NPE Team Data Policy for the EU

Innovating from within is how Meta will continue to build products that meaningfully improve people’s lives. New Product Experimentation (NPE or NPE Team) does this as an internal group testing new standalone experiences. This policy describes the information we process to support the NPE Team (NPE Team, LLC) and the products and features offered by NPE Team (“NPE Tests” or “Tests”). The NPE Team is part of the Meta Companies. When we use the term Meta Products or Products we mean the Meta products described in our Help Centre. Meta Platforms Ireland Limited is the data controller responsible for your information when you use the NPE Tests.
Each Test is unique and presents more detailed information and tools to better understand data processing and your controls over your data relative to that Test.

I. What kinds of information do we collect?

To provide Tests, we must process information about you. The types of information we collect depend on which Tests you engage with and how you use them. You can learn how to access and delete information we collect by visiting the settings, options, or equivalent menu, in individual Tests (see also section VII below).

Things you and others do and provide.

  • Information and content you provide. We collect the content, communications and other information you provide when you engage with a Test, including when you register with a new Test, create or share content, and message or communicate with others. This can include information in or about the content you provide (like metadata), such as the location of a photo or the date a file was created. We may automatically process content within NPE Tests to understand context for the purposes described below.
    • Data with special protections: Certain Tests may provide you with the opportunity to share information such as your religious views, political views, who you are "interested in," or your health. This and other information (such as racial or ethnic origin, philosophical beliefs or trade union membership) could be subject to special protections under EU law or the laws of your country.
  • Networks and connections. We collect information about the people, accounts, activity in Tests, and groups you are connected to and how you interact with them across our Tests, such as people you communicate with the most or groups you are part of. Some Tests may also collect contact information if you choose to upload, sync or import it from a device (such as an address book or call log or SMS log history), which we use for things like helping you and others find people you may know and for other purposes as described below.
  • Your usage. We collect information about how you use our Tests, such as the types of content you view or engage with; the features you use; the actions you take; the people or accounts you interact with; and the time, frequency and duration of your activities. For example, we log when you're using and have last used our Tests, and what content you viewed or interacted with while in the Test.
  • Information about transactions made through our Tests. If you use our Tests for purchases or other financial transactions (such as when you make a purchase in a game or make a donation), we collect information about the purchase or transaction. This may include payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing, shipping and contact details.
  • Things others do and information they provide about you. We also receive and analyze content, communications and information that other people provide when they use our Tests. This can include information about you, such as when others share or comment on a photo of you, send a message to you, or upload, sync or import your contact information.

Device Information

As described below, we collect information from and about the computers, phones, connected TVs and other web-connected devices you use that integrate with our Tests, and we combine this information across different devices you use. Information we obtain, if a device is involved with a Test, may include:
  • Device attributes: information such as the operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins.
  • Device operations: information about operations and behaviors performed on the device, such as whether a window is foregrounded or backgrounded, or mouse movements (which can help distinguish humans from bots).
  • Identifiers: unique identifiers, device IDs, and other identifiers, such as from games, apps or accounts you use.
  • Device signals: Bluetooth signals, and information about nearby Wi-Fi access points, beacons, and cell towers.
  • Data from device settings: information you allow us to receive through device settings you turn on, such as access to your GPS location, camera or photos.
  • Network and connections: information such as the name of your mobile operator or ISP, language, time zone, mobile phone number, IP address, connection speed and, in some cases, information about other devices that are nearby or on your network.
  • Cookie data: data from cookies stored on your device, including cookie IDs and settings.

II. How do we use this information?

We use the information we have (subject to choices you make) as described below and to provide and support the NPE Tests and related services.

Provide, personalize and improve our Tests.

