Updates to Twilio's Legal Terms and Conditions
Please visit the Service and Country Specific Requirements change log to review the material updates or modifications we make to our Service and Country Specific Requirements from time to time.
November 12, 2024
We updated our online terms! This notice is only applicable to you if you have an account that you created before November 12, 2024, or otherwise agreed to a previous version of these updated terms. These updated terms are available at the hyperlinks provided below.
Please review this notice, which covers the upcoming changes that are material in nature, and all updated terms below in their entirety to familiarize yourself with these changes. These updated terms will be effective and binding as of December 19, 2024. No further action is required on your part. Your continued use of our services automatically constitutes your acceptance of these updated terms, which completely replace all previous versions, unless otherwise specified below. Please note that we have not changed your ability to use our services. You may continue to access your account and use our services as you always have.
Twilio Data Protection Addendum (DPA):
Note: If you have negotiated a separate DPA with us (or the equivalent) that does not permit Twilio to make unilateral changes on notice, the updated DPA will not apply to you.
The updated DPA sets up a contractual framework that accommodates both a set of personal data processing terms applicable across all of our services and product-specific terms that you accept or otherwise agree to where personal data may be processed differently for certain services we provide. This approach also allows us to transparently explain how personal data is processed on a per-service basis in more detail.
We clarified and re-defined the types of personal data that are being processed to provide our services.
We introduced a new overarching term, "Customer Personal Data," which refers to all personal data (including Sensitive Data) contained in Customer Data, including Customer Account Data, Communications Usage Data, and/or Customer Content.
The definition of “Customer Content” has been expanded to cover data generated for you as part of our services, as well as data you submit to our services, and data stored on your behalf.
The definition of “Customer Account Data” has been broadened to include, but is not be limited to, information needed to verify the identity of your end users. Accordingly, we removed the definition of “Multi Factor Authentication Services”, which covered this same concept.
The former definition of “Customer Usage Data” has been changed to “Communications Usage Data” to clarify that this type of personal data covers communications-related data only.
The definition of “Customer Data” has been updated to remove “Sensitive Data”, which has been added to the newly defined term “Customer Personal Data”.
We clarified and updated Twilio's role when processing Customer Personal Data. Generally, Twilio acts as a processor of Customer Personal Data, while you act as either a controller or processor for your end users. However, there are specific instances where Twilio functions as an independent controller. We specify when and why Twilio acts as a controller for legitimate business purposes and what those legitimate business purposes are in more detail below based on the personal data type. Twilio can only use Customer Personal Data as a controller when necessary for these specified legitimate business purposes and in compliance with applicable law or regulation and the Twilio Privacy Notice.
Customer Content: Twilio's role as a controller of Customer Content has been expanded in certain situations. This means Twilio may process Customer Content as a controller when necessary to:
Manage the security of our services, including preventing, detecting, and investigating security incidents and misuse or abuse of our services, such as spam, fraud, and illegal activities, or violations of our Acceptable Use Policy;
Assist telecommunications providers, regulators, or law enforcement with combating spam, fraud, and illegal activities;
Comply with our legal, regulatory, and contractual obligations to telecommunications providers and communications industry codes of practice;
Develop and improve our services and their safety and security; and
Conduct business analytics, internal reporting, and product strategy planning.
- The processing of Customer Content for purposes beyond those enumerated above requires your authorization either through your acceptance of service-specific terms or by your use and configuration of certain features within our services.
Customer Account Data: Twilio's role as a controller of Customer Account Data has been expanded in certain situations. This means Twilio may process Customer Account Data as a controller when necessary to:
Manage your account and our relationship with you, including Know Your Customer (KYC) or other identity verification purposes;
Carry out core business operations such as accounting, auditing, and filing taxes;
Carry out business analytics, internal reporting, and product strategy planning;
Develop and improve our services and their safety and security; and
Comply with our legal and regulatory obligations.
