Twilio Privacy Notice
Last Updated: October 15, 2024 (View the prior version of our privacy notice here (add new link once existing is achived)
Twilio Inc. and its group companies (‘Twilio’, ‘we’ or ‘our’) has built our global privacy program based on our Binding Corporate Rules (BCRs), which serve as our code of conduct that governs our global processing of personal data.
In order to provide products and services to our customers and conduct our day-to-day business operations, including the operation of our websites, we process personal data about our customers, our customers’ customers (end users) and their authorized users, our website visitors and business contacts.
Personal data is any information that directly identifies you such as your name and email address, or that indirectly identifies you, for example a phone number or device identifier (Personal Data).
We take privacy, data protection and our legal obligations very seriously. We are committed to being transparent with you about how we use Personal Data and this Privacy Notice aims to describe our privacy practices in a clear and easy to understand way and to let you know how you can exercise your rights in relation to your data.
This Privacy Notice applies where Twilio processes Personal Data as a data controller in connection with the products and services we provide to our customers (“Services”) and the operation of our business, including our websites. As a data controller we determine the purpose (why) and means (how) of personal data processing and are ultimately responsible for the correct handling of your data in accordance with applicable law.
This Notice does not apply to the Personal Data we process as a data controller in relation to job applicants. This is covered by our Global Applicant Privacy Notice.
We also process Personal Data for most of our Services as a data processor. As a data processor we process personal data on behalf of our customers in order to provide our Services to them in accordance with their instructions. These instructions are set out in our Terms of Service (including our Data Protection Addendum and product specific documentation) or through a customer use or configuration of a product feature. You should contact these organizations directly for information about how they process your Personal Data as a data controller and to exercise your rights in relation to that data.
The personal data we collect depends on our relationship with you and the purposes for which we process that personal data. The following describes the types of personal data that we collected and disclosed for a business purpose in the preceding 12 months.
Personal Data You Share With Us Directly
Personal Identifiers. When you sign up for a Twilio, Sendgrid or Segment account with us and use any of our products and services, you are required to provide us with personal identifiers. Personal identifiers include your name, business address, phone number, email address and other contact information. Additionally, when you request product information, ask for a call from our sales team or participate in events, we may ask you to provide personal identifiers such as your name and contact details.
Professional Data. The information we process about you that relates to your employment or profession, the company you work for, and your job title.
Payment Information. In connection with paid services, we’ll ask you to provide our payment processor with your payment method information like a credit card or your Paypal account and your billing address. Our payment processor, acting on our behalf, gathers this so we can bill you for your use of our products and services. Our payment processor will share your billing address with Twilio. We’ll also use your billing address for tax calculation and audit purposes.
Subscriber Records. For some products, we may also obtain proof of identity from you that includes a proof of address, name, physical address, or other identification information. For example, to use our Trust Hub or to obtain a phone number in certain countries, local law may require us to have a physical service address on file for the individual who will be using that Twilio number, whether that’s you or your end user. We may also require proof of identity and physical address.
Personalization Details. Some of our products, such as our short code service, may require you to complete an application form by providing details about your company and your intended use of the product.
Support and Feedback. When you interact with us on our websites (including via our Help Center Assistant), through our AI chatbot features, over the phone or via email, we process the phone number or email address that you use, the content of your interaction and the feedback you provide about our services. We will let you know when a call may be recorded, in accordance with applicable law.
Personal Data We Generate or Collect Automatically
SIDs. When you sign up for an account with Twilio, we’ll automatically assign you and each of your accounts a unique ID — a SID — and we’ll automatically generate an API token for each of your accounts. These are used like a username and password to make API requests. Instead of using these API tokens, you can provision API Keys and use your API key for authentication when making requests to our APIs. We keep a record of these credentials so we know it is you making the requests when your application makes requests to our API using these credentials.
