TikTok tracked user’s Grindr activity in violation of European law, rights group alleges

Steven

TikTok tracked user’s Grindr activity in violation of European law, rights group alleges

Summary

Vienna-based digital rights organisation noyb has lodged complaints alleging that TikTok tracked a user’s activity on the gay dating app Grindr and across other apps without lawful consent, potentially breaching the EU’s GDPR. The complainant says TikTok could even see specific actions such as items added to a shopping cart in other apps. noyb also alleges that the Israeli data broker AppsFlyer likely facilitated the sharing of this data. TikTok, Grindr and AppsFlyer had not responded to requests for comment at the time of reporting.

noyb says TikTok provided incomplete and hard-to-understand answers to repeated data access requests, a failure under GDPR transparency rules. The complaint stresses that data revealing a person’s sexual orientation is specially protected under European law. noyb has a history of successful complaints that led to significant fines for major tech firms; TikTok itself was fined €530m by Irish regulators earlier in 2025 over data transfers and transparency issues.

Key Points

  • noyb alleges TikTok tracked a user’s activities on Grindr and other apps without explicit consent, potentially exposing sexual orientation data.
  • TikTok allegedly gave incomplete responses to the user’s multiple GDPR data access requests.
  • AppsFlyer is named as a likely facilitator of the unauthorised data sharing; complaints also name Grindr.
  • GDPR treats data about sexual orientation as sensitive and requires explicit legal grounds and transparency for processing.
  • noyb has previously driven major GDPR fines against large tech companies; TikTok faces prior enforcement over data transfers and transparency.

Context and relevance

This complaint sits at the intersection of app tracking, data-broker ecosystems and protection of sensitive personal data. It follows broader regulatory scrutiny of how US and China-linked platforms collect and export Europeans’ data, and it highlights the role of intermediaries (data brokers) that can aggregate and redistribute behavioural signals across apps.

For privacy teams, regulators and policymakers, the case is a reminder that cross-app tracking can have severe legal and reputational consequences—especially when it reveals intimate details such as sexual orientation. For users, it underlines how actions in one app can leak into others through invisible data flows.

Why should I read this?

Short version: it’s creepy and important. If you care about privacy (or run an app), this story shows how easily sensitive stuff can leak between apps — and that regulators are still willing to hit firms hard. We’ve done the slog of the legal bits so you don’t have to.

Source

Source: https://therecord.media/tiktok-grindr-data-tracking-noyb