- Facebook <case++[case-code]@support.facebook.com>
- 15 February 2019 at 18:53:57 GMT+1
- Contact the Data Protection Officer (DPO) #[case-number]
We refer to your request in accordance with Article 15 of the Data Protection Regulation 2016/
1. How can I access my personal data on Facebook?
As a Facebook user, you can access your Facebook user information, including photos, posts, reactions and comments, using the Access Your Information tool which allows you to view your account data at any time and in a single place. We’ve categorised this information by type so you can find what you’re looking for.
The Access Your Information tool is available in the “Your Facebook Information” section of the settings.
To view Your Facebook Information from a computer:
- Go to the top right of Facebook and click .
- Click Settings.
- Click Your Facebook Information.
- Go to the information you want to review and click View.
The Your Facebook Information section also includes tools and resources to help you manage, download and delete your information on Facebook.
2. What categories of personal data does Facebook collect about me? And where does the personal data come from?
The data categories that Facebook holds about you depend on how you use Facebook Products. These data categories and their sources are clearly set out in our Data Policy (accessible via https://www.facebook.com/
Information and content you provide. We collect the content, communications and other information you provide when you use our Products, including when you sign up for an account, create or share content, and message or communicate with others. This can include information in or about the content you provide (like metadata), such as the location of a photo or the date a file was created. It can also include what you see through features we provide, such as our camera, so we can do things like suggest masks and filters that you might like, or give you tips on using portrait mode. Our systems automatically process content and communications you and others provide to analyze context and what’s in them for the purposes described below. Data with special protections:You can choose to provide information in your Facebook profile fields or Life Events about your religious views, political views, who you are “interested in,” or your health. This and other information (such as racial or ethnic origin, philosophical beliefs or trade union membership) is subject to special protections under EU law.
Networks and connections. We collect information about the people, Pages, accounts, hashtags and groups you are connected to and how you interact with them across our Products, such as people you communicate with the most or groups you are part of. We also collect contact information if you choose to upload, sync or import it from a device (such as an address book or call log or SMS log history), which we use for things like helping you and others find people you may know and for the other purposes listed below.
Your usage. We collect information about how you use our Products, such as the types of content you view or engage with; the features you use; the actions you take; the people or accounts you interact with; and the time, frequency and duration of your activities. For example, we log when you’re using and have last used our Products, and what posts, videos and other content you view on our Products. We also collect information about how you use features like our camera.
Information about transactions made on our Products. If you use our Products for purchases or other financial transactions (such as when you make a purchase in a game or make a donation), we collect information about the purchase or transaction. This includes payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing, shipping and contact details.
Things others do and information they provide about you. We also receive and analyze content, communications and information that other people provide when they use our Products. This can include information about you, such as when others share or comment on a photo of you, send a message to you, or upload, sync or import your contact information.
- Device Information. We collect information from and about the computers, phones, connected TVs and other web-connected devices you use that integrate with our Products, and we combine this information across different devices you use. For example, we use information collected about your use of our Products on your phone to better personalize the content (including ads) or features you see when you use our Products on another device, such as your laptop or tablet, or to measure whether you took an action in response to an ad we showed you on your phone on a different device. Information we obtain from these devices includes:
- Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins.
- Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots).
- Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts you use, and Family Device IDs (or other identifiers unique to Facebook Company Products associated with the same device or account).
- Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers.
- Data from device settings: information you allow us to receive through device settings you turn on, such as access to your GPS location, camera or photos.
- Network and connections: information such as the name of your mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on your network, so we can do things like help you stream a video from your phone to your TV.
- Cookie data: data from cookies stored on your device, including cookie IDs and settings.
- Information from partners. Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use, including our social plug-ins (such as the Like button), Facebook Login, our APIs and SDKs, or the Facebook pixel. These partners provide information about your activities off Facebook—
including information about your device, websites you visit, purchases you make, the ads you see, and how you use their services— whether or not you have a Facebook account or are logged into Facebook. For example, a game developer could use our API to tell us what games you play, or a business could tell us about a purchase you made in its store. We also receive information about your online and offline actions and purchases from third-party data providers who have the rights to provide us with your information.Partners receive your data when you visit or use their services or through third parties they work with. We require each of these partners to have lawful rights to collect, use and share your data before providing any data to us.
3. How does Facebook use my personal data?
As set out in our Data Policy, Facebook uses the information held about its users to:
Provide, personalise and improve our Products. We use the information that we have to deliver our Products, including to personalise features and content (including your News Feed, Instagram Feed, Instagram Stories and ads) and make suggestions for you (such as groups or events you may be interested in or topics you may want to follow) on and off our Products. To create personalised Products that are unique and relevant to you, we use your connections, preferences, interests and activities based on the data that we collect and learn from you and others (including any data with special protections that you choose to provide where you have given your explicit consent); how you use and interact with our Products; and the people, places or things that you’re connected to and interested in on and off our Products.
Information across Facebook Products and devices: We connect information about your activities on different Facebook Products and devices to provide a more tailored and consistent experience on all Facebook Products that you use, wherever you use them. For example, we can suggest that you join a group on Facebook that includes people you follow on Instagram or communicate with using Messenger. We can also make your experience more seamless, for example, by automatically filling in your registration information (such as your phone number) from one Facebook Product when you sign up for an account on a different Product.