Customer Proprietary Network Information. When you use certain voice-based communications services, Twilio collects information associated with your usage of the services. This includes information such as number of phone calls, call destinations, call locations, type, and service configuration, and is known as Customer Proprietary Network Information (CPNI). CPNI does not include information such as your name, address, phone number, or the content of phone calls. We use CPNI to market related Twilio products or services to which you are not already subscribed unless you have exercised your right to opt out. For information about your choices, see the section“Your Rights and Choices About Your Data” below.
Device Information. When you use our account portal, we collect your IP address and other data through tracking technologies like cookies, web beacons, pixels, and similar technologies. We also collect IP addresses when you make requests to our APIs and in our server logs. We use this information to understand how customers are using our platform, who those customers are (if they are a company and the IP address is associated with that company), what country they are logging in from (for analytics and export control purposes), and to help improve the navigation experience. You can learn more about cookies in the section titled “Cookies and Tracking Technologies” below.
When you use our account portal, we also collect information about your device, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, unique identifiers, and general location information such as city or town. We do not collect precise geolocation information.
Online Activity Information. When you visit Twilio websites, including our web forms, we use tracking technologies such as cookies, web beacons, and pixels to collect the following data: your device and browser, time zone setting, web pages visited, products you view or search for, page response times, download errors, length of visits to certain pages, page interaction information, IP address. We use this information to understand how users navigate our websites, what we can improve and track performance of our advertisements.
Customer Usage Data. When you use Twilio products, we may collect information in connection with your use of the product including data used to trace and identify the source and destination of a communication, data on the location of the device generated in the context of providing the services, date, time, duration and the type of communication and activity and traffic logs.
For more information. See the Twilio Product Privacy section for information regarding the types of data collected and processed when providing our products.
Personal data collected from other sources
We collect certain personal data such as employment or professional information from sources other than you. We may combine this data with other personal data that you share with us.
Social Media Data. Social media service providers such as Google, LinkedIn, and Meta may provide us with information about you, in accordance with your privacy settings on those sites.
Add-On Service Data. In the event you purchase our services through one of our Add-On Partners, they may share your personal data with us to fulfill their contractual obligations. Add-On Partners may share your Personal Data in the form of leads when you download Twilio content on the Add-On Partner’s website or you participate in events and webinars of which Twilio is a sponsor.
Communication Related Data. We receive communication-related data from telecommunications operators, aggregators and carriers.
Publicly-Available Sources. We may also use publicly-available information about you that we have gathered through services like LinkedIn, or we may obtain information about you or your company from third party providers. We use this information to help us understand our customer base better, such as your industry, the size of your company, and your company’s website URL.
How We Process Personal Data
The purposes for which we process personal depend on your relationship with us. We only request personal data that is necessary to fulfill the specified purposes listed below as applicable to you; provided, however, if the nature of our relationship with you changes, we may need you to provide additional information or remove personal data that is no longer required.
