Log actions for security purposes and to detect unauthorized access
  • Service Improvement: Analyze usage patterns to improve our platform (anonymized data only)

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your data is Consent. By clicking "Verify with TikTok/Instagram," you explicitly consent to our collection and processing of your data as described in this policy.

You can withdraw consent at any time by deleting your profile.

5. Data Sharing and Third Parties

We do not sell your data. Your data is shared only with:

  • Platform APIs (TikTok, Instagram/Meta): To fetch your public data via OAuth
  • Hosting Provider: To store your data on our servers
  • Analytics Provider (Optional): To understand platform usage (anonymized data)

For a complete list of third-party services (sub-processors), see the Sub-Processors section below.

6. Data Retention

6.1 Active Profiles

We retain your data for as long as your creator profile is active. You can delete your profile at any time from your dashboard.

6.2 Deleted Profiles - Grace Period

When you delete your profile, it is soft-deleted (marked as deleted but not permanently removed) for a 14-day grace period. During this time, you can re-verify your account to restore your profile. After 14 days, all your data is permanently deleted from our systems, including:

  • Profile data
  • Post metrics
  • OAuth credentials
  • Audit logs

6.3 Backup Retention

Database backups containing your deleted data are retained for up to 30 days for disaster recovery purposes, after which they are also purged.

7. Your Rights (GDPR)

You have the following rights regarding your personal data:

Right to Access

View all your data in your manage dashboard.

Right to Rectification

Update your data by refreshing your metrics or updating profile settings in your dashboard.

Right to Erasure ("Right to be Forgotten")

Delete your profile anytime from your dashboard. Data is permanently removed after 14-day grace period.

Right to Data Portability

Request a copy of your data in machine-readable format by contacting us.

Right to Object

Hide your profile from the public directory using the visibility toggle in your dashboard.

Right to Withdraw Consent

Withdraw consent by deleting your profile. Your data will be removed after the grace period.

To exercise any of these rights, visit your dashboard or contact us at privacy@jetaviews.com.

8. Sub-Processors (Third-Party Services)

We use the following third-party services to operate our platform:

ServicePurposeData ProcessedLocation
TikTok APIFetch profile & post dataPublic profile, posts, metricsGlobal
Instagram Graph API (Meta)Fetch profile & media dataPublic profile, media, insightsGlobal
Hosting ProviderServer infrastructureAll platform dataEU/US (varies)

Note: This list may be updated as we add or change services. Check this page for the latest information.

9. Security

We take security seriously and implement the following measures:

  • Encryption at Rest: OAuth tokens are encrypted using Laravel's encryption (AES-256)
  • HTTPS Everywhere: All data transmission is encrypted via TLS/SSL
  • No Passwords: We don't store passwords; authentication is via OAuth only
  • Database Security: Database backups are encrypted
  • Access Controls: Limited employee access to production data
  • Audit Logging: All data access and modifications are logged

Despite these measures, no internet transmission is 100% secure. We cannot guarantee absolute security.

10. Cookies

We use the following cookies:

manage_session

Purpose: Authenticate manage dashboard access

Duration: 60 minutes

Type: Essential, HttpOnly, Secure, SameSite

We do not use tracking cookies for advertising purposes.

11. Children's Privacy

Our service is intended for users aged 18 and over (or the age of majority in your jurisdiction). We do not knowingly collect data from children under 18. If you believe we have collected data from a minor, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy from time to time. The "Last updated" date at the top indicates when this policy was last revised. Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

General Contact

For general questions, support, or feedback:

Email: contact@jetaviews.com

Privacy Contact

For privacy-related questions or to exercise your rights:

Email: privacy@jetaviews.com

We will respond to all requests within 30 days as required by GDPR.

14. Right to Lodge a Complaint

If you are in the EEA and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority (supervisory authority).

Back to Home