Overview
Twilio respects the interests and rights of our customers with respect to data retention and deletion. To that end, we provide controls for our customers to manage their own personal data, and also for our customers to delete the personal data relating to their downstream users (such as the recipients of their messages). This guide explains Twilio's policies and user controls for retaining and deleting data.
What You Need To Know
Data deletion
Generally speaking, you have the ability to manage your own data deletion requests in the following ways:
|
Twilio customers |
As a Twilio customer, you have the ability to delete the data you control through normal use of the Twilio services. This includes managing your own data subject requests. For example, you can use our Rest API to delete messages or delete call recordings. If you would like us to delete all of your personal data, you can manage that through the console as well. We do require you to log in — we cannot delete data on your behalf because we cannot authenticate your request by email. |
|
Twilio SendGrid customers |
If you’re using the SendGrid service, we delete most data automatically according to our retention schedule, and we provide UIs and APIs that allow you to manage or delete from our service (see “Twilio SendGrid Marketing Campaigns customers” below). Although most data times out after a maximum of 37 days, SendGrid does retain some email event data in pseudonymized form for up to a year for security, fraud detection, anti-abuse, and network protection purposes. While this data does not include message body content, the data is capable of being reidentified with the recipient. Please see the section on data retention below. If you would like to delete the end user personal data we process for you, including email bodies and sent mail, please review the Erase Recipients' Email Data API. Note that the Erase Recipients' Email Data doesn't delete Email Activity Feed data that falls off after 37 days. |
|
Twilio SendGrid Marketing Campaigns customers |
If you’re using the SendGrid Marketing Campaigns service, SendGrid offers a number of self-service features that enable you to control your data, such as deleting a recipient or deleting an address on your contact list. Please note: these tools will only delete content that you have uploaded to SendGrid, such as contact lists. Please review the above section for any other data erasure requests from Twilio SendGrid |
|
Authy customers |
As an Authy customer, you have the ability to manage, delete, or hide 2FA tokens within the Authy app. You also have the ability to delete your Authy account, if you choose to do so. Please be aware that if your Authy app is providing authentication services to other accounts, you may lose access to those accounts: please disable 2FA on those accounts before deleting your Authy account. |
|
Twilio Segment customers |
Segment customers delete data from Segment's servers at the end-user, source, Unify space, workspace, and account level. For more information, see the Account & Data Deletion documentation |
|
Frontline customers |
If you are a Frontline customer, you have the ability to access, manage, delete, and update choices about your account data in your account portal or through the APIs, as above. You also have the ability to delete your Frontline account. If you are an end user of the Frontline services, Twilio is a processor of your personal data. Please reach out to your employer (or the entity that has authorized your access to the Frontline app) to make a request for us to update or erase any information about you or to stop using any information about you. |
|
Mailing lists |
If you are on Twilio’s mailing list and would like to opt out, please click the unsubscribe link or contact our Support team. If you are on one of our customers’ mailing lists and would like to opt out, please contact the customer mailing you. All mail sent via SendGrid must contain a valid unsubscribe link. Because we are a processor, we are not able to remove you from our customers’ mailing lists, and we do not provide a way for you to opt out of receiving mail from SendGrid entirely. If you have received spam or abusive email through SendGrid, please report it to our abuse team. |
|
Non customers |
We are a processor (or a service provider) for all communications content our customers send through Twilio. This means we’re not able to respond to deletion requests from individuals who aren’t our customers. If you are not a Twilio customer and would like us to delete the data we hold about you, please reach out to the Twilio customer with whom you have a relationship (the “controller” of your data) and ask them to delete data on your behalf. We are unable to respond to requests sent by third party data subject request agents. If you’re a Twilio customer, please follow the process above. Twilio does not sell personal data. Therefore, we do not provide a “Do Not Sell” link. |
Data retention — Twilio services
What about the data that you cannot control via the tools we provide, or, when you self-delete data, or close your account, how long before the data is gone? That’s where data retention comes into play.
In general
How long we store data depends on the service, the type of data in question, and your configuration. For example, we provide storage for messages and media for up to 13 months by default. However, you’re able to configure that storage setting yourself, if you’d rather us keep it for less time, and you can even turn off backup storage.
If that’s not enough, we provide Message Redaction, which offers you more control over what we store. This gives you the ability to significantly reduce access to sensitive information while continuing to send Messages with Twilio.
