Twilio, as an electronic communication service provider, is both a processor and a controller of its customers' personal data under European data protection legislation. As a controller of Usage Data, Twilio determines the purposes and means of processing, including how to use the data for billing, routing messages, troubleshooting, and other operational purposes. Although Twilio's role as a controller is limited in scope and time, it requires strong data protection measures to ensure compliance with applicable law. The company's Binding Corporate Rules reflect its commitment to data protection, and it takes precautions regardless of whether acting as a processor or a controller. As a result, Twilio needs to be transparent about its roles and responsibilities regarding customer personal data.