Location-related information: We use location-related information – such as your current location, where you live, the places you like to go, and the businesses and people you’re near – to provide, personalise and improve our Products, including ads, for you and others. Location-related information can be based on things such as precise device location (if you’ve allowed us to collect it), IP addresses and information from your and others’ use of Facebook Products (such as check-ins or events you attend).
Product research and development: We use the information we have to develop, test and improve our Products, including by conducting surveys and research, and testing and troubleshooting new products and features.
Face recognition: If you have it turned on, we use face recognition technology to recognise you in photos, videos and camera experiences. The face recognition templates that we create are data with special protections under EU law. If we introduce face recognition technology to your Instagram experience, we will let you know first, and you will have control over whether we use this technology for you.
Ads and other sponsored content: We use the information we have about you – including information about your interests, actions and connections – to select and personalise ads, offers and other sponsored content that we show you.
Provide measurement, analytics and other business services. We use the information that we have (including your activity off our Products, such as the websites you visit and ads you see) to help advertisers and other partners measure the effectiveness and distribution of their ads and services, and understand the types of people who use their services and how people interact with their websites, apps and services.
Promote safety, integrity and security. We use the information that we have to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our Products, and promote safety and security on and off Facebook Products. For example, we use data that we have to investigate suspicious activity or breaches of our Terms or Policies, or to detect when someone needs help.
Communicate with you. We use the information that we have to send you marketing communications, communicate with you about our Products and let you know about our Policies and Terms. We also use your information to respond to you when you contact us.
Research and innovate for social good. We use the information that we have (including from research partners who we collaborate with) to conduct and support research and innovation on topics of general social welfare, technological advancement, public interest, health and well-being. For example, we analyse information that we have about migration patterns during crises to aid relief efforts.
Facebook is a complex system, and we use various algorithms to ensure that you see the most engaging and relevant content. The precise details of these algorithms are confidential, and sharing them with would adversely affect our IP and trade secrets. In addition, while these algorithms help to customise the content you see on Facebook, they do not constitute the sole basis for any decision significantly affecting you (within the meaning of Article 15(1)(h) of the GDPR). As a result, we are not in a position to provide you the precise details of our algorithms.
However, we take pride in ensuring that our users understand how Facebook works, so we set out below a description of three of the main ways we make decisions that affect your Facebook experience: (i) the content that appears in your newsfeed; (ii) the ads that you receive on Facebook; and (iii) the apps we recommend to you.
Newsfeed. The stories that show in your News Feed are influenced by your connections and activity on Facebook. This helps you to see more stories that interest you from friends you interact with the most. The number of comments and likes a post receives and what kind of story it is (ex: photo, video, status update) can also make it more likely to appear in your News Feed;
4. How and with whom does Facebook share my personal data?
5. Where does Facebook transfer, store and process my personal data, and what safeguards does Facebook have in place with respect to this information?
We share information globally, and your information will be transferred or transmitted to, or stored and processed, in countries outside of where you live for purposes outlined in our Data Policy.
We have in place multiple safeguards to lawfully transfer personal data around the world. These data transfers are necessary to provide the services set forth in our Terms and Policies, and to globally operate and provide our Products to you. We utilize standard contract clauses and we rely on the European Commission’s adequacy decisions about certain countries, as applicable.
Specific information regarding the exact countries in which our servers are located and the technical and organisational measures we undertake to protect your data are outside the scope of a subject access request.
6. Data retention, account deactivation and deletion
We store data until it is no longer necessary to provide our services and Facebook Products, or until your account is deleted – whichever comes first. This is a case-by-case determination that depends on things like the nature of the data, why it is collected and processed, and relevant legal or operational retention needs. For example, when you search for something on Facebook, you can access and delete that query from within your search history at any time, but the log of that search is deleted after 6 months. If you submit a copy of your government-issued ID for account verification purposes, we delete that copy 30 days after submission.
When you delete your account, we delete things you have posted, such as your photos and status updates, and you won’t be able to recover that information later. Information that others have shared about you isn’t part of your account and won’t be deleted. If you don’t want to delete your account but want to temporarily stop using the Products, you can deactivate your account instead.
7. Does Facebook make decisions about me solely on the basis of automated processing pursuant to Article 22 GDPR, and if so, what is the logic involved and significance associated with the processing?
We have not identified any processing in respect of your personal data which falls within the scope of Article 22(1) of the GDPR.
8. What security measures does Facebook have in place? Has my personal data ever been subject to an unauthorised or inadvertent disclosure by Facebook?
9. What are your rights provided under GDPR?
Under GDPR, you have the right to rectify and delete your personal data. You also have the right to object to, and restrict certain processing of, your personal data. This includes:
- the right to object to our processing of your data for direct marketing, which you can exercise by using the “unsubscribe” link in such marketing communications, and
- the right to object to our processing of your data where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.
You also have a right to lodge a complaint with the Office of the Irish Data Protection Commission, which is Facebook’s lead supervisory authority (please see http://www.dataprotection.ie) or your local supervisory authority.
We hope the above is helpful. If you have any further questions or specific concerns please feel free to reach out to us.