Communications Usage Data (formerly referred to as Customer Usage Data): Twilio's role as a controller of Communications Usage Data has been expanded in certain situations. This means Twilio may process Communications Usage Data as a controller when necessary to:
Carry out the necessary functions of an electronic communications service provider, such as providing our services, for security purposes, and for billing and accounting purposes;
Manage the security of our services, including preventing, detecting, and investigating security incidents and misuse or abuse of our services, such as spam, fraud, and illegal activities, or violations of our Acceptable Use Policy;
Assist telecommunications providers, regulators, or law enforcement with combating spam, fraud, and illegal activities;
Comply with our legal, regulatory, and contractual obligations to telecommunications providers and communications industry codes of practice;
Develop and improve our services and their safety and security; and
Anonymize, de-identify, or aggregate Communications Usage Data such that it does not identify you, your end users, or any individual.
We added a commitment to use appropriate measures to minimize, anonymize, de-identify, or aggregate Customer Personal Data we use as a controller where reasonably necessary. Customer Personal Data that is anonymized, de-identified, or aggregated by Twilio is not subject to the updated DPA, provided Twilio does not re-identify Customer Personal Data.
Twilio’s role as a processor and sub-processor has been revised and slightly augmented to align with the aforementioned data processing changes in the updated DPA. Twilio will now act as a processor or sub-processor of Customer Personal Data as necessary to provide our services and provide you with recommendations or demonstrations of other services we provide. We clarified that where you act as a processor, you are responsible for ensuring the applicable controller has authorized Twilio’s appointment as your sub-processor.
The definition of “Security Incident” has been updated to remove reference to “reasonably suspected” events. We updated the notification period following a Security Incident when Twilio is acting as a processor or sub-processor to “without undue delay” rather than 72 hours.
We changed your right to information regarding and access to Twilio’s audit program. You may now request a summary of Twilio’s annual audit report, instead of a copy of the full audit report, and may request additional information needed to confirm that Twilio is complying with its obligations as a processor or sub-processor in the updated DPA. You may request this additional information once per calendar year. Furthermore, if we mutually agree that this additional information does not meet the audit requirements under applicable data protection laws, you may undertake your own audit, subject to certain conditions outlined in Section 11.2 (Customer Audits) of the updated DPA.
We changed the timeframe for which we will give you notice for changes to our sub-processors. We will notify you in all cases as soon as reasonably practicable but no less than 30 days’ prior to a change to an infrastructure provider and no less than 10 days’ prior notice of changes to all other types of sub-processors. If you notify us that you object to a sub-processor change and we cannot resolve your objection within these time periods, you may discontinue your use of the impacted services.
- We clarified that we may update the terms of our DPA from time to time upon at least 30 days’ prior written notice to you.
- The former Schedule 4 of the updated DPA, which referenced a number of country-specific privacy laws and regulations, is now limited to California and is referred to as the California Specific Terms. The updated DPA is now intended to encompass all laws and regulations that may apply to Twilio, regardless of whether they are specifically cited in Schedule 4 of the updated DPA or elsewhere. The definition of “Applicable Data Protection Law” includes, for clarity, a non-exhaustive list of specific data privacy laws or regulations in certain countries that fall under that definition.
The overall structure and content of the Twilio Privacy Notice has been revised and updated to make our privacy practices clearer and easier to understand. The Twilio Privacy Notice has been tailored to focus on our processing of personal data as a controller where we are providing our services and operating our business and align with the updated Twilio Data Protection Addendum (DPA). The main changes to the Twilio Privacy Notice are as follows:
We clarified that Twilio’s processing of personal data related to job applicants is covered in a separate Global Applicant Privacy Notice.
We clarified that Twilio’s processing of personal data as a processor when providing services to our customers is governed by the terms of our agreement with the customer and provide additional information about how our customers can manage their data in the “Twilio Product Privacy” section of the Twilio Privacy Notice.
The prior “Contents of this Notice Section” has been removed and replaced with a list of the main sections of the Twilio Privacy Notice that can be used to easily navigate to each section.
The “Personal Data We Process” section provides updated information about the types of personal data we process whether shared with us directly, automatically, or from other sources.
The “How We Process Personal Data” section provides updated information about the purposes we process personal data for and uses a table to more clearly describe each purpose, the types of personal data processed for each purpose and the legal basis for our processing.
The “How We Disclose Personal Data” section largely restates the section in the prior version of the Twilio Privacy Notice titled ”How Twilio Shares Personal Data” and provides details of the third parties we may disclose personal data to and for what reason.
