Update October 24: If you have received an enforcement warning alert and email but have been unable to respond due to app contact email access or otherwise, please check your dev alerts. If you are in your enforcement warning period, you will receive a dev alert with an alternate way to contact us. Submitting via the form provided will automatically pause enforcement actions until DevOps is able to triage the response. We will continue sending these alerts to impacted apps, so please ensure you monitor your Alerts panel in your App Dashboard closely.
Over the last several years, we’ve made a number of changes to our platform aimed at further safeguarding people’s data. Some of these have included improvements to App Review, updating our Developer Terms and Platform Policies, and launching Data Use Checkup and Data Protection Assessment.
Following an announcement on July 22, 2021, we notified some developers by email and via their Developer Dashboard about their responsibility to complete a Data Protection Assessment. If this requirement applies to you, you must take action in order to avoid enforcement and potential loss of access to our platform or other app disruption.
Specifically, you may be required to complete the following steps:
Data Protection Assessment
If your app is in scope for Data Protection Assessment, you or the person who manages your app would have received an email and a message in your app’s Alert Inbox notifying you that it’s time to complete the assessment. You also would have seen notifications about Data Protection Assessment in your App Dashboard. Apps with only basic permissions are not required to complete the Data Protection Assessment.
We’ve outlined the steps you need to take to prepare for the Data Protection Assessment and what you can expect, here.
We periodically review apps for compliance by evaluating how an app is using its current Developer Products including permissions and features, the user experience, and data use, among others. We typically run these checks without any action required from developers. In some cases, we are asking developers to submit screencasts, schedule live walk-throughs of their apps, and/or list their app on iOS and Android app stores to complete this process. If your app is required to submit these additional requirements, you or the person who manages your app should have received an email and a message in your app’s Alert Inbox, as well as a notification in your App Dashboard that contains instructions on next steps.
For both Data Protection Assessment and compliance check, if you have not received an alert or notification or do not see a prompt in your dashboard, ensure your app contact email is up to date, your admin inbox is monitored, and check your app dashboard to confirm admins. We recommend you check all of your alerts in your Developer Dashboard. You can also go to developers.facebook.com/support to get support or ask a direct question via your Business Manager Account.
Failure to take action may result in loss of platform access or other app disruption. We also urge you to keep your app contact email address up to date to avoid missing email notifications in the future.
What to do if your app loses Platform access
In some cases, apps may lose access due to non-compliance or non-response. In all cases, you should respond to the email we sent you. If you cannot locate your email notification or would like to appeal enforcement action, please visit our Developer Appeals page. Additionally, if your app loses access, here are other steps to take:
Data Protection Assessment
If you’ve received an enforcement warning email, you can respond with a request to extend the warning period. We will review your request and may grant an extension. If you’ve received a warning, have yet to respond, or request an extension, and we take an enforcement action, instructions to send an appeal will be included in the enforcement email.
If you were asked to submit a screencast and were enforced upon for non-submission or non-response, your app will be put in developer mode and its API access will be disrupted. In this case, you can submit a screencast and reactivate your application on your developer interface – without further assistance from Facebook. Instructions on how to format and submit your screencast have been emailed to you. For additional questions, reply to the email we send you.
Our commitment to privacy and data security is a responsibility that we share with all developers in our ecosystem and, as always, we’re grateful for your partnership.