One of the hardest concepts to explain to non-programmer friends/family is that deleting anything in an app is usually flipping a boolean flag in the database from False to True. And even for the rare cases of actually deleting the record or updating the field value, it likely exists in backups somewhere.
> We keep Log Data for a maximum of 18 months. If you follow the instructions here (or for Periscope here), your account will be deactivated and then deleted. When deactivated, your Twitter account, including your display name, username, and public profile, will no longer be viewable on Twitter.com, Twitter for iOS, and Twitter for Android. For up to 30 days after deactivation it is still possible to restore your Twitter account if it was accidentally or wrongfully deactivated.
> If Twitter Content is deleted, gains protected status, or is otherwise suspended, withheld, modified, or removed from the Twitter Service (including removal of location information), you will make all reasonable efforts to delete or modify such Twitter Content (as applicable) as soon as reasonably possible, and in any case within 24 hours after a request to do so by Twitter or by a Twitter user with regard to their Twitter Content, unless otherwise prohibited by applicable law or regulation, and with the express written permission of Twitter.
When I worked at Gnip this requirement was a constant headache for customers, precisely because deleting data is so hard.
And that only reaffirms and proves correct, the comment to which you have replied.
When the user deletes something, it is not destroyed instantly. Instead, it is rendered inaccessible to a broad class or ordinary users. Meanwhile, the systems do still retain the ostensibly deleted data, even if for an hour or 30 minutes, while other, more powerful actors might still have the ability to access and read something the individual thinks is destroyed and gone forever.
That does not actually say that Twitter will delete your account in any specific timeframe. Given the mostly-public nature of Twitter, it's sort of a moot point, but still. Ambiguity should be held against the drafter, especially in privacy policies. On Twitter's deactivation page, it doesn't say they'll delete your data either.
A lesson on how to delete user data but still keep it. RE the headline, i'm not sure. "News flash, mega tech corp thats business model is based on accumulating data has been accumulating lots of user data."
That may've been true before, but in a post-GDPR world, you better delete it (assuming you're serving European users) -- unless of-course there's a legal reason to hold onto the data.
It's never gone.