The “International Data Transfers” section provides details of the mechanisms we use to safeguard cross-border transfers of personal data, including the EU-US Data Privacy Framework, Binding Corporate Rules and APEC Cross Border Privacy Rules.
The “How We Secure Customer Data” section has been revised to focus on Twilio’s security measures that are outlined in more detail in our updated Security Overview.
In the “How Long We Retain Personal Data” section we provide information about our data retention practices.
The previously titled “Other Choices About Your Customer Account Data” section has been divided into two new sections titled “Your Rights and Choices About Your Data” and “How to Exercise Your Rights and Choices”. These sections provide detailed information about an individual’s rights to control their personal data and how to exercise them. This includes a revised section applicable to US residents and a new section on rights under our Binding Corporate Rules.
The “How we use Cookies and Other Tracking Technologies” section provides updated information about the tracking technologies we use and ways individuals can manage and opt-out of them.
The “Children” section has been updated to explain how to notify us that a child has set up an account and how we would respond to ensure it is shut down.
The “Automated Decision Making” section has been updated to provide additional information on the basis on which we could rely on automated decision making.
The “How to Contact Us” section (previously titled “Questions and Complaints”) provides updated information on how individuals can reach out to us with questions or complaints and how we will address them.
The “Changes to our Privacy Notice” section has been amended to clarify that we may change the notice to address legal, technical or business development requirements.
The “Twilio Product Privacy” section has been updated to collate information included in the prior notice about how customers can control and manage the personal data we process for them as a processor. This section also provides details of processing by Twilio as a data controller in connection with certain services.
We re-named “Service Usage Data” to “Twilio Data”. We also updated the definition to cover (1) any data derived from the use or provision of our services that does not identify you, your end users, or any natural person or is anonymized, de-identified, and/or aggregated and (2) any Customer Data that is anonymized, de-identified, and/or aggregated by Twilio in accordance with our Terms of Service.
We updated the definition of “Customer Data” to include any data that is generated for your use as part of our services. We also clarified that Customer Data excludes Twilio Data.
We streamlined and updated the definition of “Services” to include any updates, modifications, or improvements we make to our services.
We removed duplicate terms regarding Private Beta offerings, which are already covered via the Service and Country Specific Requirements under service specific requirements called Services in Private Beta.
We clarified that each party has the right to use and share the other party’s confidential information as allowed under the Twilio Data Protection Addendum. We also clarified that a request for a regulator for a party’s confidential information is considered a compelled disclosure. Each party will provide written notice of a compelled disclosure to the other party if legally allowed and the compelled disclosure does not interfere with any investigation Twilio is conducting into potential illegal activity.
We clarified that you will provide the adequate notices and obtain the necessary consents and permissions required for Twilio to process Customer Data to provide you with our services or as otherwise allowed under the Twilio Terms of Service or the Twilio Data Protection Addendum.
We updated the terms applicable to our Partner Programs, specifically removing any right for either party to use the other party’s branding elements, including trademarks, service marks, names, logo, images, and partner program badges. Additionally, neither party will issue any press releases or make any public announcements about your participation in our Partner Programs without the other party’s prior written consent. These rights will be established when you execute the addendum applicable to the partner program(s) for which you have been approved.
We updated our Security Overview to make it more general, better organized, and easier to understand. If you are looking for more information about our security program, including security-related documentation (e.g., ISO 27001 or SOC2 certifications), please visit https://www.twilio.com/en-us/security.
Our Security Overview now covers Twilio’s mobile identification and authentication verification services and applies to those services, unless otherwise explicitly specified.
We clarified which internal practices and procedures apply specifically to Twilio employees.
We clarified and enumerated the minimum security measures with which all Twilio employees must comply.
We updated our infrastructure providers for our Twilio SendGrid email services.
We removed detailed descriptions of data center security measures and now link to the respective data center’s website, where you can find the most up-to-date information regarding that data center’s specific security and compliance measures and practices.
We updated the review of access rights to production environments from semi-annual to quarterly.
We extended our SOC 2 Type 2 certification to apply to all of our services.
We removed reference to the PCI DSS Level 4, as that is a self-attestation that Twilio continues to maintain, but does not constitute a security certification, which is what our Security Overview is intended to cover.
