Connections | TLS Policy |
---|---|
To and from end user devices (mobile phones, PCs, tablets, etc.) and your server or cloud infrastructure | TLS 1.2 or greater must be enabled for compatible devices TLS 1.0 and 1.1 may be enabled for compatibility with older devices |
To and from your server or cloud infrastructure and any remote server, cloud infrastructure, or 4th party service | TLS 1.2 or greater must be enforced |
To and from components entirely within your private data center, server, or cloud infrastructure | TLS encryption is recommended but not required for Platform Data transfers that are entirely within a private cloud network |
To and from Facebook and any device, server, or cloud infrastructure | Out of Scope for Data Protection Assessment - Facebook controls the TLS policy for these transfers |
Please note that these FAQs are intended to provide helpful information and links to assist you in responding to the DPA, however, the Data Security Requirements govern our assessment of the DPA. The FAQs are only a guide and should not be read to contradict or supersede the requirements.