We use the information we have to deliver our Tests, including to personalize features and content within those Tests.
  • Information from NPE Tests and devices: We use information about your activities on a NPE Test and your devices to provide a more tailored and consistent experience related to the NPE Test that you use. For example, we may organize content in an app based on your activity or suggest additional features based on who you follow or interact with in a Test.
  • Location-related information: Some Tests may request permission to use location services. Location-related information can be based on things like current precise device location (if you've allowed us to collect it), IP addresses, and information from your and others' use of NPE Tests (such as check-ins, events you attend, or information you provide).
  • Product research and development: We use the information we have to develop, test and improve NPE Tests, and use insights about product use for the improvement of Meta Products, including by conducting surveys and research, and testing and troubleshooting new products and features.
  • Sponsored content: We use the information we have about you-including information about your interests, actions and connections-to offer new Tests and surveys to you.

Promote safety, integrity and security.

We use the information we have to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our Tests, and promote safety and security in relation to our Tests.

Communicate with you.

We use the information we have to send you marketing communications, communicate with you about our Tests, and let you know about our policies and terms. Also, we will use the information to invite you to participate in research activities. We also use your information to respond to you when you contact us.

Research and innovate for social good.

We use the information we have (including from research partners we collaborate with) to conduct and support research and innovation on topics of general social welfare, technological advancement, public interest, health and well-being.

III. How is this information shared?

Your information is shared with others in the following ways:

Sharing within NPE Tests

When you share and communicate using our Tests, we will provide information about the audience, or your options for choosing an audience (if relevant). For example, in some Tests all content you or others provide is available to the public and may be viewed by any other user or even non-users. Other Tests allow you to restrict sharing to a particular group.
Public information can be seen by anyone, on or off our Tests, including if they don't have an account. This includes your name, username, content you share, or other content you provide as relevant to the Test you are using. You, other people using NPE Tests, and we can provide access to or send public information to anyone on or off our Tests, in search results, or through tools and APIs. Public information can also be seen, accessed, reshared or downloaded through third-party services such as search engines, APIs, and offline media such as TV, and by apps, websites and other services that integrate with our Tests.

Content others share or reshare about you.

You should consider who you choose to share with, because people who can see your activity through NPE Tests can choose to share it with others on and off our Tests, including people and organizations outside the audience you shared with. For example, when you share a photo in a Test, others may be able to download, screenshot, or reshare that content. Also, when you comment on someone else's content or react to their content, your comment or reaction is visible to anyone who can see the other person's content, and that person can change the audience later.
People can also use our Tests to create and share content about you with the audience they choose. For example, someone might share a photo of you, mention you, or some similar action.

Apps, websites, and third-party integrations on or using our Tests.

When you choose to use third-party apps, websites, or other services that use, or are integrated with, our Tests, they can receive information about what you post or share. For example, if you connect with an external music service, that service may receive information about which songs you listen to in our Test. If additional information will be shared with a third-party app or service you choose to integrate with in one of our Tests, we will provide you with details about that in the app. Information collected by these third-party services is subject to their own terms and policies, not this one.

New owner.

If the ownership or control of all or part of our Tests or their assets changes, we may transfer your information to the new owner.

Sharing with Third-Party Partners

We don't sell any of your information to anyone, and we never will.

Measurement partners.

We share information about you with companies that aggregate it to provide analytics and measurement reports to our partners.

Partners offering goods and services in our Tests.

When you subscribe to receive premium content, or buy something from a seller in our Tests, the content creator or seller can receive your public information and other information you share with them, as well as the information needed to complete the transaction, including shipping and contact details.

Vendors and service providers.

We provide information and content to vendors and service providers who support our business, such as by providing technical infrastructure services, analyzing how our Tests are used, providing customer service, facilitating payments or conducting surveys.

Researchers and academics.

We also provide information and content to research partners and academics to conduct research that advances scholarship and innovation that support our business or mission, and enhances discovery and innovation on topics of general social welfare, technological advancement, public interest, health and well-being. We may also provide content that is available to the public in aggregated format for non-commercial use.

Law enforcement or legal requests.

We share information with law enforcement or in response to legal requests in the circumstances outlined below.

