Last Updated: December 1, 2020
This Data Policy describes Facebook, Inc.'s ("Facebook", "we", "us" or "our") practices for handling your information collected in connection with our open source-related websites and any content, related documentation, information and services (e.g. apps, tutorials, access to resources, etc.) made available to you on this website (collectively, the "Services"). This Data Policy describes the information we process to support our Services.
For clarity, this Data Policy only applies to this Website and does not apply to any:
When you interact with us through our Services, we may collect or receive the following types of information:
Integrations with other services from third parties. Some of our Services allow you to enable or log in via various online services (collectively, "Login Services"). By including these Login Services, we aim to make your online experiences richer and more personalized. When you add a Login Service account to our Services or log in to our Services using such an account, we may collect relevant information necessary to enable our Services to facilitate your login, such as your email address. We may also share your information with that Login Serviceto facilitate or enhance the delivery of that platform or our Services.
As part of an integration with a Login Service, that Login Service may provide us with access to certain information that you have provided to their platform, and we will use, store, and disclose such information in accordance with this Data Policy. However, please remember that the manner in which platforms use, store, and disclose your information is governed by the policies that apply to those platforms. Information collected by Login Services is subject to their own terms and policies, not this one.
Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, phones and other devices. We use cookies and similar technologies, for such things as maintaining and monitoring the infrastructure of the Services, ensuring security protections, analyzing how our Services perform and other analytics purposes, and fulfilling other legitimate purposes as further described in this Data Policy. We also use analytics cookies to better understand how our Services are being used by tracking how you interact with the Services and where you click.
We use cookies served by Google Analytics to collect limited data directly from end-user browsers to enable us to better understand your use of the Services, including making use of the demographics and interests reports services of Google Analytics. Further information on how Google collects and uses this data can be found at www.google.com/policies/privacy/partners/. You can opt-out of all Google supported analytics within the Services by going to the following webpage: https://tools.google.com/dlpage/gaoptout.
Learn more about how we use cookies in by reading our Cookies Policy.
We will use the information described above for the purpose of operating and providing the Website and our Services. Specifically, we will use the information for the following purposes:
There are certain circumstances in which we may share your information with certain third parties without further notice to you, as set forth below:
Facebook does not knowingly collect or store information from children under the age of 13, unless permitted by law. We will delete any information we may have inadvertently received from a child under 13 upon notice. If you have reason to believe that a child under the age of 13 has provided personal information to Facebook through our Services please contact us and we will endeavor to delete that information from our databases.
Our Website may contain links to other sites that we do not own or operate (e.g. GitHub). Except as provided in this Data Policy, we do not provide your information to these third parties without your consent. The linked websites have separate and independent privacy statements, notices and terms of use, which we recommend you carefully review. We do not have any control over such websites, and therefore have no liability or responsibility for the linked websites’ personal information practices.
We retain information relating to the Services until it is no longer necessary to serve the purposes for which it was collected, e.g. to provide and maintain your account. Reasons we may retain some data for longer periods include security, fraud & abuse prevention, record keeping, complying with legal or regulatory requirements and ensuring the continuity of our Services.
If you are a California resident, the following information also applies to you and supplements the information contained above in the Data Policy in relation to your use of our Services.
Information we collect and sources of information.Our Data Policy already describes the information we collect and its sources. This section organizes that information around the personal information categories set forth in the California Consumer Privacy Act ("CCPA"):
How we share personal information. We do not sell your personal information, but we share information to support our own operational purposes in providing the Services to you, as described in our Data Policy above. For example, we share information with our partners, service providers and related companies to secure and improve our Website (such as to identify bugs, repair errors or ensure that services function as intended) or to have them perform services (e.g. hosting the Website).
Your rights provided under the CCPA. Under the CCPA, California residents have the following rights:
Please note that to protect your information, we may need to verify your identity before processing your request. In some cases, we may need to collect additional information to verify your identity, such as a government issued ID.
Under the CCPA, you may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. We may request that your authorized agent have written permission from you to make requests on your behalf and may need to verify your authorized agent’s identity.
To exercise your rights under the CCPA, or if you are an agent authorized to exercise a right under the CCPA, you can email opensource@fb.com or contact us by mail at the address provided below.
We do not share personal information with third parties for their own direct marketing purposes.
If you are a user in the European Union, Switzerland or the United Kingdom the following information also applies to you and supplements the information contained above in the Data Policy in relation to your use of our Services.
The data controller responsible for the personal data of individuals in the European Union and the United Kingdom is Facebook Ireland Limited.
Our legal basis for processing data. We collect, use and share data in the ways described above based on the following:
When we process your data as necessary for the purposes of legitimate interests, you have the right to object to, and seek restriction of, our processing. To exercise your rights, you can email opensource@fb.com. In evaluating an objection, we will evaluate several factors, including: reasonable user expectations; the benefits and risks to you and third parties; and other available means to achieve the same purpose that may be less invasive and do not require disproportional effort. Your objection will be upheld and we will cease processing your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons.
Data transfers. We transfer personal data both internally within the Facebook Companies and externally with our partners, which include Amazon Web Services ("AWS"). Information controlled by Facebook Ireland Limited may be transferred or transmitted to, or stored and processed in, the United States or other countries for the purposes described in this policy. These data transfers are necessary to provide the services set forth in the Terms of Use.
If you are resident in or a visitor from the European Economic Area (EEA), the United Kingdom (UK) or Switzerland, we will protect your data when it is transferred outside the EEA, UK or Switzerland by implementing appropriate safeguards to protect your personal data. In particular, we use the European Commission’s Standard Contractual Clauses for the transfer of personal data outside the EU.
Your rights provided under the GDPR. Under the General Data Protection Regulation, you have the right to access, rectify and erase your data under certain circumstances. You also have the right to object to and restrict certain processing of your data. Please note that to protect your information, we may need to verify your identity before processing your request. In some cases, we may need to collect additional information to verify your identity, such as a government issued ID. To exercise your rights under the GDPR, you can email opensource@fb.com or contact us by mail at the address provided below.
Contact information for individuals in the European Union only. The data controller responsible for your information is Facebook Ireland, which you can contact by writing to:
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland
You also have the right to lodge a complaint with Facebook Ireland’s lead supervisory authority, the Irish Data Protection Commissioner, or your local supervisory authority.
We may update or modify this Data Policy at any time without prior notice. When we update the Data Policy, we will revise the "Last Updated" date above and post the new Data Policy. We recommend that you review the Data Policy each time you visit the Website to stay informed of our privacy practices. Any changes will be effective when we post the revised policy.
If you have any questions about this Data Policy or our practices, please contact us at opensource@fb.com or by mail at:
Facebook, Inc.
ATTN: Privacy Operations
1601 Willow Road
Menlo Park, CA 94025