guide

Privacy Policy Evaluation

For more on this topic, take the Short Code: Writing Your Privacy Policy

In partnership with

·3 min read

3 min read

Share this doc:

Meta requires all developers to have a privacy policy. Privacy disclosures tell your users what data you collect, why you collect it, what you do with that data, and how users can request deletion of collected data.

You must submit a valid privacy policy even if your app does not transfer data off of the app. In that scenario, your privacy policy can tell users that you do not collect or store data from or about them beyond what is used to provide the app.

The privacy policy you submit must meet certain requirements. This guide will help you align your privacy policy with Meta Horizon's Privacy Policy Virtual Reality Checks (VRCs). For each VRC, you will evaluate your privacy policy against Meta's requirements.

Privacy.1

Privacy 1

Requirement:

Under this VRC, Meta will confirm that the link you provide leads to a live, publicly available privacy policy specifically related to the organization and application being reviewed.

Need a refresher? Review VRC.Quest.Privacy.1.

How do I meet this requirement?

To ensure your privacy policy satisfies this VRC, confirm it meets the following criteria:

The linked page takes users to my app's privacy policy
Many privacy policies fail this requirement. Confirm that everywhere your privacy policy is linked from leads to a live privacy policy.
My app's privacy policy is owned and managed by my organization
- Confirm the link does not lead to a support website, the Meta Horizon Privacy Policy, or any other terms or policies
My app's privacy policy is related to the organization and app being reviewed
Many privacy policies fail this requirement. Confirm the correct name of the app and your organization are included in the privacy policy.
The link is live and functional
- Ensure the link does not lead to a broken page (e.g., bad gateway or 404 error)
- Validate the link to your privacy policy in the App Store
The link is publicly available
- Ensure the link does not take users to a page that requires them to take an action such as providing data or logging in to view
Your privacy policy is hosted on a website signed by a trusted certificate issuer to properly create an HTTPS connection
- If the URL is correct, but is using an invalid certificate issuer, update the certificate issuer to a trusted Certificate Authority (CA)
Many privacy policies fail this requirement. If the URL to your privacy policy is accessible, yet you continue to receive notice of privacy policy violations, check if your Privacy Policy is signed by a trusted Certificate Authority to properly create an HTTPS connection.
A website Certificate Authority is trusted if it is widely recognized and respected as a reliable issuer of digital website certificates. For more information, review the certificates information on the HTTPS-Only Standard.
My app's privacy policy covers the data practices for the application being reviewed, and does not relate to or link to another app
Many privacy policies fail this requirement. Do not copy and paste a privacy link for another app. If your privacy policy covers other products or services offered by your company, including other applications or websites, it should be clear from the face of the policy that it also covers this app.

Examples:

Privacy 4

Requirement:

Under this VRC, Meta ensures that your privacy policy includes a clear explanation of how all users may request that their user data that has been collected or stored can be deleted.

Need a refresher? Review VRC.Quest.Privacy.4.

How do I meet this requirement?

Examples:

Disclaimer: This resource does not guarantee compliance with Meta policies, nor applicable data privacy laws. Review Meta Horizon's Developer Data Use Policy for a comprehensive overview of Meta's requirements.

For more on this topic, take the Short Code:

1 Short Code

Writing Your Privacy Policy

This Short Code walks you through Meta’s Privacy Policy requirements, and provides tips for writing your policy.

Get Started

Privacy Policy Evaluation

Privacy 1

Requirement:

How do I meet this requirement?

Examples:

Privacy 2

Requirement:

How do I meet this requirement?

Examples:

Privacy 3

Requirement:

How do I meet this requirement?

Examples:

Privacy 4

Requirement:

How do I meet this requirement?

Examples:

Formatting Your Privacy Policy

Updating Your Privacy Policy

Next Steps