Privacy Policy Link required for Facebook login App creation is not accepted

I don’t think Discourse has a URL that can be used for this. I guess on Facebook the user will be presented with a “click here delete your data on mognet’s forum” link which won’t do anything.

1 Like

Neither was I, but I am now. They are sharing personal data with the forum, and want to ensure that there is a way for that data to be deleted by the forum when the user removes the login app from Facebook. As far I am aware, the information is real name (or, at least, the Facebook profile name), email address and avatar. (I guess this might have been implemented after scandals about Facebook allowing mining of personal information via third-party apps, e.g. Facebook–Cambridge Analytica data scandal - Wikipedia, but the reason isn’t relevant.)

If you look at the first screenshot on Data Deletion Callback - App Development - Documentation - Facebook for Developers it seems fairly clear: “Request … delete info it has about you from Facebook” (i.e. information obtained from Facebook). The callback function documentation (which is not directly relevant here but is instructive) says: “The Data Deletion Request callback that you implement must do the following: Initiate the deletion of any data your app has from Facebook about the user. …”

So the wording above – “Accounts on this site can be anonymized or deleted at the users request. Contact our @support group for details.” – covers what is required. Mentioning only anonymisation would probably be sufficient for Facebook’s purposes, as that would delete the information which was obtained from Facebook. Sites in the EU would have to consider their own GDPR obligations in relation to deletion.

4 Likes

Where are we with this? Is an update going to come out for the privacy policy page?

1 Like

I liked your comment but it might not be simple to implement. Not everyone will want a separate “Deletion policy” page. And once a Discourse forum has been installed, I don’t imagine anyone anyone wants the terms/privacy/etc pages changed by an update. If it’s changed just for new installs then there would need to be a comment to say “don’t delete this section as it’s needed for Facebook login”. The Facebook login instructions post would still need to refer to the required wording somehow.

2 Likes

How do you add these things to the privacy policy page? And instead of @support could you give the admin handle instead?

1 Like

It could go on any page.

The following will make the #deletion part of the URL work, and add a heading.

<a name="deletion"></a>
## Deletion

You can have any contact details you choose.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.