Privacy and control are essential
Twitter takes privacy seriously, and we expect everyone using Twitter Content and the Twitter API to do the same. Any use of the Twitter developer platform, Twitter API, or Twitter Content in a manner that is inconsistent with peoples’ reasonable expectations of privacy may be subject to enforcement action, which can include suspension and termination of API and Twitter Content access.
Consent & permissions
In particular, you must get express and informed consent from people before doing any of the following:
Taking any actions on their behalf. This includes (but is not limited to):
Posting content to Twitter
Modifying profile or account information
Starting a Periscope Broadcast
Adding hashtags or any other content to Tweets
Republishing content accessed by means other than via the Twitter API or other Twitter tools
Using someone’s Twitter Content to promote a product or service
Storing non-public content such as Direct Messages (DMs), or any other private or confidential information
Sharing or publishing protected content, or any other private or confidential information
If your service allows people to post content to Twitter you must do the following before publishing:
Show exactly what will be published
Make it clear to people using your service what geo information (if any) will be added to the content
If your service allows people to post content to both your service and Twitter, you must do the following before publishing:
Obtain permission to post the content
Explain where you will post the content
You must respect the protected and blocked status of all Twitter Content. You may not serve content obtained using one person’s authentication token to a different person who is not authorized to view that content.
Protected accounts: A protected account’s content is only available to people who have been approved by the owner to follow that account. So, if you run a service that accesses protected accounts, you may only do so to serve such content to the specific people with permission to view that content.
Blocked accounts: People on Twitter are able to block access to their accounts for any reason they choose. Commingling information obtained from tokens (or any other API-based action) to bypass this choice is not permitted.
As Direct Messages (DMs) are non-public in nature, services that provide DM features must take extra steps to safeguard personal privacy. You may not serve DM content to people who are not authorized to view that content. If your service provides DM functionality you must also:
- Notify people if you send read receipt events for DMs. You can do this by providing a notice directly in your service, or by displaying read receipts from other participants in a conversation.
Get consent before configuring media to be sent in a DM as "shared" (i.e. reusable across multiple DMs). If you do allow media in a DM to be “shared,” you must provide a clear notice that this content will be accessible to anyone with the media’s URL.
If you store Twitter Content offline, you must keep it up to date with the current state of that content on Twitter. Specifically, you must delete or modify any content you have if it is deleted or modified on Twitter. This must be done as soon as reasonably possible, or within 24 hours after receiving a request to do so by Twitter or the applicable Twitter account owner, or as otherwise required by your agreement with Twitter or applicable law. This must be done unless otherwise prohibited by law, and only then with the express written permission of Twitter.
Modified content can take various forms. This includes (but is not limited to):
- Content that has been made private or gained protected status
Content that has been suspended from the platform
Content that has had geotags removed from it
Content that has been withheld or removed from Twitter
We limit the circumstances under which you may match a person on Twitter to information obtained or stored off-Twitter. Off-Twitter matching involves associating Twitter Content, including a Twitter @handle or user ID, with a person, household, device, browser, or other off-Twitter identifier. You may only do this if you have express opt-in consent from the person before making the association, or as described below.
In situations in which you don’t have a person’s express, opt-in consent to link their Twitter identity to an off-Twitter identifier, we require that any connection you draw be based only on information that someone would reasonably expect to be used for that purpose. In addition, absent a person’s express opt-in consent you may only attempt to match your records about someone to a Twitter identity based on:
Information provided directly to you by the person. Note that records about individuals with whom you have no prior relationship, including data about individuals obtained from third parties, do not meet this standard; and/or
Public data. “Public data” in this context refers to:
Information about a person that you obtained from a public, generally-available resource (such as a directory of members of a professional association)
Information on Twitter about a person that is publicly available, including:
Profile information, including an account bio and publicly-stated location
Display name and @handle
The information that you collect from people who use your service
How you use and share that information (including with Twitter)
How people can contact you with inquiries and requests regarding their information
Use of geo data comes with additional restrictions due to the sensitive nature of this information. If your service adds location information to Tweets or Periscope Broadcasts, you must disclose to people:
When you add location information
Whether you add location information as a geotag or annotations data
Whether your location information is listed as a place, or as geographic coordinates
If your application allows people to Tweet with their location you must comply with Twitter’s geo guidelines in full.
Any use of location data or geographic information on a standalone basis is prohibited. You may not (and may not permit others to) store, aggregate, or cache location data and other geographic information contained in Twitter Content, except as part of a Tweet or Periscope Broadcast. For example, you may not separate location data or geographic information out from Tweets to show where individuals have been over time. Heat maps and related tools that show aggregated geo activity (e.g.: the number of people in a city using a hashtag) are permitted.
You may not store Twitter passwords, or request that people provide their Twitter password, account credentials, or developer application information (including consumer key) to you directly. We suggest the use of Sign-in with Twitter as the authentication tool to link your service and people on Twitter.