Snap finally rolls out its third-party developer tools

Snapchat's parent company is finally rolling out Snap Kit, its rumored suite of tools that lets developers plug in the ephemeral app's data, and vice versa. Initial third-party apps with Snap Kit access include Postmates, Tinder, Poshmark, Eventbrite, Pandora and Giphy.

Why it matters: Snap says its approach to letting outside developers into its network is much more user privacy-focused than fellow social media companies, but it will still have to prove that it's learned from early mistakes.

Snap's privacy pitch for Snap Kit:

• It will only share a user's display name and avatar, and no other identifiable information or friend lists.
• Snap will disconnect any third-party app if a user hasn't used it in 90 days (Facebook recently instituted a similar policy following the Cambridge Analytica scandal).
• All third-party apps will go through a human review and approval process.
• Snap has a history of building products and features that don't rely on collecting as much user data as some other online services, Katherine Tassi, Snap's deputy general counsel for privacy and product, pointed out in a recent interview with Axios.

The tools:

• Creative Kit: Will enable users to add information from other apps into Snapchat's camera, like workout stats or a food order's estimated delivery time.
• Login Kit: Will let users log into other apps using their Snapchat login, and even port over their Bitmoji avatar.

• Bitmoji Kit: Will enable users to use Bitmoji stickers in other apps.
• Story Kit: A tool for other apps to embed public Snapchat Stories into their own websites and apps, and search public Stories based on criteria like location and time.

But, but, but: Snap may be selling itself as the user privacy-conscious social media company today, but just a few years ago, it got in trouble for misrepresenting to users its data retention practices, settling these charges with the FTC in 2014. In December 2013, hackers published a database of 4.6 million Snapchat usernames and numbers after the company was alerted to a vulnerability by a security researcher.