Purpose / Activity | Personal Data Processed | Legal Basis for Processing |
Provision of our products and services | Depends on data processed and purposes of the processing | |
Routing and connectivity | Communication Related Data | Contractual Obligation |
Carrying out Twilio’s core business operations, such as account administration, accounting, auditing, business analytics, filing taxes, finance, forecasting, consolidated management and reporting, product strategy and revenue planning. | Payment Information Support and Feedback | Legitimate Interest |
Billing and relationship management | Payment Information | Contractual Obligation |
Provide customer support including responding to your requests and communicating with you about your account and use of the services. | Personal Identifiers Support and Feedback | Contractual Obligation |
Send important notifications about our products and services. | Personal Identifiers Add-On Service Data | Contractual obligation |
Conduct questionnaires and surveys to improve our products and provide training to our employees. | Personal Identifiers Professional Data | Legitimate Interest |
Send marketing communications in accordance with your marketing preferences. | Personal Identifiers Professional Data Add-On Service Data | Consent |
Manage your participation in our events and webinars and grant you access to whitepapers and on-demand resources. | Personal Identifiers Professional Data Add-On Service Data | Consent |
Develop our business by updating, expanding, and analyzing our customer relationship records. | Personal Identifiers Professional Data | Legitimate Interest |
Analyze your interest in our products and deliver marketing campaigns that are relevant to you. | Personal Identifiers Online Activities information | Consent |
Collect sales insights and perform lead scoring. | Personal Identifiers Professional Data | Legitimate Interest |
Determining eligibility for certain products. | Personalization Details | Legitimate Interest |
Deploy cookies and other tracking technologies in accordance with your online settings. | Online Activities Information | Consent Legitimate Interest |
Transmitting, distributing, or exchanging content using phone numbers, either through the public switched telephone network or other communications network | Customer Usage Data | Contractual Obligations |
Detect, prevent, and combat fraudulent or unlawful activities and keep our website, your account, and the services secure. | Subscriber Records Online Activities Information | Legitimate Interest Contractual Obligation |
Preventing, detecting and investigating security incidents | Subscriber Records Online Activities Information | Legitimate Interest |
Verify business identity, comply with carrier and regulatory obligations | Subscriber Records | Legal Obligation Contractual Obligation |
Identity verification and know your customer obligations | Subscriber Records | Legal Obligation Contractual Obligation |
To prevent, detect, or investigate abuse of misuse of the services, or platform, including, without limitation, spam, fraud, illegal activity or other violations of the Twilio Acceptable Use Policy and or to assist telecommunications providers, regulators, or law enforcement to do the same. | Subscriber Records | Legitimate Interest |
Protect the health and safety of our employees, visitors and our properties. | Personal Identifiers | Legal Obligation |
Protect the rights and freedoms of individuals, meet legal obligations, including complying with valid court orders, disclosure requests, subpoenas, and other appropriate legal mechanisms. | Personal Identifiers Payment Information Professional Data Subscriber Records Support and Feedback Online activities information | Legal Obligation |
To develop or improve our products and services | Personalization Details Support and Feedback As otherwise authorized by you in specific Service terms or through your use and configuration of features in a product | Legitimate Interest Contractual Obligation |
How Long We Store Your Data
Twilio will store your Customer Account Data as long as needed to provide you with our services and to operate our business. If you ask Twilio to delete specific personal data from your Customer Account Data (see ‘Choices About Your Customer Account Data’ below), we will honor this request unless deleting that information prevents us from carrying out necessary business functions, such as billing for our services, calculating taxes, or conducting required audits. More specifically, within 60 days following closure of your account, we will either delete other Customer Account Data or transform it such that it can no longer be used to identify you, with the following exceptions, depending on and in accordance with applicable law:
Customer Account Data is stored for up to seven years following closure of your account. However, we may retain invoice records, including their digital equivalent, for longer periods for accounting, tax, and audit purposes.
Where we collect Subscriber Records, we will retain this data for such time as needed for legal, security and anti-fraud purposes.
We may retain your communications with Twilio’s Customer Support Teams for up to three years after your account is closed.
We may need to retain data due to special circumstances (such as due to an open investigation, audit, or other legal matter).
Please read our support page on data retention for more detailed information about our retention and deletion practices.
We disclose personal data with third parties in limited circumstances in order to provide products and services to you and to otherwise run our business, such as to route a call you send through us, or to store data at your direction. Below are the different scenarios under which we may disclose your data with third parties.
Telecommunications Service Providers
Twilio provides an easier way for developers to build applications that make use of the publicly switched telephone network (PSTN) to send communications. Therefore, we engage with a global network of telecommunications operators, aggregators, carriers and other communication service providers (collectively, “telecommunications service providers”) as necessary to route and connect those communications from the sender to the intended recipient. How telecommunications service providers handle this data is generally determined by those telecommunications service providers’ own policies and local regulations.
Where telecommunications service providers transmit the content of electronic communications, they function neither as data controllers nor data processors, instead they act as mere conduits for the transmission of communication content. In the event communications services providers process any personal data for their own purposes such as for billing or fraud prevention purposes, they act as data controllers.
