Ongoing Review - Best Practices

Maintaining App Functionality

Keeping your test details up to date

Ongoing reviews are conducted by Meta reviewers using the test details you provided when creating a new app. To reduce friction, here are some best practices:

• Fill out the test instructions under your app’s “Basic” settings when you first create an app

• Update the test instructions under app’s “Basic” settings whenever there is a change to how your app is accessed. This includes, but are not limited to:

  • Where to find your app
  • Instructions for accessing the app
  • Payment codes, if required

You will also have the opportunity to update your previous test details during your annual Data Use Checkup (DUC). Please ensure that all your test details are up to date, if you have not done so previously.

Keeping permissions up to date

Remove any unused permissions from apps in the App Review tab, or apps that you no longer need. Carefully assess whether or not you need the app as this action may be difficult to reverse.

• To remove an app, go to App Dashboard > Settings > Advanced.

• To remove permissions, go to App Review > Permissions and Features > Remove perspective permissions using the bin icon.

• To remove permissions on the new app experience, remove the use case from your app or remove the permission from the use case.

If your app has any business use cases, you can check your eligibility and upgrade to Facebook Login for Business, which has limited permissions and features. This may reduce the frequency in which you are subjected to ongoing reviews. Please note, your app will still have to demonstrate that it meets Meta’s Platform Terms to maintain its status.

Maintaining your privacy policy

As a part of the ongoing reviews, Meta reviewers will also be checking your privacy policy to ensure that they fulfill Meta’s requirements.

Host your privacy policy on a publicly available link owned and managed by your organization.

Provide a clear example of what data you collect, how you will use it, and the purposes for which you’re using it.

Ensure your link remains live and up-to-date.

Include a clear provision that all users can request their data be deleted.

Ensuring notifications are on

These reviews could occur at any time. To ensure you receive notifications of these requirements, here are a few settings to check:

• Check that the contact email is accurate and regularly monitored.

• Check that notification settings are updated to receive these communications from Meta.

• Check that the list of app admins is up to date in the App Dashboard > App Roles.

Ongoing Review - Tutorial

Keeping Your Test Details Up to Date

Completing your app test details

There will be more than one place for you to review and update your app testing instructions. These are outlined below. To prepare for this, please refer to the following details that you will be asked to provide for each platform your app is on: Where your app can be found (URL or app store ID)

How to access the app

Access codes or test credentials (for apps that require membership) Gift codes (for apps that need payment to be downloaded) In-feature access codes Instructions to bypass geo-blocking restrictions (if applicable) If any codes are needed for testing, please ensure that these codes are still active and working in your testing instructions.

Including privacy policy

Your privacy policy needs to be clearly indicated on all your app platforms, like Google Play and the Apple Store. When providing screencasts of your app, make sure that the privacy policy is visible.

In your app basic settings

After you create an app, you will be given the option to provide testing instructions in the app settings tab. To access this, you will need to click into your app and navigate to app settings in the left hand menu and add platforms for your application at the bottom of the page. For each platform, you can provide specific information for testing instructions. You will be able to skip and/or come back to this page whenever your testing details change. To ensure timely reviews and avoid violations later, please add your testing instructions here as soon as you have them. [Optional screenshot]

During Data Use Checkup (DUC)

You will have another opportunity to update your test details during your annual Data Use Check Up (DUC). In order to complete your DUC, you must input, confirm, or update the testing instructions that you provided previously. The testing instructions will be the last step of your annual DUC and can be completed for multiple apps at once.

Required Action Guidance

If you receive a required action notice regarding your app from a reviewer, please respond to the message in your app’s Alert Inbox as soon as possible to prevent any disruptions to your app.

If you require additional time to address a violation with a warning period, please request an extension through the dedicated call-to-action (“CTA”) per alert. Note that the requesting an extension is done through a button at the alert-level.

For developers providing information close to or on the date of the deadline, we recommend requesting for an extension first; and then submit evidence for review as soon as possible. Doing so will minimize disruption to the app while allowing receipt of the evidence and the appropriate reviews to be performed.

As a part of the ongoing compliance review, you may be asked to record a screencast of your app. The instructions to do so can be found here.

Please note, if your app has been restricted after a violatiuon, you will still be able to test login for apps. Find more information on app role testing here.