Explanation of changes
We want to make sure you understand the proposed updates to the Data Use Policy so we have included descriptions of the changes by section. While we’ve provided a lot of information below, the vast majority of the proposed changes represent additional explanations of current practices rather than substantive changes in how we use your data. We are proposing three main categories of changes to our Data Use Policy: (1) examples and explanations to enhance the descriptions of our policies, many of which were based on recommendations from the Irish Data Protection Commissioner’s Office, the regulatory oversight agency for our services outside the U.S. and Canada; (2) new language to explain our policies around new features we’ve launched or updated since we last revised our Data Use Policy; and (3) administrative and organizational changes.
Since the last revision to our Data Use Policy, we launched Facebook Timeline. Therefore, we’re changing “profile” to “timeline” and “post” to “story” throughout the Data Use Policy and including references to features, like cover photos, that work with timeline.
In addition, there were a few places where the Data Use Policy was duplicative or where items would be more relevant in other sections. To address those organizational issues, we consolidated a few discussions into the sections where we thought they made the most sense.
Section I. Information we receive and how it is used
This section explains the type of information we receive and how we use that information. We have updated the policy in the following ways:
- Your information and Information that is always publicly available. In these sections, we’ve stated the kinds of information about you that are always public. For instance, your gender is public information, and we use your gender throughout the site to refer to you properly. And, as we’ve explained throughout the Data Use Policy, your gender is shared with apps so they can refer to you properly as well. You will still be able to hide your gender on your timeline. In addition, cover photos are a new part of the Facebook experience, and we’re updating the Data Use Policy to let you know that, just like your profile pictures, your cover photos are public. If you’re uncomfortable with making your profile pictures or cover photos public, you can always delete them.
- Information others share about you. We’ve added some language to clarify how others may share information about you (for example, posting a picture of you or by uploading your contact information). In addition, we consolidated some language in this section about apps into the section entitled Controlling what information you share with applications.
- Other information we receive about you. We’ve provided additional descriptions around the ways we receive information about you when you interact with Facebook and how that information may be used. For example, we’ve added clarifications about the types of data we receive about you when you use our mobile app. In addition, we have replaced the specific reference to data retention around advertisers with an overall data retention commitment, which is described below in How we use the information we receive.
- Usernames and User IDs. The clarifications in this section provide further information about your Username and User ID, including that we will assign usernames and Facebook email addresses to your Facebook account if you have not selected them already. This makes it easier for you to tell friends how to find your timeline and for you to email people off Facebook.
- How we use the information we receive. We receive information about you through your interaction with Facebook. In this section we’re providing more examples of the ways we may use that data to continue to provide you with the best features and services possible. For example, we may use this data to deliver ads that are more relevant to you. We’ve also included a reminder that when others share information about you, they control how that information is shared.
In addition, we’ve added new language that explains our overall commitment around data retention: we will retain data for as long as necessary to provide services to users and others. This broader commitment applies to all data we collect and receive about you, including information from advertisers. With respect to advertisers, those relationships are evolving because of the different services we provide. We will continue to retain data received from advertisers for 180 days where that length of time is necessary to provide services. But there may be some times when we will need to keep information that we get from an advertiser for longer than 180 days. For example, if an advertiser creates a Facebook Page, we wouldn't delete information the advertiser puts on its page simply because 180 days had passed. Instead, we would delete it when it was no longer needed — when the page owner deleted it or closed its account. The revisions in this section do not change our commitment that we won't share information that personally identifies you with advertisers without your permission.
- Deleting and deactivating your account. We added tips to these two sections. One that clarifies that friends will see you in their friend lists while your account is deactivated. And a second that explains that certain logs are needed to provide you with service during the lifetime of your account and therefore are deleted only after you delete your account.
Section II. Sharing and finding you on Facebook
This section is designed to help you understand how you can use your privacy settings to control the information you share on Facebook and how people can find you. We have updated the policy in the following ways:
- Control each time you post. We’ve added a tip to be sure you know that someone may deduce information about you even if you don’t share it. For example, we note that people might guess it is your birthday because your friends have posted birthday wishes on your timeline. You have the ability to delete or hide these posts from your timeline if you wish. We also added some language to illustrate our existing statement that, when you make a comment on someone else’s post, that person – not you – gets to select the audience.
- Control over your timeline. The new tip in this section clarifies that, even if you restrict who can see your entire list of friends, when someone visits your timeline, they may be able to see some of the mutual friends you have in common. That’s because some of those mutual friends have set a different audience for their list than you have.
- Finding you on Facebook. We’ve included more detail about how people can find you on Facebook. You can use your privacy settings to control whether someone can see your contact information (such as your email and telephone number) on your timeline. In addition, we offer a separate setting to control whether people can search for you using that contact information. This is because you might want people who know your contact information to find you but you might not want to show your contact information to people who don’t already have it. We also explain that neither of these settings impacts whether someone can find your timeline when they search for content that they have permission to see.
- Access on phones and other devices. Since more people than ever are using Facebook on their mobile phones, we thought it was important to add more information about how Facebook works on mobile devices. As part of mobile integrations, other users may sync or save information you’ve shared with them to their mobile devices – such as contact information or event information from a calendar invite. We have included a tip to remind you that you should only share information with people you trust because they may be able to store or re-share that information, including by syncing it with a mobile device.
