Privacy and control are essential

Twitter takes privacy seriously, and we expect everyone using Twitter Content and the Twitter API to do the same. Any use of the Twitter developer platform, Twitter API, or Twitter Content in a manner that is inconsistent with peoples’ reasonable expectations of privacy may be subject to enforcement action, which can include suspension and termination of API and Twitter Content access.

Your commitment to privacy and control must extend to all uses of Twitter Content and all aspects of the service that you build using our API. To that end, the people using your service must understand and consent to how you use their data, and how you access Twitter on their behalf. This can be accomplished through providing people with a clear, comprehensive, and transparent privacy policy, as well as ensuring that you get express and informed consent from each person using your service before taking any action on their behalf. Please note that a person authenticating into your service does not by itself constitute consent.

 
Consent & permissions

In particular, you must get express and informed consent from people before doing any of the following:

  • Taking any actions on their behalf. This includes (but is not limited to): 

    • Posting content to Twitter

    • Following/unfollowing accounts

    • Modifying profile or account information

    • Starting a Periscope Broadcast

    • Adding hashtags or any other content to Tweets
       

  • Republishing content accessed by means other than via the Twitter API or other Twitter tools

  • Using someone’s Twitter Content to promote a product or service

  • Storing non-public content such as Direct Messages (DMs), or any other private or confidential information

  • Sharing or publishing protected content, or any other private or confidential information

If your service allows people to post content to Twitter you must do the following before publishing:

  • Show exactly what will be published

  • Make it clear to people using your service what geo information (if any) will be added to the content

If your service allows people to post content to both your service and Twitter, you must do the following before publishing:

  • Obtain permission to post the content

  • Explain where you will post the content

You must respect the protected and blocked status of all Twitter Content. You may not serve content obtained using one person’s authentication token to a different person who is not authorized to view that content.

  • Protected accounts: A protected account’s content is only available to people who have been approved by the owner to follow that account. So, if you run a service that accesses protected accounts, you may only do so to serve such content to the specific people with permission to view that content.

  • Blocked accounts: People on Twitter are able to block access to their accounts for any reason they choose. Commingling information obtained from tokens (or any other API-based action) to bypass this choice is not permitted.

As Direct Messages (DMs) are non-public in nature, services that provide DM features must take extra steps to safeguard personal privacy. You may not serve DM content to people who are not authorized to view that content. If your service provides DM functionality you must also:

  • Notify people if you send read receipt events for DMs. You can do this by providing a notice directly in your service, or by displaying read receipts from other participants in a conversation.
  • Get consent before configuring media to be sent in a DM as "shared" (i.e. reusable across multiple DMs). If you do allow media in a DM to be “shared,” you must provide a clear notice that this content will be accessible to anyone with the media’s URL.

 
Content compliance

If you store Twitter Content offline, you must keep it up to date with the current state of that content on Twitter. Specifically, you must delete or modify any content you have if it is deleted or modified on Twitter. This must be done as soon as reasonably possible, or within 24 hours after receiving a request to do so by Twitter or the applicable Twitter account owner, or as otherwise required by your agreement with Twitter or applicable law. This must be done unless otherwise prohibited by law, and only then with the express written permission of Twitter.

Modified content can take various forms. This includes (but is not limited to): 

  • Content that has been made private or gained protected status
  • Content that has been suspended from the platform

  • Content that has had geotags removed from it

  • Content that has been withheld or removed from Twitter

 
Off-Twitter matching

We limit the circumstances under which you may match a person on Twitter to information obtained or stored off-Twitter. Off-Twitter matching involves associating Twitter Content, including a Twitter @handle or user ID, with a person, household, device, browser, or other off-Twitter identifier. You may only do this if you have express opt-in consent from the person before making the association, or as described below.

In situations in which you don’t have a person’s express, opt-in consent to link their Twitter identity to an off-Twitter identifier, we require that any connection you draw be based only on information that someone would reasonably expect to be used for that purpose. In addition, absent a person’s express opt-in consent you may only attempt to match your records about someone to a Twitter identity based on:

  • Information provided directly to you by the person. Note that records about individuals with whom you have no prior relationship, including data about individuals obtained from third parties, do not meet this standard; and/or

  • Public data. “Public data” in this context refers to:

    • Information about a person that you obtained from a public, generally-available resource (such as a directory of members of a professional association)

    • Information on Twitter about a person that is publicly available, including:

      • Tweets

      • Profile information, including an account bio and publicly-stated location

      • Display name and @handle

 
Your privacy policy

You must display your service’s privacy policy to people before they are permitted to download, install, or sign up to your service. It must disclose at least the following information:

  • The information that you collect from people who use your service

  • How you use and share that information (including with Twitter)

  • How people can contact you with inquiries and requests regarding their information

Your privacy policy must be consistent with all applicable laws, and be no less protective of people than Twitter’s Privacy Policy and the privacy policy of our other services and corporate affiliates. You must cease your access to the Twitter API and the use of all Twitter Content if you are unable to comply with your and/or Twitter’s Privacy Policy.

 
Using geo-data

Use of geo data comes with additional restrictions due to the sensitive nature of this information. If your service adds location information to Tweets or Periscope Broadcasts, you must disclose to people:

  • When you add location information

  • Whether you add location information as a geotag or annotations data

  • Whether your location information is listed as a place, or as geographic coordinates

If your application allows people to Tweet with their location you must comply with Twitter’s geo guidelines in full. 

Any use of location data or geographic information on a standalone basis is prohibited. You may not (and may not permit others to) store, aggregate, or cache location data and other geographic information contained in Twitter Content, except as part of a Tweet or Periscope Broadcast. For example, you may not separate location data or geographic information out from Tweets to show where individuals have been over time. Heat maps and related tools that show aggregated geo activity (e.g.: the number of people in a city using a hashtag) are permitted.

 
Twitter passwords

You may not store Twitter passwords, or request that people provide their Twitter password, account credentials, or developer application information (including consumer key) to you directly. We suggest the use of Sign-in with Twitter as the authentication tool to link your service and people on Twitter.