Companies (that access Facebook through an app) can satisfy this requirement in one of two ways:
- Implement a Data Deletion Request Callback.
- The data deletion callback is called whenever an app user removes your app and requests that you delete their data. Your app users can do this by going to their Facebook profile and clicking the Send Request button on the Settings & Privacy > Settings > Apps and Websites page.
- Provide a URL with explicit instructions for app users on how to delete their data by way of a third-party website or tool.
The new requirement means that companies need to consult their app developers for assistance with either option, make appropriate updates to their Privacy Policies, and also consult outside counsel to determine if the solutions satisfy legal requirements and Facebook’s new policy. Facebook has published this resource for developers.
The attorneys in Michael Best’s Privacy & Cybersecurity practice group have extensive experience in assessing compliance with global and domestic laws which regulate the collection, processing, storage and deletion of personal data through website and mobile applications. Please reach out to any of our attorneys if you are in need of a legal risk assessment or the need to implement compliance solutions.