Amid political and regulatory worries about Chinese access to user information on the platform, TikTok is making it clear to its European customers that their data can be accessible by staff outside of the continent, including in China.

The social video app, which is owned by China, has updated its privacy statement to state that staff members are permitted to access user information in order to make sure that users have a 'consistent, entertaining, and safe' experience on the platform.

Brazil, Canada, and Israel, in addition to the US and Singapore, where European user data is now held, are the other nations where TikTok workers may have access to user data from European users.

The performance of the platform's algorithms, which suggest material to users, might be checked using data, as could the presence of annoying automated accounts. The fact that some user data is viewed by staff members of TikTok's parent firm, ByteDance, in China, has previously been recognised.

TikTok's CEO, Shou Zi Chew, stated in a letter to Republican senators that international employees might examine a 'limited collection of non-sensitive' US user data with the permission of a US-based TikTok security team. He further stated that no information was given to representatives of the Chinese government.

The privacy policy update, which takes effect on December 2 and is applicable to the UK, the European Economic Area, and Switzerland, comes amid political and regulatory criticism over the use of data gathered by the app, which has more than a billion users globally.

A recent EU judgement, according to Michael Veale, an associate professor of digital rights at University College London, requires data transfers between the EU and China to be security-checked. Because contracts between a Chinese and a European corporation cannot exclude state access, sending EU user data to China on a regular basis is extremely challenging.

According to the Schrems II decision of the European Court of Justice, certain data transfers outside the EU must consider 'the level of protection,' with a focus on access by state authorities, provided to the user's data at the other end.