IV. How do the Meta Companies work together?

NPE may share infrastructure, systems and technology with other Meta Companies to provide an innovative, relevant, consistent and safe experience. We also process information about you across the Meta Companies for these purposes, as permitted by applicable law and in accordance with their terms and policies. We also work to understand how people use and interact with Tests, such as understanding the number of unique users on different Tests.

V. What is our legal basis for processing data?

We collect, use and share the data that we have in the ways described above:
  • as necessary to fulfill our Meta Terms of Service and Supplemental NPE Terms;
  • consistent with your consent, which you may revoke at any time via the Test in which you provided the consent;
  • as necessary to comply with our legal obligations;
  • to protect your vital interests, or those of others;
  • as necessary in the public interest; and
  • as necessary for our (or others') legitimate interests, including our interests in providing an innovative, personalized, safe, and profitable service to our users and partners, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data.
Learn more about these legal bases and how they relate to the ways in which we process data.

VI. How can you exercise your rights provided under the GDPR?

Under the General Data Protection Regulation, you have the right to access, rectify, port and erase your data. You also have the right to object to and restrict certain processing of your data. This includes:
  • the right to object to our processing of your data for direct marketing, which you can exercise by using the "unsubscribe" link in such marketing communications; and
  • the right to object to our processing of your data where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party. You can exercise this right via the NPE Supplemental Terms.

VII. Data retention, account deactivation and deletion

We store data until it is no longer necessary to provide our Tests, or until your account is deleted - whichever comes first. This is a case-by-case determination that depends on things like the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.
When you delete your account, we delete or de-identify your information, which may vary by the Test, and you won't be able to recover that information later. Information that others have shared about you, if applicable, isn't part of your account and won't be deleted. To delete your account at any time, please use the relevant tool in the app or service, or request it online.

VIII. How do we respond to legal requests or prevent harm?

We access, preserve and share your information with regulators, law enforcement or others:
  • In response to a legal request, if we have a good-faith belief that the law requires us to do so. We can also respond to legal requests when we have a good-faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards.
  • When we have a good-faith belief it is necessary to: detect, prevent and address fraud, unauthorized use of the Tests, violations of our terms or policies, or other harmful or illegal activity; to protect ourselves (including our rights, property or Tests), you or others, including as part of investigations or regulatory inquiries; or to prevent death or imminent bodily harm. For example, if relevant, we provide information to and receive information from third-party partners about the reliability of your account to prevent fraud, abuse and other harmful activity on and off our Tests.
Information we receive about you can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations.

X. How do we operate and transfer data as part of our global services?

We share information globally, both internally within the Meta Companies and externally with our partners and with those you connect and share with around the world in accordance with this policy. Information controlled by Meta Platforms Ireland will be transferred or transmitted to, or stored and processed in, the United States or other countries outside of where you live for the purposes as described in this policy. These data transfers are necessary to provide the services set forth in the Meta Terms and Supplemental NPE Terms and to globally operate and provide our Tests to you. We ensure appropriate safeguards are in place when your data is transferred. We also rely on appropriate mechanisms for international data transfers in jurisdictions that require us to do so. For example, we utilize standard contractual clauses approved by the European Commission and rely on the European Commission's adequacy decisions about certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

XI. How will we notify you of changes to this policy?

We'll notify you before we make changes to this policy and give you the opportunity to review the revised policy before you choose to continue using our Tests.

XI. Contacting us

If you have questions about this policy, you can contact us as described below.
The data controller responsible for your information is Meta Platforms Ireland, which you can contact online, or by mail at:

Meta Platforms Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2 Ireland

Contact the Data Protection Officer for Meta Platforms Ireland Ltd.

You also have the right to lodge a complaint with Meta Platforms Ireland Limited's lead supervisory authority, the Irish Data Protection Commissioner, or your local supervisory authority.

Date of Last Revision: January 27, 2022