Privacy Policy Expectations

This document contains the minimum expectations for what your privacy policy should include. Please note that this is not intended to be, and is not, an exhaustive list of all possible considerations that are involved in creating a privacy policy. Your privacy policy should comprehensively and fully disclose all of your privacy practices and also comply with any applicable laws and regulations, so you may need to include additional or unique information to comply with certain laws and regulations.

Find more video resources from Data Protocol.

Why Meta Requires Developers to have a Privacy Policy

Privacy disclosures help users understand what data you collect, why you collect it, and what you do with that data. Disclosures generally should be comprehensive, accurate, and easy for users to understand.

What a basic privacy policy should say

• What information do you collect

In general, you should disclose the information that you collect from the user or about the user, either directly or via third parties. This includes any information collected automatically, such as browser information, server information, or usage information; in addition to information that you get from the user, either directly or via a permissions API.

• How you process that information and the purpose for collecting that information.

Your privacy policy should disclose how you use the information you collect and a clear purpose for why you are processing user data. For example, you may use the information to provide certain services to users, to recognize them the next time they use your app, or to send them promotional emails.

• How can the user request that their data be deleted?

Your privacy policy should describe a clear way for users to request the deletion of their data. This may be an email or a contact form, which should be up to date and valid.

In addition to some content requirements, our policies also require that links to your privacy policy be made available as follows:

Facebook Platform Terms - 4. Privacy Policy

4.a "If you use Platform to Process Platform Data, you will provide and comply with a publicly available and easily accessible privacy policy."

The purpose of this policy is to provide your users and the public with a privacy policy on your website. Make sure that your privacy policy isn’t hidden or difficult to find, and that it isn’t geo-blocked to prevent users from certain locations from viewing it.

• All developers must provide a link to a privacy policy that explains what data is collected and how it is used, explain the purposes for which the data is being processed, and how users may request deletion of that data.
• The linked page must be clearly marked as a privacy policy.
• The privacy policy must be your own privacy policy, and not the policy of another company.
• Ensure the link to the privacy policy on the website is live, clickable and not geo-blocked.
• Broken privacy policy links are considered violations and are subject to enforcement.

4.f "You will maintain publicly available links to your privacy policies in the privacy policy field in the settings of your App Dashboard, as well as in any App Store that allows you to do so, if applicable, and ensure the links remain current and up to date."

The purpose of this policy is to ensure that the privacy policy listed in your App Dashboard settings and in the App Store are up to date and reflect your current privacy policy. Apps with inaccurate or missing privacy policy links are subject to enforcement action.

• Ensure links to privacy policy are live, clickable and not geo-blocked on the App Dashboard and any App Store where it is displayed (such as Google Play, Apple App Store).
• We recommend using the sharing debugger to check if the URL is valid (having an 200 response code) before submitting the change.

For more information, see:

• https://developers.facebook.com/docs/sharing/webmasters/crawler/
• https://developers.facebook.com/blog/post/2020/11/10/introducing-graph-v9-marketing-api-v9/

To update the privacy policy URL, go to the App Dashboard and update the URL in Settings.

Check that the link to your privacy policy on the App Store and Google Play are valid.