Other Communications Service Providers
For proper routing and connectivity, Twilio also enables sending or receiving communications through communications service providers that do not use the PSTN, these are referred to as Over-the-Top (OTT) communications service providers. If you choose to use Twilio to send or receive communications by way of these providers, Twilio will disclose communications data with these providers as necessary to route and connect those communications from the sender to the intended recipient. How those OTT communications service providers handle this data is determined by their own policies.
Third Party Service Providers
Twilio engages certain third-party vendors and service providers to carry out certain data processing functions on our behalf. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
Add-On Partners
Add-ons are additional features, functionality or services offered by Twilio’s Add-on partners (who are third parties not affiliated with Twilio). Twilio may make Add-ons available through the Twilio Marketplace. Some Add-ons may need to access or collect some of your information, including personal data. If you choose to use an Add-on, Twilio will disclose your information with the Add-on partner so you can use the Add-on. Twilio does not control Add-on partners’ use of your information and their use of your information will be in accordance with their own policies. If you do not want your information to be disclosed with an Add-on partner, then you should not use the Add-on.
Sub-Processors
A sub-processor is a vendor that is permitted to process data for which we are a processor — in other words, Customer Content. We disclose Customer Content with sub-processors who assist in providing the Twilio services, like our infrastructure provider, or as necessary to provide optional functionality like transcriptions. Twilio maintains an updated list of sub-processors here.
Twilio Group Members
We may disclose your personal data or your end users’ personal data among Twilio Group Members. Twilio Group Members will only use the information as described in this Notice. Twilio Group Members are listed in Appendix 1 in our Binding Corporate Rules.
Compliance with Legal Obligations
We may disclose your or your end users’ personal data to a third party if:
(i) we reasonably believe that disclosure is compelled by applicable law, regulation, legal process, or a government request (including to meet national security, emergency services, or law enforcement requirements);
(ii) to enforce our agreements and policies;
(iii) to protect the security or integrity of our services and products;
(iv) to protect ourselves, our other customers, or the public from harm or illegal activities; or
(v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury.
For more details, please see the procedure laid out in our Binding Corporate Rules.
If Twilio is required by law to disclose any personal data of you or your end user, we will notify you of the disclosure requirement, unless prohibited by law. Further, we object to information requests we do not believe were issued properly.
Business Transfers
In connection with a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be part of the assets transferred or disclosed in connection with the due diligence for any such transaction.
Aggregated or De-identified Data
Aggregated and de-identified data may be derived from your personal data but is generally not considered personal data under data protection law as this data does not directly or indirectly reveal your identity. We may disclose de-identified or aggregated data with third parties. We do not disaggregate or reidentify de-identified data.
As a global organization, we may need to transfer your personal data to Twilio affiliates, contractors, service providers and third parties in various countries and jurisdictions around the world. When we transfer your personal data, we take care to use appropriate safeguards to ensure your personal data remains protected.
Data Transfers to the United States and Elsewhere
When you use our account portal, or our other products and services, personal data of you and your end users processed by Twilio may be transferred to the United States, where our primary processing facilities are located, and possibly to other countries where we or our service providers operate. These transfers will often be made in connection with routing your communications in the most efficient way.
Safeguards for Data Transfers
Twilio employs appropriate safeguards for cross-border transfers of personal data, as required by applicable local law. Where we must transfer end users’ personal data to a third country, we conduct a transfer impact assessment, which we make available on our support pages. Our Data Protection Addendum, which we provide to all customers, includes more detailed information about our cross-border data transfers.
EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF and Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF“)
As set forth by the U.S. Department of Commerce Twilio is officially certified under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF and relies on these certifications as its primary transfer mechanisms for transfers of personal data from the EU and Switzerland to the U.S. Twilio adheres to the DPF principles for onward transfers of personal data to third parties and remains liable for damages caused by third parties under the DPF unless Twilio did not cause the event giving rise to damage. The U.S. Federal Trade Commission has jurisdiction over Twilio’s compliance with the DPF. To learn more about the DPF Program, and to view our certifications, please visit the DPF website.