We renamed some existing sections (e.g., Section 4 - Confidentiality is now called Section 4 - People Security and Onboarding) and reorganized certain existing terms within our Security Overview to accurately capture the intent of each section and group terms related by subject matter together to make them easier to read.
We moved the content formerly in Section 9 (Physical Security) to Section 5 (Physical Security). In addition, we have taken a higher-level policy-based approach when describing our security measures at Twilio’s headquarters and office spaces, with a focus on governance and compliance standards rather than an enumeration of specific security controls. For more information on the security measures instituted by Twilio’s hosting and infrastructure providers, please review Section 8 (Hosting Architecture and Data Segregation) of our Security Overview.
We clarified Twilio’s use of system-level Customer Data isolation mechanisms within Twilio’s hosting environment, as well as Twilio employees’ access to Customer Data being based on specific job-related needs rather than general job roles.
We aligned and folded our Twilio SendGrid email services’ employee password policy into Twilio’s existing employee password policy for its other services, creating one overarching employee password policy across our organization.
We now mandate that our customers enable two-factor authentication (2FA) on individual user accounts.
We aligned terms regarding how Twilio’s Security Incident Response Team investigates relevant security threats and vulnerabilities with similar terms in the updated DPA.
We clarified how we describe our service resilience and continuity measures to better articulate how geographically diverse regions and multiple fault-independent availability zones are leveraged to ensure continuous service availability.
We replaced the Advanced Encryption Standard (AES) for Customer Data backups with a modern encryption standard based on the type of Customer Data being encrypted.
Twilio Segment: Generative AI/ML Features Addendum:
“Generative AI/ML Feature(s)” is now referred to as “AI/ML Feature(s)”, and we expanded this definition to cover any predictive AI/ML features that we may offer. As such, we renamed this addendum as Twilio Segment: Predictive and Generative AI/ML Features Addendum. “Generative AI/ML Content” is now referred to as “AI/ML Content”, and “Generative AI/ML Features Documentation” is now referred to as “AI/ML Features Documentation”, which includes an updated hyperlink that takes you to all of our Twilio Segment product documentation.
We added a definition of “personal data”, which means any data or other information relating to an identified or identifiable natural person or as otherwise defined or interpreted under applicable data protection law or regulation.
We updated the definition of “High Risk Activities” to prohibit any use of Twilio Segment’s Functions CoPilot, Generative Audiences, and Suggested Mappings AI/ML features for any operations that constitute high or unacceptable risk under applicable law or regulation.
Given that you are prohibited from inputting any personal data, confidential data, or sensitive data into Twilio Segment’s Functions CoPilot, Generative Audiences, and Suggested Mappings AI/ML features, we removed any personal data processing obligations relating to Twilio being a data processor. Instead, you now grant Twilio and our affiliates the right to process data you input into Twilio Segment’s Functions CoPilot, Generative Audiences, or Suggested Mappings AI/ML feature (“input data”) and the data that Twilio Segment’s Functions CoPilot, Generative Audiences, or Suggested Mappings AI/ML feature generates as output (“output data”) for the following specific purposes:
To develop, improve, and train Twilio’s products, services, and AI/ML features generally, and
To develop, improve, and train Twilio’s artificial intelligence or machine learning technology and any related models, including any models provided by third party service providers.
You agree that you will obtain the necessary rights to provide Twilio and its affiliates with input data and output data for processing in accordance with this updated Twilio Segment: Predictive and Generative AI/ML Features Addendum.
- We clarified that Twilio or its third party AI/ML technology providers, as applicable, own the following as a result of processing input data and output data:
Twilio’s artificial intelligence or machine learning technology and any related models, and
Any improvements to Twilio’s products, services, Twilio Segment’s AI/ML features generally, and Twilio’s artificial intelligence or machine learning technology and any related models.
REVOCATION OF CONSENT: If you do not agree to this updated Twilio Segment: Predictive and Generative AI/ML Features Addendum and wish to opt out of using Twilio Segment’s Functions CoPilot, Generative Audiences, or Suggested Mappings AI/ML feature, you may do so at any time by contacting Twilio Segment Customer Support.
