Back to Home
Twitter/X logo

Twitter/X Privacy Summary

x.comLast updated: 02/23/2026
Social Media
High Exposure
See methodology

X is a public social networking platform for sharing posts, media, real-time audio Spaces, discovery, and advertising, with APIs and Professional account features.

This summary was generated using AI and may contain errors or omissions. Learn about our methodology. Always refer to the original privacy policy for legal purposes.

Quick Summary

  • What They Collect: Account, content, device, location, inferred identity, payment and ad interaction data (profile and usage).
  • How They Use & Share It: Personalize service, serve and measure ads, train AI, share with affiliates, service providers and ad partners.
  • Your Rights: Account deactivation, settings-based opt-outs for partner sharing, regional data subject request channels (CCPA, DPF, supervisory complaints).

Why You Should Care About Twitter/X's Privacy Practices

  • X collects high-risk data like message contents, device identifiers, precise location, and payment details—risking exposure if misused.
  • Their profiling and AI training practices enable powerful ad targeting and personalization, affecting how you’re shown content and ads.
  • International transfers and broad third-party sharing increase regulatory and data breach risk across jurisdictions.
  • Some identifiers and enforcement-related data may be retained indefinitely, limiting true deletion and long-term privacy control.

Privacy Highlights

What They Collect

  • Account information (username, display name, password, email, phone number)
  • User content and files (posts, images, videos, Direct Messages, uploads, broadcasts)
  • Demographic information (date of birth, language, professional category for Professional Accounts)
  • Feedback data (communications with support, survey and research responses)
  • Payment information (credit/debit card number, expiration, CVV, billing address)

How They Share Data

  • Business affiliates (X corporate affiliates shared data across entities)
  • Service providers (payment processors, hosting, fraud detection, age-assurance providers)
  • Third-party partners (video partners, cross-platform sharing partners, API integrators)
  • Advertising partners and ad platforms

Data Retention

Different retention windows per data type: profile and core account info retained for the duration of the account; usage/content retained for duration of account or until removed; cookies and similar identifiers kept up to ~13 months; ad interactions and partner-shared data kept up to ~12 months; communications kept up to 18 months; some identifiers (used to block repeat offenders) may be retained indefinitely; exceptions apply for legal compliance and safety.

Your Rights

  • Access data
  • Rectify data
  • Erase or limit processing (account deactivation and content removal; some data retained)
  • Object to processing

Detailed Analysis

Concerning Practices

  • Shares data with many third parties (affiliates, partners, service providers and advertisers)
  • Collects extensive personal and inferred data (device IDs, location, message contents, inferred identity)
  • Shares data with business partners unless user opts out of specific partner sharing
  • Uses data for profiling and to train machine learning / AI models (explicitly stated)
  • Transfers data internationally (US, Ireland, other countries; uses SCCs and participates in DPF)
  • May retain some identifiers indefinitely (e.g., to prevent repeat policy offenders)
  • Some sharing cannot be fully controlled by user settings (service provider and legal disclosures)

Personal Data Types

Account information (username, display name, password, email, phone number)User content and files (posts, images, videos, Direct Messages, uploads, broadcasts)Demographic information (date of birth, language, professional category for Professional Accounts)Feedback data (communications with support, survey and research responses)Payment information (credit/debit card number, expiration, CVV, billing address)Profile information (bio, public profile fields, location if provided)Sales and marketing data (ad interactions, ad view/click data, partner-provided data)Support data (emails, help requests, appeal communications)Browser information (IP address, browser type, user agent, cookies, device IDs)Geolocation information (approximate location by IP; optional precise location when enabled)Service usage information (posts, follows, likes, bookmarks, lists, Communities, Spaces activity)Website usage data (log information, referrer, pages visited, timestamps)Information from other users (tags, mentions, address book contacts if uploaded)Publicly available information (public profile, posts, public interactions)

Tracking Methods

Essential cookiesAnalytics cookiesAdvertising cookiesSocial media cookies / third-party cookiesPixel tagsWeb beaconsLocal storage / similar technologies (X-generated identifiers, device identifiers)

Third Parties

Business affiliates (X corporate affiliates shared data across entities)Service providers (payment processors, hosting, fraud detection, age-assurance providers)Third-party partners (video partners, cross-platform sharing partners, API integrators)Advertising partners and ad platformsThird-party developers and collaborators (via APIs and embeds)Government authorities and law enforcement (when required by law)

User Controls

Access dataRectify dataErase or limit processing (account deactivation and content removal; some data retained)Object to processingData portability (requests via privacy channels / regional processes)Withdraw consent (settings and account controls where applicable)Opt-out of marketing (marketing message controls)Delete / deactivate account (with links to account deactivation process)

Frequently Asked Questions About Twitter/X

Want updates when Twitter/X's privacy policy changes?

We'll notify you when there are significant changes to their data practices.

You'll only receive updates for Twitter/X. We won't spam you.

Legal Disclaimer

This analysis is provided for informational purposes only and should not be used as legal advice. Privacy Exposure ratings and summaries are AI-generated assessments based on publicly available privacy policies — they are not statements of fact and may contain errors. Learn how ratings are determined. Consult with legal professionals for matters requiring legal guidance.