- Activity log. With the launch of timeline, we also launched an exciting new control tool, Activity Log, which gives you one place to see the things you’ve posted to Facebook. From your Activity Log, you can change the visibility of your posts or control whether they show up in your timeline. Only you can see your Activity Log.
- Links and Tags. We added new language in this section to explain further how tags function. Simple URL references to someone’s Facebook timeline are links, not tags. Tags are a special type of link that add you and your friends to the audience of the post and add content to your timeline. You can choose whether the story you’ve been tagged in appears on your timeline and which audience sees it through the many tools Facebook provides to control tagging. For example in your privacy settings you can turn on timeline review, which allows you to review posts and photos you're tagged in before they go on your timeline.
- Groups. The new language clarifies how you can join Groups and be added to subgroups. It reflects our launch of Groups for Schools, which are special groups that are only open to people who have a confirmed email address for a particular school. For example, you can join the University of Florida group if you go to school there and have a confirmed @ufl.edu email address. Groups for Schools have subgroups within them – for instance, a subgroup for your English class. If you’re in the University of Florida group, then anyone in that group (even if they aren’t your friend on Facebook) can invite you to a University of Florida subgroup.
- About Pages. We’ve added a tip to this section to make sure you know that Page administrators receive aggregate information on how their customers or fans are interacting with their Pages. In addition, similar to timeline, Page administrators may know you’ve made a connection to their Page if you “like” their Page or post a comment.
Section III. Other websites and applications
This section provides information about features like social plugins and the ways in which your information is shared with applications and websites you and your friends use. We have updated the policy in the following ways:
- Controlling what information you share with applications. We’ve added language here to clarify the type of information apps receive when you install them. We describe the limited categories of information that Facebook tells apps when you first visit them. If an app wants additional information, they must get your permission. If you do this, the app can access, store and update that information. Once you haven’t used the app for a while, however, that app won’t be able to continue updating this additional information until you give it permission again. In addition, we’ve added a tip to remind you that apps have their own policies around how they handle the data they receive and that you should contact an app directly if you want your information deleted.
- Controlling what is shared when the people you share with use applications. You can use the “Apps and Websites” privacy setting to control the information others share about you with the apps they use, except for public information about you or your list of friends.
- Logging in to another site using Facebook. Through Facebook Platform you can log into other applications and websites using your Facebook account. We added language to this section to remind you that we provide the site with your User ID when you login, just like when you connect with any other application. In addition, we have clarified that we use a technology called "hashing" that is designed to protect your email address when you use Facebook to login to another website. This technology offers a similar level of protection to encryption. We scramble your email address and then instruct the other website to scramble it in the same way. If the scrambled versions match, we can identify your account without needing to send your email address to the other website.
- About social plugins. Social plugins are tools that other websites can use to provide you with personalized and social experiences. When you interact with social plugins, you can share your experiences off Facebook with your friends and others on Facebook. We have launched new social plugins since we last updated the Data Use Policy, so we want to provide you with additional information on how plugins operate. We have not changed the information we collect through plugins or our policy about how we use that information. For more information, see our Help Center (https://www.facebook.com/help/social-plugin-privacy).
- About instant personalization. We’ve added language to explain that, in addition to websites, apps may also use instant personalization (including those on Pages on Facebook).
Section IV. How Advertising and Sponsored Stories work
- Ads and social context, Sponsored stories and Facebook content. We added tips into these sections to clarify that your “Show my social actions in Facebook Ads” setting only controls ads with social context. This setting doesn’t impact Sponsored Stories, which are different from Facebook ads.
Section V. Cookies, pixels, and other system technologies
We are moving the section on Minors and Safety to Section VI. We have not made any changes to the content of this section.
Section VI. Some other things you need to know
- Safe harbor. As part of our participation in the Safe Harbor program, we added contact information for TRUSTe, a global privacy management solutions provider through which we agree to resolve any disputes.
- Contact us with questions or disputes. We added contact info for questions or complaints about the Data Use Policy.
- Responding to legal requests and preventing harm. The new language in this section further explains the legal obligations and other circumstances in which we may access, preserve or share your information in a way that is different from how we normally handle it.
- Access requests. This section reflects our belief that you should have access to your personal data on Facebook. We’ve updated this language to reflect a recently launched expansion to Download Your Information, a tool that allows you access to an expanded archive of your Facebook account history.
- Memorializing accounts. The revisions to this section reflect new features like timeline and the fact that requests to access or close a deceased person’s Facebook account are subject to legal or procedural requirements.
- Service Providers. Like other companies, we sometimes use outside service providers to help improve the services we offer, such as by processing payments. We’ve added language to this section to elaborate on how we use service providers.
- Security and bugs. We have systems in place that attempt to keep Facebook operating bug-free and safe. Additionally, we have a White Hat Bug Bounty Program where people can responsibly disclose bugs on our site so that they can be escalated for immediate review. The new language in this section is a reminder that no system is perfect.
- Information for users outside the United States and Canada. We added contact information for our international headquarters, Facebook Ireland Limited, which provides services to users outside the U.S. and Canada.
- Your California Privacy Rights. We added this section as another way for California residents to get information on how to contact us.