Twilio’s Binding Corporate Rules
Twilio has established and implemented a set of Binding Corporate Rules for internal transfers of personal data between Twilio Group Members in the European Union and Twilio Group Members elsewhere. Twilio’s BCRs have been approved by European Union Data Protection Authorities and are a commitment by Twilio to adequately protect personal data that Twilio processes regardless of where the information resides. You can access Twilio’s BCR controller and processor policies here.
Where neither the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, Swiss-EU DPF nor Twilio's BCRs apply, such as to cross-border data transfers of the SendGrid services to a country other than the U.S., we rely instead on other data transfer mechanisms to transfer personal data outside the EEA, the UK, and Switzerland, such as Standard Contractual Clauses and the UK’s International Data Transfer Agreement.
Transfers From Other Countries
When we transfer personal data outside countries other than those in the EEA, the UK, and Switzerland, we strive to comply with the cross-border data transfer rules of those countries, such as by cooperating with that country’s data protection authority or providing a written agreement to each customer that meets the data protection requirements of the country.
APEC CBPR & PRP Participation
Twilio’s privacy practices, described in this Privacy Notice, comply with the APEC Cross Border Privacy Rules (“CBPR”) and Privacy Recognition for Processors (“PRP”) Systems. The APEC, CBPR and PRP systems provide a framework for organizations to ensure protection of personal data transferred among participating APEC economies. More information about the APEC framework can be found here.
To protect Personal Data from loss, or unauthorized use, access or disclosure Twilio uses reasonable and appropriate security measures designed to protect the security of your personal data both online and offline. These measures vary based on the sensitivity of the personal data we collect, process and store and the current state of technology. All systems used to support our business are governed by Twilio’s Information Security Policy and Standards which are built on industry standards and best practices such as the ISO 27001 and NIST standards.
Depending on the data protection laws applicable to you, you may have rights in relation to your personal data, including the right to access, rectify, erase, restrict or object to processing of data (including profiling in furtherance of decisions that produce legal or similarly significant effects concerning you) or to withdraw consent. Twilio will honor your rights subject to limitations in certain situations, such as where Twilio can demonstrate that it has a legal requirement or legitimate interest to process your data or can legitimately apply an exemption to the exercise of a right under applicable law. Additional information about these rights can be found in our Binding Corporate Rules Controller Policy under Rule 10 and Appendix 3.
Where available to you in accordance with applicable data protection law, you have the ability to request:
that we provide details about the categories of personal data that we collect about you, including how we collect and share it;
that we provide you access to, and a copy of, the personal data we collect about you;
that we update or correct any inaccurate personal data we have about you; and
that we delete the personal data we have about you.
If you’re a US resident interested in what personal data we have disclosed lately for our business purposes, here’s a list:
Identifiers
Commercial information
Financial information
Internet or other electronic activity information
Geolocation information
Professional or employment information
By “our business purposes,” we mean that we only disclose personal data as we describe in the section above (in other words, with telephony operators, communications providers, and so on). Also, as described in the “How We Use Cookies & Other Tracking technologies” section below, we process personal data to deliver ads targeted to your interests on other companies’ websites and mobile apps. Some of these activities may be considered “sharing” or “targeted advertising” under certain laws. You have the right to opt out of the processing of your personal data for targeted advertising, and can do so by adjusting your preferences using our Cookie Consent tool (insert link) located on the bottom right of the Twilio website you are visiting. Any choices concerning cookies are browser and/or device specific. If you clear your cookies from your browser on any of your devices, your choices will need to be reset. You also have the right to request the restriction of processing of your sensitive personal information. Where applicable, the respective sensitive personal information will be marked accordingly and may only be processed by us for certain purposes. At the current time, however, we do not use or disclose sensitive personal information for purposes other than those expressed in this Policy or otherwise permitted by applicable law, and these uses cannot be limited under California law.
