Privacy Policy for Sign In with Twitter Button

Twitter allows its users to sign in, log in, or create accounts with other websites and mobile apps by using the "Sign In With Twitter" feature that you've probably seen implemented before.

This sign-in functionality is similar to Sign In with Facebook or Google's login button.

It makes accessing and interacting with your website or mobile app very convenient for users. Users don't have to take the time to create a new account since their already-existing Twitter account can be used for verification and credential validation.

When a user clicks "Sign in with Twitter" an authorization page will open where a user is prompted to enter the Twitter username or email address as well as password and sign in:

Example of Sign In with Twitter button

Here's what the authorization page looks like. Each of the mentioned components is highlighted.

Authorize Page of Sign in with Twitter

If you're considering providing the Twitter sign-in button on your website and/or mobile app, there are a few requirements for implementation when it comes to privacy issues.

The Developer Policy of Twitter requires you to have a Privacy Policy agreement in place if you integrate the "Sign in with Twitter" button.

This Privacy Policy, as required by Twitter's Developer Policy:

  • Must clearly disclose what information you collect from users via their Twitter accounts and how you use this information.
  • Must tell whether third parties collect user information through your service or another service that's connected to yours and whether you honor the Do Not Track setting. Also provide information on how to manage cookies. You can provide information on the Do Not Track through a Do Not Track clause in your Privacy Policy. Information about cookies can be added in this legal agreement, but you can also use a separate Cookies Policy.
  • Must disclose when and how you add location information to users' Tweets.

  • Twitter Developer Policy: Disclose Location Information

The Twitter Developer Policy includes a section titled "Respect Users' Control and Privacy" that includes these requirements for privacy protection.

Twitter requires that express consent is obtained before your app interacts with users' Twitter accounts in certain ways, such as:

  • Taking any actions on a user's behalf, including posting content, following or unfollowing users, storing non-public content
  • Or using a user's content to promote a commercial product or service

  • Twitter Developer Policy: Respect Users Control and Privacy

If your website or mobile app wishes to take any of the actions listed above after users have logged in via Twitter, make sure that you request consent from the user.

This consent can be asked at the time the user's prompted to enter the Twitter information for sign-in.

Here are a number of examples of websites and mobile apps that use Twitter sign-in, how they use the sign-in button, and how they have adjusted their Privacy Policies to meet these legal requirements.

Medium offers an option for users to "Continue with Twitter" rather than having to create an actual Medium account using only their email addresses.

In the "Continue with Twitter" button, Medium lets users know that "we won't post without asking."

Fine print at the bottom of this screen informs users of what will happen if they sign up with Twitter, and provides a link to a Login FAQ with additional information.

Medium Login page: Highlight the Continue with Twitter

The Privacy Policy of Medium includes a section that lets users know that if they authenticate via a third-party, such as Twitter, their contact list may be collected, stored, and periodically updated so that better connections to contacts who are on both Twitter and Medium can be made.

Medium Privacy Policy: If you authenticate via Twitter

Klout has very basic links on its homepage for Facebook, Twitter, and the standard sign-up using the email address.

Klout: Sign in with Facebook, Twitter or Email

The Privacy Policy of Klout includes a section that deals especially with Social Media Services, such as Twitter.

Klout users are told that when they:

[...] sign into the Services using your Social Media Services account, we will collect relevant information necessary to enable our Services to access that Social Media Service, but you will provide your sign in information, like your password, directly to such Social Media Service (and not to us.) As part of such integration, the Social Media Service will provide us with access to certain information that you have provided to such Social Media Service, and we will use, store and disclose such information in accordance with this Privacy Policy and, if and to the extent applicable, the policies of such Social Media Services.
Klout's Privacy Policy

If users are concerned about the connection between Klout and Twitter when it comes to sharing their information, users are direct to look at the Privacy Policy of Twitter to look for useful information regarding data sharing.

Klout Privacy Policy: Social Media Services clause

Hootsuite also has a standard "Sign in with Twitter" button, along with "Sign in with Facebook" and "Sign in with Google":

Hootsuite: Sign in with Twitter, Facebook, Google, Email

The Privacy Policy of Hootsuite lets users know that their social media accounts, including Twitter, can be connected to Hootsuite and that they can choose what data would be collected, processed, shared and accessed from their social profiles.

Hootsuite Privacy Policy: Clause if you sign-in with Twitter, Facebook

This helps users understand how they can have the ability to really control what data is collected, shared and used by Hootsuite.

Product Hunt requires users to log in through either Twitter or Facebook and makes it clear on the login page that no posts will ever be made to either service without permission.

Product Hunt: Login with Twitter or Facebook

The Privacy Policy of Product Hunt lets users know that personal information, such as Twitter log-in credentials, may be transmitted into your Product Hunt account if you authorize it.

Product Hunt Privacy Policy: What information does Product Hunt collect

Goodreads provides options for signing into or creating an account, as well as the option to sign in using Twitter. Instead of buttons, icons are used.

Goodreads: Sign-in with Facebook, Twitter, Google

YouNow provides a link to its Terms of Use underneath the sign-in buttons.

YouNow: Sign-in with Twitter, Facebook or Google

The Privacy Policy of YouNow lets users know that by registering to use the service via Twitter, information may be sent to YouNow. This information includes user location, email address, social followers and following, name, photos, and other account components.

YouNow Privacy Policy: Registration clause

Allowing users to sign in to a website or mobile app via a Twitter sign-in is a very common and convenient thing to do.

Just remember to update your Privacy Policy to include the following information required by Twitter:

  • What information you collect from users via Twitter and how you use and share this information.
  • Whether third parties collect user information via your service or another website or service that's connected to yours, and
  • When and how you add location information to users' tweets if you do so.