TikTok for Developers

Docs

Launch Your App to U.S. Users

If you intend on launching your app to users in the U.S., you must provide details about your company and its data usage in an approval request form on the Developer Portal. After receiving your request, TikTok may conduct a full third-party risk management (TPRM) analysis to assess whether your company meets our compliance standards for data usage. This analysis allows TikTok to ensure that vendor relationships remain secure, legally sound, and aligned with our obligations under U.S. law and internal standards.

Process for launching your app to U.S. users

To receive approval to launch your app to users in the U.S., you must complete the following:

  1. Submit the U.S. launch approval request: Fill out the approval request form on the Developer Portal to determine whether you're eligible for U.S. launch. Indicate what type of data is required for your operations. This step is mandatory for apps that list the U.S. as a target region.
  2. Complete the TPRM questionnaire: If you indicated that you need access to protected data in your approval request form, you will receive a TPRM questionnaire in the next 7-10 days. If your submission is approved, you may launch your app to users in the U.S.

This screening ensures TikTok's vendor relationships remain secure, legally sound, and aligned with our obligations under U.S. law and internal standards. Your participation is essential to maintaining a trusted partnership.

U.S. launch approval request

To start the approval request process, you must first complete the U.S. launch approval request form on the Developer Portal. This requires you to provide information about your company's operations and intended data usage.

Company details

In the request form, you must provide information about the following:

  • Country where your company is registered
  • Your company's majority stakeholders (only those with a controlling interest of 25% or more), and their countries of residence and citizenship
  • All locations of the teams that will support your U.S. launch, operations, and customer support in any way
  • Location of primary data centers where U.S. user data will be stored

Data requirements

TikTok requires you to indicate which type of data you intend to use for reporting and operations purposes. Depending on what data type you select, some features may not be available. Two data types are considered:

  • Excepted data: The aggregated data of your U.S. users. For excepted data, any category of U.S. user data being examined requires a minimum of 1,000 unique users.
  • Protected data: Detailed, individual-level user data that will be available regardless of the number of unique U.S. users. If your company's ownership, personnel, service and support locations, and necessary fourth parties are affiliated or supported from restricted countries, this data type will not be available to you.


Excepted data

Protected data

Scale

Aggregated

Individual

Minimum number of U.S. users

1,000

None

Data availability

Available to all companies, potential feature restrictions apply

Unavailable to companies affiliated with restricted countries

Inaccessible features

In-App Ads

None

TPRM screening

Not required

Required

Example


The aggregated number of clicks on a video from at least 1,000 U.S. users

The duration of a video an individual U.S. user has watched

Third-Party Risk Management questionnaire

If you indicate that your company requires protected data, a representative from the TikTok U.S. Data Security Inc. (USDS) will email you an additional questionnaire. TikTok USDS is an organization tasked with managing TikTok's business functions that require access to U.S. user data. Learn more about TikTok USDS.

Vendor compliance review process

To align with TikTok USDS's data protection requirements, you must complete a Vendor Compliance Questionnaire (VCQ) through our TPRM platform.

This review covers key risk areas, including the following:

  • Ultimate Beneficial Ownership (UBO)
  • Headquarters and workforce locations
  • Service and support geography
  • Data access, processing, and storage practices
  • Use of subcontractors and fourth parties

Important: Incomplete responses may delay approval. TikTok's TPRM analysts will review your submission and follow up with any clarification requests. Based on the findings, we will proceed as follows:

  • If compliant, you are cleared to proceed, while subject to legal agreement terms from TikTok USDS.
  • If there are risks, we’ll work with you to assess mitigation options or alternative arrangements.

Your cooperation in this process helps ensure a secure and trusted partnership for both our organizations.

Compliance review definitions and requirements

More information about the compliance review's key risk areas is listed below.

Ultimate Beneficial Ownership (UBO)

UBO refers to the individuals or entities who ultimately own or control your company. Even if ownership is indirect or layered through holding companies, the ultimate decision makers must be disclosed.

Note: Vendors with a UBO holding ≥25% ownership interest located in a restricted country may not access, process, or store TikTok USDS protected data.

Headquarters and workforce locations

Your personnel who support TikTok U.S. users—whether employees, contractors, or subcontractors—must not be based in a restricted country. This restriction applies regardless of employment classification or whether the personnel support us directly or indirectly.

Service and support location restrictions

All technical support and operational services related to TikTok USDS must be performed outside restricted countries. This includes the following:

  • Hosting environments
  • Development teams
  • Customer support personnel

Failure to comply with this requirement may lead to disqualification or reassessment of the vendor relationship.

Data handling locations

TikTok USDS data cannot be accessed, processed, modified, or stored in a restricted country.

Please confirm your cloud and infrastructure configurations before completing the VCQ, especially if your services use auto-scaling or globally distributed environments.

Fourth-party disclosure requirements

If your organization relies on other entities (cloud providers, IT subcontractors, for example) to support your TikTok USDS engagement, those are considered fourth parties. Disclosure is required if these parties engage in the following:

  • Host, transmit, or process USDS data
  • Provide core infrastructure for your services
  • Offer necessary services for your operational delivery to TikTok

Approval request results

After completing the approval request process, you may receive one of the following results.

  • Approved: You may launch your app in the U.S. without restrictions. No aggregation is required for data reporting.
  • Approved with restrictions: You may launch your app in the U.S., but access to certain features is restricted. Aggregation is required for data reporting.
  • Not approved: You may not launch your app in the U.S. Contact your TikTok operations representative for support.

If you have any questions, please reach out to the TikTok USDS TPRM team at TPRM@tiktokusds.com.

Sign addendum to access protected data

If you requested access to protected data, you must sign an addenedum after your request has been approved for the data scope to take effect.

TikTok for Developers
© 2025 TikTokTerms of ServicePrivacy PolicyResources & Legal