question

Adrian Selecky avatar image
Adrian Selecky asked

Facebook Data Use Checkup

Hi, Facebook / Meta rolled out new data handling questions with their annual Data Use Checkup - not Data Protection Assessment! Could someone help me answer them? Questions are listed below, full content of questions and all possible answer can be found here.

  • Do you have a data controller located in the European Economic Area (EEA) or the United Kingdom (UK) that will be responsible for all data Meta shares with you? A data controller is the entity that exercises overall control over the purposes and means of the processing of personal data. Refer to definitions in the General Data Protection Regulation (GDPR) and the UK GDPR for details and examples.

  • Name of data controller. This could be a natural or legal person, a public authority, an agency or other body.

  • List all data processors, including your own companies, that will have access to the personal data of users that you obtain from Meta. A data processor is a person or business that provides you with services to help you process personal data you obtain from Meta. This may include Service Providers as defined in Meta’s Platform Terms.

    • Please write the name of the processor

    • For which category of services will this data processor process the personal data of users received from Meta? Select all that apply.

    • List all countries where this data processor will process the personal data of users received from Meta. Include locations from which the data processor will access the data remotely, via the internet. Select all that apply. Many data processors provide this information on their corporate website.

  • Have you provided the personal data of users to public authorities in response to national security requests in the past 12 months? This does not include requests related to search warrants or court orders associated with criminal investigations.

  • Which of the following policies or processes do you have in place regarding requests from public authorities for the personal data of users? Check all that apply.

data
1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Adrian Selecky avatar image Adrian Selecky commented ·

Why does my post looks nothing like preview preview when creating it and is there any way to edit it? It looks like a child posted this... Not even links are showing up; link to questions in question: https://developers.facebook.com/docs/development/release/data-handling-questions/questions-preview

0 Likes 0 ·

1 Answer

·
Neils Shi avatar image
Neils Shi answered

Do you have a data controller located in the European Economic Area (EEA) or the United Kingdom (UK) that will be responsible for all data Meta shares with you?

No, PlayFab's core services operate in AWS (US-West-2), which is Oregon (unless you use the PlayFab Multiplayer Servers service and deploy the server in EEA or UK). You can navigate to Game Manager->Title settings->API Features for more information.

For which category of services will this data processor process the personal data of users received from Meta?

The PlayFab player login and friend system feature may process players' personal data. If you implement a Facebook purchase function based on PlayFab, this may also involve players' personal data. You may answer this question based on which PlayFab services your studio uses specifically.

Have you provided the personal data of users to public authorities in response to national security requests in the past 12 months?Which of the following policies or processes do you have in place regarding requests from public authorities for the personal data of users?

PlayFab will process and transfer the personal data only on these documented instructions, unless required to do so by the European Union or member state law or other applicable regulatory authority to which PlayFab is subject; in such a case, PlayFab shall inform you of that legal requirement before processing (unless that law prohibits such information on important grounds of public interest. For more info, you can refer to https://playfab.com/terms/.

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Adrian Selecky avatar image Adrian Selecky commented ·

Thank you for your help. The last two questions were multi-options, but the formatting of my post is completely borked and links are not visible, all questions with answers for reference: https://developers.facebook.com/docs/development/release/data-handling-questions/questions-preview

I answered them as such - "Have you provided the personal data of users to public authorities in response to national security requests in the past 12 months?" : [X] We are prohibited by law or company policy from answering this question; "Which of the following policies or processes do you have in place regarding requests from public authorities for the personal data of users?": [X] Required review of the legality of these requests. [X] Provisions for challenging these requests if they are considered unlawful. [X] Data minimization policy—the ability to disclose the minimum information necessary. [X] Documentation of these requests, including your responses to the requests and the legal reasoning and actors involved. We'll see how they respond when they respond, I'll post an update if there's gonna be any issue.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.