“Sale of Personal Data” Language (to be confirmed): Subject to certain exceptions, you may have the right to opt out of the “sale” of your Personal Data. It may be considered a “sale” of personal information under applicable law when we disclose [insert categories of data elements] to [insert categories of third parties]. To opt out of the “sale” of your Personal Data as just described, please click the “Privacy Choices” link at the bottom of our website and set your preferences.
If you are an individual Twilio account holder there are self-service features within the Twilio console, including the ability to access your data, update any incorrect data, download a copy of your data, delete your data, or restrict the use of your data.
You can make various choices about your data through the account portal when you log into your Twilio account or through the marketing preferences center.
Any other requests about your data you cannot make through these self-service tools, you can contact Customer Support. You can also request the closure or deletion of your account by contacting Customer Support. Please be aware that closure or deletion of your Twilio account will result in you permanently losing access to your account and the data in the account. After closure of your account, certain information associated with your account may remain on Twilio’s servers in an aggregated form that does not identify you or your end users. Similarly, after you close your account, we will retain data — including personal data — associated with your account that we are required to maintain for legal purposes or for necessary business operations until it is no longer needed. For more information on how long we store your data, see How Long We Store Your Data.
If you are not an individual Twilio account holder, you can exercise your privacy rights by contacting Customer Support or by contacting us at privacy@twilio.com.
In some instances, we will need to verify your identity before honoring your request. We will generally verify your identity by asking you to provide personal data related to your recent interactions with us. Thereafter, we will process your request and inform you of any decisions we have made about your request. Additionally, you may exercise your privacy rights through an authorized agent. If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. If you are an authorized agent seeking to make a request, please contact us at privacy@twilio.com.
We won’t discriminate against you or change the price of our services if you make a request, but if you ask us to delete your data, it may affect your ability to use our service.
Customer Proprietary Network Information (CPNI)
As an individual Twilio account owner or as an authorized representative of a Twilio customer in the US, you have the right to restrict Twilio’s use of CPNI. To opt-out of the use of CPNI data related to your Twilio account to market other Twilio products and services based on your usage of our products, click here. Please note that, if you have subscribed for the services on behalf of an organization, the CPNI relates to the service usage by that organization and not you individually. Opting-out of the use of CPNI for marketing will not unsubscribe you from other types of marketing contacts from Twilio and will not affect the status of the services you currently have with us. Your approval or opt-out of the use of your CPNI outside of the services to which you are already subscribed is valid until you affirmatively revoke or limit such approval.
Our products and services are not directed to or intended to be used by children (under the age of 13 in the US and UK, or 16 in the EEA). We do not knowingly permit children to sign up for a Twilio account. If we become aware that a child has signed up for an account, we will take reasonable steps to deactivate the account and remove their personal data from our records as quickly as possible. If you believe an underage person has signed up for a Twilio account, please contact us at privacy@twilio.com with the subject line “Children”.
We leverage both automated and manual methods of processing your Personal Data.
AI
Twilio’s development and use of AI is subject to Twilio’s Customer.AI Principles and Twilio’s collection and use of personal data in developing and deploying AI features is consistent with the commitments outlined in this Privacy Notice.
Automated Decision-Making
Automated decision-making occurs when an electronic system uses Personal Data to make a decision about you, without human involvement. For example, we rely on an automated process to determine whether to provision you with a Sendgrid account based on the information you provide.
We may rely on automated decision-making where:
We have notified you of the decision and provided you with the opportunity to request a human review of the decision
It is necessary to perform a contract with you and appropriate measures are in place to safeguard your rights
We have your consent and we have put in place appropriate measures to safeguard your rights
Twilio uses common information gathering tools such as cookies, web beacons, pixels and other similar tracking technologies to automatically collect information as you navigate our websites, your account or when you interact with emails we send to you.