After termination
After you close your account with us, we will delete any Customer Content remaining on our servers after 30 days. We hold Customer Account Data a little longer — generally speaking, we delete it 60 days after you close your account, unless there is a specific need to retain your information longer. We’ll anonymize or delete Customer Usage Data when we no longer require it for the purposes outlined in our Data Protection Addendum.
After deletion
Twilio will immediately process any data deletion requests. However, the timeline for the actual deletion of data will vary depending on several factors, including the type of data, the service you’re using, and any security or legal requirements. Our online documentation for each service provides a detailed list of the properties of each API function — for example, you can see this list for our SMS messaging service. Our documentation will identify, for each of these message properties, whether or not that property is classed as personal information (which we refer to as “PII” — this is personal data, but it’s easier to abbreviate!). We provide a flag: each resource has a flag of either “NOT PII” or “PII MTL: x DAYS.”
If a message property is PII, that “MTL” is the minimum time to live, or the minimum time we must hold that piece of data before deleting it. For the vast majority of our data, our MTL is 30 days.
Data retention — SendGrid service
If you’re using the Twilio SendGrid service, we only hold email message bodies for as long as it takes to send them. Other than your account data, we retain most other personal data, including email recipient data, for a maximum of 37 days (30 days, plus a little extra to finalize the deletion process), except as described below.
We retain events associated with sent emails for up to a year. This data does not include the content of your messages, but it might include information that could be identified with a recipient, depending on the circumstances. We retain this data for fraud and abuse detection, security purposes, and network protection.
For fraud detection, anti-abuse, and security purposes, or for troubleshooting, we may take random content samples, which we hold for seven days. Those samples will include recipients’ personal information.
As described above, when you ask us for a priority deletion of your recipient’s data, it takes us about 30 days to complete that process (the data has a 30 day minimum time to live).
For more detail on how we retain and process SendGrid data please see the table below:
|
SendGrid Data type |
Retention period |
Why? |
|
Email message bodies |
72 hours* |
We retain email message bodies only as long as it takes for us to deliver the email. This can take up to 72 hours if we need to retry due to delivery failure. * Please note that if you choose to use our Scheduled Sending features, we will retain email message bodies for as long as you tell us to (up to 6 days) based on your schedule. However, once the message is sent, we retain the message only as long as it takes to deliver the email. |
|
Content samples |
7 days |
SendGrid uses a process that takes random content samples of emails, which could include personal data such as recipient email address or the content of emails. We retain this information for 7 days, and we use it for both anti-fraud purposes and for troubleshooting. |
|
SendGrid service, generally |
~30 days |
Email message activity, email recipient data, and metadata automatically times out after around 30 days (specifically, it times out after 37 days; it takes a little while for the deletion to process).
Email activity data is stored globally and not part of Regional Email at this point. |
|
Short links |
60 days |
If you're using our Short Links product, the email addresses stored within the short link will be automatically deleted within 60 days. |
|
Email event data |
~1 year |
Although most data times out after a maximum of 37 days, SendGrid does retain some email event data in pseudonymized form for up to a year for security, fraud detection, anti-abuse, and network protection purposes. While this data does not include message body content, the data is capable of being reidentified with the recipient. |
|
Customer-controlled data |
As long as your account is active |
There is some data that we retain as long as your account is active, and we will not delete. For example, if you're using the Marketing Campaigns service, SendGrid will retain the contact lists you have uploaded for as long as your account is active, unless you use the tools we have provided to delete the information in those lists. Additionally, we will not delete your suppression list (also known as your opt out or unsubscribe list), and we will not remove an individual's name or email from your suppression list. You are responsible for managing your own suppression list. This is because a suppression list tells an organization who not to email, and it might cause the organization to violate spam laws if they delete data from their suppression lists, just to start emailing individuals who have opted out. |
|
Data we must retain for legal reasons |
As required |
Additionally, we may retain data longer than these posted retention periods as needed for legal reasons, such as data we’re required to maintain through legal holds. We won't be able to delete data that we're retaining for these purposes. |
Data retention - Segment service
Segment workspaces are subject to different data retention periods based on plan tier. Customers who have churned, opted to discontinue the use of add-on features, or who have an unused free tier workspace will have their data deleted from Segment's servers in accordance with the Segment data deletion policy. You can learn more about the data retention periods, data deletions and the impact of data deletion in Segment's Data Retention and Deletion Policy.