Twilio

Twilio

Twilio is a cloud communications platform providing APIs for voice, SMS, video, and messaging. Client-side SDKs can be embedded to enable browser-based calling and video conferencing. Scripts collect device capabilities and network conditions to establish WebRTC connections. May store session tokens and device identifiers in browser storage.

Back to Vendor Library

Overview

Twilio provides cloud communications APIs and client-side SDKs that enable websites to offer browser-based voice calling, video conferencing, and real-time messaging. When detected on a website, Twilio's JavaScript SDK is enabling some form of real-time communication — click-to-call buttons for sales or support, in-browser video consultations, or chat interfaces powered by Twilio's messaging infrastructure. The platform serves as invisible communications plumbing, connecting web interfaces to phone networks and messaging channels.

What This Script Does

Twilio's client-side SDKs load from Twilio's CDN and establish real-time communication channels through the browser.

  • Scripts loaded: Twilio Client JS SDK (media.twiliocdn.com/sdk/js/client/) for voice calling, Twilio Video SDK for video conferencing, or Twilio Conversations SDK for messaging — depending on which features the website implements
  • WebRTC connections: For voice and video, the SDK establishes WebRTC peer connections through Twilio's TURN/STUN servers, handling NAT traversal, codec negotiation, and media relay
  • Data collected: Device capabilities (microphone, camera, speaker availability), network quality metrics (latency, packet loss, jitter), and session metadata for connection reliability
  • Browser storage: Access tokens and session identifiers are stored in sessionStorage or localStorage to maintain authenticated communication sessions. Device identifiers may be cached for call quality optimization.
  • Cookies: Twilio's client SDKs do not typically set HTTP cookies. Communication state is managed through browser storage APIs and in-memory session state.
  • Permissions: The browser prompts for microphone permission (voice calls) and camera permission (video calls) when the user initiates a communication session.

Consent & Compliance

Twilio falls under the functional consent category.

Under GDPR and ePrivacy, Twilio's communication SDKs serve a functional purpose — enabling real-time voice, video, or messaging explicitly initiated by the user. The browser storage used for session tokens and device identifiers is required for the communication service to function. Since Twilio's SDKs typically do not set HTTP cookies but use browser storage APIs, the ePrivacy analysis focuses on whether the stored data is strictly necessary for the requested service (which it generally is for active communication sessions).

Under CCPA/CPRA, communication session data (device identifiers, call quality metrics) and any personal data transmitted during calls (voice, video, messages) constitute personal information. Twilio acts as a data processor under its data processing addendum.

Twilio offers data residency controls and is certified under the EU-US Data Privacy Framework.

Should You Block This Without Consent?

No. Twilio SDKs enable functional communication features (calling, video, messaging) that users explicitly initiate. Blocking them would disable the communication capability. The SDKs do not perform advertising or behavioral tracking. Load the SDK on user interaction (click-to-call) rather than pre-loading on every page to minimize unnecessary resource loading.

Visit website

Products (1)

Twilio SMS
Twilio SMS
Twilio SMS is a programmable messaging API used to send and receive SMS and MMS messages. It operates as a backend service and does not directly embed scripts on end-user web pages. Phone numbers and message content are processed through Twilio's API. No browser-side cookies or tracking scripts are loaded on visitor-facing pages.

Consent Categories

Functional

Also Known As

twiliotwilio sdktwilio webrtctwilio videotwilio clienttwilio browser calling

Industries

Computers Electronics and TechnologyProgramming and Developer Software

Tracked Domains (1)

twilio.comFunctional

Frequently Asked Questions

Is consent required for Twilio on my website?

Conditional. Twilio's communication SDKs enable functional features like click-to-call and video conferencing explicitly initiated by the user. They do not set HTTP cookies or perform behavioral tracking. Consent under functional category applies, but strictly necessary exemption may cover session storage used during active communication.

What data does Twilio collect on website visitors?

Twilio collects device capabilities (microphone, camera availability), network quality metrics (latency, packet loss), and session metadata. Access tokens and session identifiers are stored in sessionStorage or localStorage. No HTTP cookies are set. Permissions for microphone and camera are requested only when a call is initiated.

How does ConsentStack detect Twilio?

ConsentStack identifies Twilio through its CDN domain media.twiliocdn.com and SDK script paths for voice, video, and messaging. It classifies Twilio under the functional category. Because Twilio serves communication features initiated by users, ConsentStack allows it to load without blocking in most configurations.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for Twilio

ConsentStack automatically detects and manages Twilio trackers so your site stays compliant with global privacy regulations.

Get started free