Cookies
A cookie is a small text file that is stored in your browser or elsewhere on your hard drive. Cookies allow Twilio to identify your device as you navigate our websites or your account. This makes navigating and interacting with our websites or your account more efficient, easy and meaningful for you.
Twilio uses both session and persistent cookies. Session cookies are cookies that disappear from your computer or browser when you turn off your computer. Persistent cookies stay on your computer even after you’ve turned it off.
The cookies on our websites fall into three categories: (1) Required Cookies, (2) Functional Cookies, and (3) Advertising Cookies. To learn more about each category of cookie, you can visit our cookie consent tool by clicking on the “Cookie Preferences” link on the bottom right of the Twilio website you are visiting.
Manage Your Cookie Preferences
Twilio uses a cookie consent tool, which you can utilize to customize your cookie preferences. When you visit our website for the first time, a cookie consent banner will pop up and ask you to customize your cookie preferences. If you decide to change your preferences at a later date, you can easily do so by clicking on the “Cookie Preferences” link on the bottom right of the Twilio website you are visiting. Please note that Required Cookies cannot be disabled and if you decide to opt-out of Functional Cookies, certain functionality of our websites or your account may be impacted. Any choices concerning cookies are browser and/or device specific. If you clear your cookies from your browser on any of your devices, your choices will need to be reset.
Manage Cookies Using Your Browser
In addition to using our Cookie Consent tool, you can use your browser settings to opt out of Functional Cookies and Advertising Cookies. For more information on how to do that, click here. To manage privacy and storage settings for cookies, click here.
Universal Opt-Out Mechanisms
Global Privacy Control (GPC) and Do Not Track (DNT) are tools that you can use to inform websites of your privacy preferences in regard to ad trackers. To set up GPC, you can visit the Global Privacy Control page. To set DNT, you can visit the All About DNT page. Please note that this may impact the functionality of our websites or your account.
Opt Out of Advertising Cookies
To learn more about how to opt out of targeting and advertising cookies, you can go to the Your Online Choices page, the Network Advertising Initiative page, and the Digital Advertising Alliance’s Consumer Choice page. These opt-out tools are provided by third parties, not Twilio. We do not control or operate these tools or the choices that advertisers and others provide through these tools.
Web Beacons
Twilio also uses web beacons to gather data about your use of our websites, your account, and how you interact with emails we have sent to you. Web beacons are clear electronic images that can recognize certain types of data on your computer, like when you view a particular website tied to the web beacon, and a description of a website tied to the web beacon. Additionally, we may put web beacons in marketing emails that notify us when you click on a link in the email that directs you to a Twilio website. We use web beacons to operate and improve our websites and email communications to you.
If you have any questions, concerns or complaints about this Privacy Notice or our data protection practices, please do not hesitate to contact our Data Protection Officer by emailing us at privacy@twilio.com or by writing to us at any of the following addresses:
Worldwide Headquarters
Twilio Inc.
101 Spear Street, 5th Floor
San Francisco CA 94105
EEA Headquarters
Twilio Ireland Limited
3 Dublin Landings,
North Wall Quay
Dublin1, Ireland
Complaints
We will endeavor to resolve questions, concerns or complaints you raise with us in accordance with our Complaints Handling Procedure. In the unlikely event that we are unable to resolve your concern, you can find information about your options to seek further assistance through independent dispute resolution mechanisms or complaints to your local data protection authority here.
In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Twilio commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States, the European Union, the United Kingdom, and/or Switzerland. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance that are not resolved by any of the other DPF mechanisms. You can find additional information in the DPF ANNEX-I-introduction.
We will periodically review this Privacy Notice and may change it to address legal, technical or business development requirements. When we change this Privacy Notice, the most current version will be available at https://www.twilio.com/legal/privacy with the date indicating when it was last updated. If we make material changes that affect your rights, we will provide you with advance notice, such as by posting a message in the Twilio console or sending an email to the address we have on file for you. We will comply with applicable law with respect to any changes we make to this Notice and seek your consent to material changes, if required by applicable law.