Twilio Flex: CustomerAI Addendum:
The Twilio Flex: CustomerAI Addendum has been expanded to apply more broadly to AI/ML features that are both predictive and generative in nature across Twilio’s platform. In other words, these terms will apply to AI/ML features that you elect to opt into beyond just Twilio Agent Copilot, Twilio Flex Conversational Insights, and Unified Profiles AI/ML features. As such, we renamed this addendum as Predictive and Generative AI/ML Features Addendum.
“Flex Documentation” is now referred to as “AI/ML Features Documentation”, which includes an updated hyperlink that takes you to all of our product documentation.
We updated the definition of “High Risk Activities” to prohibit the use of Twilio Agent Copilot, Twilio Flex Conversational Insights, and Unified Profiles AI/ML features for any operations that constitute high or unacceptable risk under applicable law or regulation.
We added a definition of “personal data”, which means any data or other information relating to an identified or identifiable natural person or as otherwise defined or interpreted under applicable data protection law or regulation.
We updated the definition of “processor” and “controller” to account for situations where such terms are defined or interpreted differently under applicable data protection law or regulation. We also updated the definition of “processor” to limit it to the processing of personal data.
We clarified that Twilio will process any personal data that you input into Twilio Agent Copilot, Twilio Flex Conversational Insights, or Unified Profiles AI/ML feature as a processor for the following specific purposes:
According to your instructions that are set forth in your agreement with Twilio covering your use Twilio’s products and services or that are otherwise set forth in this update Predictive and Generative AI/ML Features Addendum, and
To make the Twilio Agent Copilot, Twilio Flex Conversational Insights, or Unified Profiles AI/ML feature available to you, depending on which you opted in to.
We added a list of third-party providers that provide some or all functionality for Twilio Agent Copilot, Twilio Flex Conversational Insights, or Unified Profiles AI/ML feature, and any accompanying terms from those third-party providers with which you must comply, as Exhibit A to this updated Predictive and Generative AI/ML Features Addendum.
REVOCATION OF CONSENT: If you do not agree to this updated Predictive and Generative AI/ML Features Addendum and wish to opt out of using Twilio Agent Copilot, Twilio Flex Conversational Insights, or Unified Profiles AI/ML feature, you may do so at any time by contacting Twilio Customer Support.
Predictive and Generative AI/ML Features Addendum:
We added a definition of “personal data”, which means any data or other information relating to an identified or identifiable natural person or as otherwise defined or interpreted under applicable data protection law or regulation.
We updated the definition of “High Risk Activities” to prohibit the use of Twilio Programmable Voice - Real-Time Transcriptions and Twilio Voice Intelligence AI/ML features for any operations that constitute high or unacceptable risk under applicable law or regulation.
We updated the definition of “processor” and “controller” to account for situations where such terms are defined or interpreted differently under applicable data protection law or regulation. We also updated the definition of “processor” to limit it to the processing of personal data.
We clarified that you may not use Twilio Programmable Voice - Real-Time Transcriptions and Twilio Voice Intelligence AI/ML features we provide to develop your own artificial intelligence products, services, features, or technology.
We clarified that Twilio will process any personal data that you input into Twilio Programmable Voice - Real-Time Transcriptions or Twilio Voice Intelligence AI/ML feature and any personal data that Twilio Programmable Voice - Real-Time Transcriptions or Twilio Voice Intelligence AI/ML feature generates as a processor for the following specific purposes:
According to your instructions that are set forth in your agreement with Twilio covering your use of Twilio’s products and services generally or that are otherwise set forth in this updated Predictive and Generative AI/ML Features Addendum, and
To make the Twilio Programmable Voice - Real-Time Transcriptions or Twilio Voice Intelligence AI/ML feature available to you, depending on which you opted in to.
REVOCATION OF CONSENT: If you do not agree to this updated Predictive and Generative AI/ML Features Addendum and wish to opt out of using Twilio Programmable Voice - Real-Time Transcriptions or Twilio Voice Intelligence AI/ML feature, you may do so at any time by contacting Twilio Customer Support.
