Twilio & the General Data Protection Regulation (GDPR)

Twilio’s GDPR commitment

GDPR is an opportunity to build a stronger data protection foundation for the benefit of all. Twilio is committed to ensuring that our platform is GDPR-compliant.

Illustration of Twilio’s GDPR commitment to build a stronger data protection foundation.

“Trust is the #1 thing in the cloud, so we will be taking GDPR as an opportunity to raise the bar for data protection worldwide.”

Jeff Lawson CEO, Twillio

What we’re doing


We have a data protection core team comprised of senior members of the Legal, Data, Security, and Architecture teams, dedicated to ensuring that Twilio is GDPR‑compliant


We updated our terms for GDPR. We’ve made a new addendum part of our Terms of Service, which reflects GDPR standards.


For every new product and enhancement, we proactively apply the Data Protection by Design principles.


We apply GDPR standards to all data not just EU personal data. That way, you will be well positioned with data protection regulatory frameworks around the world.

Security and certifications


Third-party assurance that Twilio has implemented security best practices on your behalf.

ISO 27001

Privacy Shield

Cloud Security Alliance

SOC 2 for Authy

The Twilio advantage


Communicate reliably

Experience a 99.95% uptime SLA made possible with automated failover and zero maintenance windows.

Planet Earth

Operate at scale

Extend the same app you write once to new markets with configurable features for localization and compliance.

Megaphone Announcement

Many channels

Use the same platform you know for voice, SMS, video, chat, two-factor authentication, and more.

User with a heart symbol

No shenanigans

Get to market faster with pay‑as‑you‑go pricing, free support, and the freedom to scale up or down without contracts.