Callback request to delete data
Applications that access user data must provide a way for users to request deletion of their data. There are 2 ways for the app to meet this requirement:
Implement a callback request to delete data.
Provide a URL with clear instructions to app users on how to delete data using a third-party website or tool. Third-party websites may be an appropriate part of the app’s Privacy Policy.
If the app type is Consumer or Game, you’ll need a callback or URL for App Review and when in Official.
The delete data callback is called whenever the user deletes the app and asks you to delete their data. App users can do this by going to their Facebook profile and clicking the Submit Request button on the Settings & Privacy > Settings > Apps & Websites page.
Screenshot of app being removed via Apps and Websites page with Send Request button visible
This command will generate a POST with the signed request sent to the application. The signed request contains an in-app user ID to identify the user making the request. For an example of request parsing and the structure of the parsed request, see the following.
In order to respond to a user request, you must confirm that you have received a request to delete the user’s data through the technical methods we provide, and provide the link and confirmation number. The link and confirmation number should give the user access to a human-readable explanation of the status of the request, including legal proof of any removal denial (where legality will vary by jurisdiction and case-by-case policy interpretation as far as the reasons stated).
