Tweeps.net Privacy policy

Note: The user data contained in Tweeps.net are indirectly obtained from X (formerly Twitter). Tweeps.net cannot usually verify when particular natural persons are involved. This Privacy Policy has been prepared to satisfy the obligation under the EU's General Data Protection Regulation (GDPR) to provide information to the extent and whenever the data of natural identified or identifiable persons are processed.

This information cannot normally be provided in advance to X users whose data are presented in the Tweeps.net service, as it is practically impossible within the meaning of Article 14(5) of the EU General Data Protection Regulation or would require disproportionate effort on the part of the controller. X users can be considered to have become aware of the use of their X account information in other online services already when they accept the terms of the X service.

 

1. Controller

Tweeps Oy, Oulu, Finland

2. Contact details of the person responsible for processing data

E-mail: privacy@tweeps.net

3. Name of register

User and Customer Register of Tweeps.net

4. Purpose and legal basis for the processing of personal data

Tweeps.net provides search and analysis tools related to X, as well as statistical and visual compilations based on these. The data of X users in the register are processed for these purposes. The service is intended for use by, among others, X users, researchers, journalists and the general public. In addition, Tweeps.net can produce listings, statistics, and surveys of X users.

The legality of the processing of data by X users is based on their acceptance of the collection, public presentation and disclosure of their data to a limited extent for third-party use (including through X's software interface) when accepting the terms and conditionsof the X service. Tweeps.net collects and uses data related to X users within the framework of X's developer terms. The developer terms allow for, among other things, the use of data for the production of various value-added services related to X and the presentation of data in them. Data may also have been collected based on previously valid Twitter developer terms.

Legal bases for the processing of personal data in different situations in accordance with the EU's General Data Protection Regulation:

1. In the case of user data obtained from X's software interface, the legal basis is the legitimate interest of the controller (e.g., freedom to conduct a business).

2. If a user of the Tweeps.net service registers as a user of the service or logs into the service with his or her X ID, he or she must at the same time accept the Tweeps.net Terms of Service. In the case of a registered or logged-in user, the legal basis is the agreement between the parties.  

3. With regard to X-related statistics and research use, the legal basis is the public interest. According to the GDPR, personal data previously collected for different purposes can be processed later, for, among other purposes, research and statistics.

4. Data may be collected from visitors to the online service for visitor tracking and targeting of ads on the basis of their consent. In addition, the IP addresses of visitors to the online service and cookies related to the use of the service are processed on the basis of a legitimate interest, for example, in order to ensure the security of the service.

5. Data content of the register and retention periods of the data

The register is generated by data obtained from X's software interface and data generated by the activities of users of the Tweeps.net service.

Personal data stored in the register includes the names, usernames, IDs, other profile data provided by the users of the X service, as well as public information arising from the use of X, such as user-to-user following relationships, posts (tweets), likes of other users' posts, the frequency of uses and the indicators resulting from statistical analysis of the data.

The register does not contain any specific personal data. The data in the register may be combined with information provided and published by the person or with data obtained from other public sources. For example, X accounts can be listed according to different categories, which can be based on professional fields or a person's public social activities, for example. The data will never be aggregated or used for discriminatory purposes, for surveillance by the authorities, or for other purposes that cannot reasonably be expected under X's Terms of Service.

Tweeps.net's data content is fresh in nature, but the data are temporarily stored for the purpose of carrying out the functions of the service. Data related to X users are automatically deleted no later than 12 months after they were last retrieved by Tweeps.net users.

If a X account has been deleted, its previous owner may ask Tweeps.net to delete the relevant information immediately. See section 10.

In the case of surveys and statistics (including listings and compilations), the retention period of the data may vary case-by-case and the published results may be archived permanently.
For users registered or logged in to the Tweeps.net service, the login-related data and the data generated by the use of the service are stored. In addition, contact details and other information provided by the user can be stored. The data will be deleted no later than two years after the user's last login or one year after the end of activities related to a contract or other commission or order. By law, data may in some cases be stored longer, for example in connection with accounting related to paid services.

Visitor tracking and data for targeting advertising may be stored of visitors to the website of the Tweeps.net service on the basis of their consent. Such information includes, for example, IP addresses, device and advertising tags, and cookies.

6. Regular sources of data

Data for the register are obtained through X's software interface (API). The source is X European Data. Data are mainly retrieved when a user performs different searches on the Tweeps.net service that are directed at X users in particular.

Data are also retrieved, updated, and deleted by programs that run automatically.  

7. Disclosure, publication and transfer of data outside the EU

Information may be disclosed to other companies and organisations, such as those ordering Tweeps.net's commercial services. Information may be disclosed publicly to the extent that it is public on X. If a X user's profile is closed, their posts will not be publicly displayed.

Data may be transferred for the purposes of processing personal data in connection with parties outside the EU or EEA that meet the requirements of the EU's General Data Protection Regulation for the lawfulness of processing. Data are transferred to the United States only with the explicit consent of the user.

If a user logs in to Tweeps.net with their X account, their login-related information will be transferred to X and possibly outside the EU, such as the United States and other countries where X has operations. In this case, the data transfer takes place on the grounds that the user has accepted the terms of service of the Tweeps.net service and, in that connection, has consented to the transfer of the data to X. More information about X's privacy policies.

Information about visitors to the online service may be disclosed to third parties if they consent to it by accepting third-party cookies.

8. Principles for protecting the register

The processing of the register is handled with care and the data in the information systems are properly protected. When register data are stored on Internet servers, the physical and digital security of their hardware are adequately ensured. The controller ensures that the stored data, maintenance IDs of servers and other information critical to the security of the service are processed confidentially and only by the employees whose job description includes this processing.

9. Right of inspection and right to request rectification of information

Every natural person in the register has the right to check their data stored in the register and to require that any incorrect information be corrected or that incomplete information be supplemented. If a person wishes to check or request rectification of the stored data concerning him or her, the request must be sent in writing to the controller. The controller may request the applicant to prove his or her identity and/or his or her right to manage said data. The controller will respond to requests within the time limit set in the EU General Data Protection Regulation (usually within one month).

10. Other rights of the data subject

A person in the register has the right to request the erasure of personal data concerning him or her from the register ("right to be forgotten"). Data subjects also have other rights under the EU's General Data Protection Regulation, such as the right to prohibit the use of personal data for electronic direct marketing and the right to restrict the use of personal data in specific situations set forth in the General Data Protection Regulation. Requests must be sent in writing to the controller. The controller may request the applicant to prove his or her identity and/or his or her right to manage said data. The controller will respond to requests within the time limit set in the EU General Data Protection Regulation (usually within one month).