Service and Country Specific Requirements:
Please review the Service and Country Specific Requirements change log, which you agree and acknowledge serves as reasonable and sufficient notice to you of any new or updated service and country-specific terms we post from time to time that are material in nature. We recommend you review this change log regularly and any new or updated service and country-specific terms in their entirety. The Service and Country Specific Requirements are an important part of Twilio's Acceptable Use Policy. You must comply with the applicable terms to the extent you use (1) a specific service of ours, (2) our services in a specific country, or (3) a third-party product or service, any of which is identified in the Service and Country Specific Requirements.
Advisory Services Requirements: We clarified that the applicable terms in your agreement with Twilio for the use of Twilio’s platform will govern the processing of any personal data provided by or collected from you that is required for Twilio to provide the Advisory Services. If your agreement with Twilio does not have personal data processing terms, then Twilio’s Data Protection Addendum will govern any processing of personal data.
Twilio Advisory Services Terms:
We clarified that Twilio’s Data Protection Addendum will govern the processing of any personal data provided by or collected from you that is required for Twilio to provide the Advisory Services.
We updated the order of precedence to reflect the following: (1) the applicable Order Form; (2) Twilio’s Data Protection Addendum; (3) the applicable Advisory Services Package; and (4) the terms within the body of the Advisory Services Terms.
Twilio Professional Services Terms:
We clarified that Twilio’s Data Protection Addendum will govern the processing of any personal data provided by or collected from you that is required for Twilio to provide the Professional Services.
- We updated the order of precedence to reflect the following: (1) the applicable Order Form; (2) Twilio’s Data Protection Addendum; (3) the applicable Professional Services Package; and (4) the terms within the body of the Professional Services Terms.
February 27, 2024
We updated our terms! This notice is only applicable to you if you have an account that you created before February 27, 2024, or otherwise agreed to a previous version of these updated terms. These updated terms are available at the hyperlinks provided below.
Please review this notice, which covers the upcoming changes that are material in nature, and all updated terms below in their entirety to familiarize yourself with these changes. These updated terms will be effective and binding as of April 1, 2024, and completely replaces all previous versions. No further action is required on your part. Your continued use of our services automatically constitutes your acceptance of these updated terms. Please note that we have not changed your ability to use our services. You may continue to access your account and use our services as you always have.
Service Level Agreements: If your agreement with us incorporates the Twilio APIs Service Level Agreement (formerly referred to as the Twilio Service Level Agreement) via https://www.twilio.com/legal/service-level-agreement, we are informing you that we updated this page to capture the multiple service level agreements available across our various products and services. This update incorporates these various service level agreements into your agreement automatically to the extent you use any of those products and services. The specific updates to each service level agreement are below:
*NEW* Twilio Flex Critical Scenarios Service Level Agreement: We are introducing a new service level agreement for Twilio Flex. This service level agreement covers availability threshold commitments and service credit eligibility requirements across the following 6 Twilio Flex functionalities necessary to perform critical real-time interactions between you and your customer(s):
Agent Logging into Agent UI
Incoming Customer Voice Call
Incoming Customer Message
Outgoing Agent’s Voice Call
Transferring a Voice Call
Completion of Assigned Tasks
The Twilio Flex Critical Scenarios Service Level Agreement does not apply to Twilio Segment’s products and services or Twilio’s application programming interfaces. If the unavailability of a Twilio’s application programming interface(s) causes one or more of the 6 Twilio Flex functionalities to be unavailable, your sole and exclusive remedy for the unavailable application programming interface(s) is the service credit set forth in the Twilio Flex Critical Scenarios Service Level Agreement - not the service credit set forth in the Twilio APIs Service Level Agreement.
Twilio APIs Service Level Agreement (formerly referred to as the Twilio Service Legal Agreement):
We updated the Twilio APIs Service Level Agreement to be clearer and better organized, but we did not change our availability commitments to you or the service credit remedy available to you.
We clarified that the Twilio APIs Service Level Agreement does not apply to the 6 Twilio Flex functionalities necessary to perform critical real-time interactions between you and your customer(s) that are covered by the Twilio Flex Critical Scenarios Service Level Agreement.
Twilio Segment Data Ingestion API Service Level Agreement (formerly referred to as the Twilio Segment Service Level Agreement):
We updated the Twilio Segment Data Ingestion Service Level Agreement to be clearer and easier to read, but we did not change our availability commitments to you.
We clarified that the Twilio Segment Data Ingestion Service Level Agreement does not apply to any beta or non-generally available Twilio Segment products and services.
