I was under the impression that passwords and biometric unlocks were encrypted from Google/Apple HQ. so someone in CA can't log in to your "file" and see your stuff in plain text. I may be wrong in that. My impression is that TikTok does unencrypt that data and save it, so that Bejing CAN log in to your "file" and pull that info. I may be wrong on that as well, however.
I'm sure Apple and Google have a greater level of protection firewalling the sensitive information they collect, but I assure you that if you can get access to the data that they store then so can they if they had a compelling interest in doing so. That is to say, the primary barriers are procedural, not technical.
Some password managers claim zero knowledge infrastructure but I have my doubts, and anyway the only key you have to present is password based so best case your data are as well protected as your password is hard to guess/brute force.
Apple/Google have some real issues regarding personal data and privacy. TikTok is legitimately an intelligence collecting platform for a foreign government. Or at least that's what I was told by my G6 guys.
As bad as AT&T or worse?