Twitter for Business FAQ

1. What is Twitter’s approach to the GDPR?

Twitter complies with current EU data protection law. We understand that our advertisers, partners, suppliers and other stakeholders all have a requirement to comply with the Regulation. Twitter cannot advise you* as to whether you are GDPR compliant. However, Twitter has users and advertisers that span the globe, so we continuously work to ensure that our services comply with the GDPR, and that advertisers around the world can continue to use our advertising products and services after the GDPR took effect on 25 May 2018. Advertisers are advised to review our Privacy Policy and Master Services Agreement before continuing to use our advertising services.


2. How does Twitter comply with the legal requirements for transferring data?

Our services are primarily designed to help people to see what’s happening around the world. As a global service, we have developed global data practices designed to ensure that our customers’ information is protected. Twitter International Company, an Irish commercial entity, is the controller of our data outside of the U.S., so if you are outside of the U.S. and you share data with Twitter, you share it with Twitter International Company. Today, Twitter International Company processes data in accordance with applicable Irish law and the GDPR. Additionally, Twitter International Company has Data Transfer and Processing Agreements, including model clauses, with Twitter, Inc., in the U.S., and its affiliates, which allow Twitter, Inc., to process personal data. Twitter, Inc., is also certified under the Privacy Shield framework. For additional information, please review Twitter’s Global Operations and Data Transfer information.


3. Is Twitter a data controller or a data processor?

In general, Twitter is the controller of data we use as part of our advertising services. Additionally, Twitter is the data controller for data derived from activity on Twitter. Where Twitter is the controller, we use that data in accordance with our Privacy Policy.

In some instances, Twitter may be your data processor. For example, when you upload a tailored audience to Twitter, we act as your data processor. You are the data controller of that audience, and as such, you are responsible for ensuring that you have an adequate basis to process the data, including to transfer it to Twitter for processing.    

Twitter’s controller and processor activities are determined by the terms governing your use of our advertising services and our Privacy Policy, both of which were updated accordingly before 25 May 2018.


4. Twitter ads products after May 25, 2018

A. How does the Tailored Audience Program work with the GDPR?

Advertisers are the controller of any tailored audiences uploaded to Twitter, and Twitter is a processor of that data. As such, our Tailored Audience Program T&Cs require advertisers that upload a tailored audience to provide sufficient notice and obtain requisite consent before providing us with this data. To comply with our obligations as the processor of that data under the GDPR, we updated the legal terms that govern the use of this program.  

B. How does the Twitter pixel work with the GDPR?

Twitter is the controller of data it receives through the Twitter pixel and through mobile app conversion tracking partners. Twitter requires advertisers to have notice and consent mechanisms in place in connection with their use of this program, as described in our Conversion Tracking Program T&Cs.


5. What terms are going to be updated?

Twitter updated various terms including in instances where Twitter is your data processor, and for controller to controller transfers. We also updated our Privacy Policy to comply with the GDPR.  


6. Is there a map of Twitter data that can be shared?

While we don’t have a map of Twitter data we can share publicly, our Privacy Policy describes how we collect, store, use, and share personal data. Please note that our Privacy Policy was updated ahead of 25 May 2018 to be GDPR compliant.


* “You” or “your” in these FAQs refers to our advertisers, partners, suppliers and other stakeholders.