We clarified that your right to terminate for repeated unavailability of the Data Ingestion API applies only to the order form specifically for the Twilio Segment products and services that are impacted by that repeated unavailability.
Twilio Voice Intelligence: Data Use Addendum (formerly referred to as Twilio Voice Intelligence: Data Logging Consent Addendum):
If you use Twilio Voice Intelligence and have the data use option enabled (formerly known as the data logging option) within your account, we are informing you that we re-wrote these terms to be clearer and provide more information about what you permit Twilio to do with your data:
You permit Twilio and its affiliates, as data controllers, to process the data you provide through your use of Twilio Voice Intelligence to develop and improve Twilio’s products and services, including Twilio’s artificial intelligence or machine learning technology and any outputs from that technology.
Twilio and its affiliates will, where deemed appropriate, anonymize, de-identify, and/or aggregate your data.
Additional information regarding Twilio’s or its affiliates’ processing of your data while the data use option is enabled is available here.
You own the rights to the data you provide through your use of Twilio Voice Intelligence and the outputs from Twilio’s artificial intelligence or machine learning technology.
Twilio owns the rights to the following:
Twilio Voice Intelligence;
any data you provide through your use of Twilio Voice Intelligence that is anonymized, de-identified, and/or aggregated;
Twilio’s artificial intelligence or machine learning technology and any related models; and
any improvements to Twilio Voice Intelligence, any of Twilio’s other products and services, and Twilio’s artificial intelligence or machine learning technology and any related models.
REVOCATION OF CONSENT: You may disable the data use option at any time via Twilio Voice Intelligence’s application programming interface or within your account.
DATA AND AI/ML OUTPUT DELETION: You may request that Twilio delete the data you provided through your use of Twilio Voice Intelligence and any outputs from utilizing Twilio’s artificial intelligence or machine learning technology by completing this deletion request form. Anonymized, de-identified, and/or aggregated data will not be deleted.
Service and Country Specific Requirements:
Please review the Service and Country Specific Requirements change log, which you agree and acknowledge serves as reasonable and sufficient notice to you of any new or updated service and country-specific terms we post from time to time that are material in nature. We recommend you review this change log regularly and any new or updated service and country-specific terms in their entirety. The Service and Country Specific Requirements are an important part of the Acceptable Use Policy. You must comply with the applicable terms to the extent you use (1) a specific service of ours, (2) our services in a specific country, or (3) a third-party product or service, any of which is identified in the Service and Country Specific Requirements.
Services Using or Incorporating Artificial Intelligence or Machine Learning Technology: We added a new section to the Service and Country Specific Requirements titled “Services Using or Incorporating Artificial Intelligence or Machine Learning Technology”. This new section links to these additional terms that you are required to accept if you opt into using or activating optional artificial intelligence or machine learning technology features or functionality within your account that are available for some Services.
Advisory Services Requirements: We clarified the definition of Twilio IP to exclude Customer Documentation and Customer Materials. We also clarified that if you rely on the Advisory Services to provide your own products and services to your customers, Twilio has no obligation or liability to your customers, and you will make your customers aware of the same.
Twilio Messaging Policy: We clarified that you are not allowed to transmit text messages that are used for security testing, including simulated phishing and other activities that may resemble social engineering or similar attacks.
Twilio SendGrid Email Policy: We clarified that you are not allowed to use Twilio SendGrid Email to conduct security testing, including simulated phishing and other activities that may resemble social engineering or similar attacks.
Twilio Voice Services Policy: We clarified that if you are using Programmable Voice or Elastic SIP Trunking to place telemarketing or advertising voice calls, you must obtain the callee’s prior consent, as required by applicable laws, regulations, governmental orders, industry standards, or telecommunications providers’ requirements or guidance.
Twilio Advisory Services Terms: We clarified the definition of Twilio IP to exclude Customer Documentation and Customer Materials. We also clarified that if you rely on the Advisory Services to provide your own products and services to your customers, Twilio has no obligation or liability to your customers, and you will make your customers aware of the same.
Twilio Professional Services Terms: We clarified the definition of Twilio IP to exclude Customer Documentation and Customer Materials.
Previous Updates by Year: