Privacy Policy URL for Facebook app

If you're currently developing an app for Facebook, you may be required to enter the URL of your Privacy Policy at the "Privacy Policy URL" field.

This requirement is mandatory when you want to make your app public and have the app featured in the App Store of Facebook or whenever your app requests information from users, i.e. the Sign-in with Facebook.

This means that a Privacy Policy is required for all Facebook apps - including yours - before the app is authorized to appear live.

But why is Facebook requiring you to have a URL to your Privacy Policy?

Because a Privacy Policy agreement is required by law if you collect personal information (email address, name, photo, and so on) from users.

A Privacy Policy is a legal statement that specifies what the owner of a business will and will not do with the personal data collected from its users.

When you use the APIs from Facebook, you're requesting personal information from users through Facebook. This triggers a number of laws aimed at protecting personal information, including the General Data Protection Regulation (GDPR).

Because you collect personal information from Facebook users, you're not only required to have this legal agreement for your Facebook app, but also have it for your website, mobile app, and so on.

Download the instructions: How to add the Privacy Policy URL to your Facebook app

Here's how the Privacy Policy URL field looks on your account dashboard, where you need to add the URL to this agreement:

Here's how you can find the Privacy Policy URL field:

1. Go to App Details page
2. Go to Contact Info tab
3. Find the Privacy Policy for Login Dialog section

The App Details link is located in the sidebar of the Facebook Developers website, after you login as a developer. Click on "App Details" and then go to the "Contact Info" tab to add the URL:

Then copy that URL of the agreement from your website and paste it in the "Privacy Policy URL" in your Facebook Developers account dashboard.

Your Facebook App will not go live if you don't have a public URL for the "Privacy Policy URL" field.

This applies to apps that request personal information from users, but even for apps that don't collect any kind of personal information from users. If your app doesn't collect personal data, you may need a much simpler Privacy Policy just inform users of this.

The Privacy Policy must be hosted on your own website. Facebook doesn't offer any kind of static page hosting service for this.

If your app doesn't have a website yet, create your website and host the agreement there. You can read some of these best practices where to place the link to your Privacy Policy.

The URL must be public and accessible by all users, logged-in or not. Don't restrict the URL with a password in any way.

If your app is only used to allow users to log in using their Facebook accounts (the "Sign-in with Facebook" functionality), you'll still need to have a Privacy Policy ready as this will appear in the "Login Dialog" permission dialog when users click Okay:

If your app is going to appear in Facebook App Store (or App Center), the URL you saved in the dashboard will appear in the profile page of your app:

The Criminal Case Facebook app links its Privacy Policy in its Facebook profile page along with its website. The Privacy Policy is also linked from the website footer:

Buffer, the social sharing application, is using a Facebook app to allow users to login to Buffer directly with their Facebook accounts (the "Sign-in with Facebook" button):

The login window links to the Privacy Policy for the app:

This makes it easy for your app users to access your Privacy Policy before deciding whether or not they want to provide you with any of the personal information that you're requesting to access.

Please note that Facebook is also requiring you to have a URL for a Terms of Service agreement:

Keep your Facebook app compliant by creating and providing these two important legal agreements.