Segment · Segment Privacy Policy · View original document ↗

Cookie and Tracking Technology Collection

Medium severity Medium confidence Inferredfromcontext Unique · 0 of 343 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Segment recorded 2 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Segment Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

Twilio uses cookies, pixels, and similar tracking technologies on its website to collect device identifiers, browsing behavior, and usage data, which is used for analytics, advertising, and site optimization.

This analysis describes what Segment's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision authorizes collection of behavioral and device-level data from all website visitors, including through third-party tools such as Google Tag Manager and Adobe Launch, which may transmit data to external parties.

Interpretive note: The exact text of the privacy notice body was not available in the provided document source, which consisted primarily of page HTML and navigation infrastructure; tracking technology disclosures are inferred from technical scripts present in the page source.

Recent Activity

This document changed recently

Medium May 22, 2026

The updated policy establishes a new opt-out mechanism allowing users to decline having their data disclosed to third parties (other than service providers) or used for purposes materially different from the original collection purpose. The policy also explicitly discloses that Twilio Inc. is subject to FTC investigatory and enforcement powers, providing users with notice of the regulatory authority overseeing the company's privacy practices. You can exercise this opt-out right by contacting Segment through the mechanism specified in their privacy policy.

View change record →
Medium May 19, 2026

The updated terms establish clearer disclosure of how Segment transfers personal data internationally. Segment now explicitly certifies its compliance with the EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework, and states that these DPF Principles take precedence if they conflict with other policy terms. The updated policy also adds specific rights allowing you to opt out of: (i) disclosure of your personal data to third parties other than service providers acting under Segment's instructions, or (ii) use of your personal data for purposes materially different from the original purpose or your subsequent authorization. You can exercise these rights by contacting privacy@twilio.com.

View change record →

Clause Stability Mostly Stable

1
Change
2
Months Monitored
May 12, 2026
First Seen
May 20, 2026
Last Seen
This clause type exists across 3350 other provisions on other platforms.
This clause has changed once in 2 months of monitoring.

Change history

removed May 22, 2026

Removal of this broad provision may indicate that cookie and tracking practices have been reorganized into more specific provisions like 'Segment Analytics Tracking' or consolidated into other sections.

View full change record →

Consumer impact (what this means for users)

Visitors to twilio.com have device identifiers, browsing activity, and behavioral data collected via tracking technologies; this data may be shared with advertising and analytics partners. Users can manage these preferences through the TrustArc consent tool on the site.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Opt Out of Arbitration
    Visit the Twilio privacy page and use the TrustArc cookie consent tool displayed on the site to manage your cookie and tracking preferences.

How other platforms handle this

Ledger Medium

At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.

Strava Medium

If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.

eBay Medium

We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.

See all platforms with this clause type →

Monitoring

Segment has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →
ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY LANDSCAPE: This provision engages the EU ePrivacy Directive, GDPR Article 6 lawful basis requirements, and CPRA opt-out of cross-context behavioral advertising. The relevant enforcement authorities include EU Data Protection Authorities, the UK ICO, and the California Privacy Protection Agency. Where behavioral advertising cookies are used, valid prior consent is required under GDPR and ePrivacy frameworks before firing tracking tags. (2) GOVERNANCE EXPOSURE: Medium. The use of Google Tag Manager and Adobe Launch on the same page as the privacy notice, combined with a TrustArc consent wrapper, raises questions about whether third-party tags fire only after valid consent is obtained. The adequacy of the consent flow would require technical audit to confirm. (3) JURISDICTION FLAGS: EU and UK users are protected by ePrivacy and GDPR consent requirements; California users have CPRA opt-out rights for cross-context behavioral advertising. The provision applies globally to all twilio.com visitors, creating heightened exposure in these jurisdictions. (4) CONTRACT AND VENDOR IMPLICATIONS: Procurement teams evaluating Twilio should assess whether data collected via these tracking technologies is processed under a data processing agreement, and whether sub-processors (Google, Adobe) are disclosed in a sub-processor list. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should conduct a technical audit of the TrustArc implementation to confirm tags do not fire before consent is captured; review sub-processor disclosures for advertising and analytics vendors; and confirm lawful basis documentation for behavioral tracking under GDPR.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has jurisdiction over unfair or deceptive data practices, including undisclosed behavioral tracking and advertising data sharing by US companies.
    File a complaint →

Applicable regulations

CCPA/CPRA
California, USA
Colorado AI Act
US-CO
Connecticut Data Privacy Act Amendments
US-CT
CAN-SPAM
United States Federal
FTC Act Section 5
United States Federal
GDPR
European Union
Indiana Consumer Data Protection Act
US-IN
Kentucky Consumer Data Protection Act
US-KY
Universal Opt-Out Mechanism Expansion 2026
US
VPPA
United States Federal

Provision details

Document information
Document
Segment Privacy Policy
Entity
Segment
Document last updated
May 5, 2026
Tracking information
First tracked
May 8, 2026
Last verified
May 12, 2026
Record ID
CA-P-011689
Document ID
CA-D-00700
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
1e5bbf4d983ee8081c4ac6d66bb2964eb214225dcf4ded575c19b5ff3fe5f3d5
Analysis generated
May 8, 2026 12:54 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Segment
Document: Segment Privacy Policy
Record ID: CA-P-011689
Captured: 2026-05-08 12:54:03 UTC
SHA-256: 1e5bbf4d983ee808…
URL: https://conductatlas.com/platform/segment/segment-privacy-policy/cookie-and-tracking-technology-collection/
Accessed: July 4, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Related Analysis

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Segment's Cookie and Tracking Technology Collection clause do?

This provision authorizes collection of behavioral and device-level data from all website visitors, including through third-party tools such as Google Tag Manager and Adobe Launch, which may transmit data to external parties.

How does this clause affect you?

Visitors to twilio.com have device identifiers, browsing activity, and behavioral data collected via tracking technologies; this data may be shared with advertising and analytics partners. Users can manage these preferences through the TrustArc consent tool on the site.

Is ConductAtlas affiliated with Segment?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Segment.