Workplace gives people tools to make them more effective and connected at work. By accessing the Workplace API, you agree to the below policies:
  1. Accessing, Processing, Storing, and Securing Workplace Customer Data
    1. Don’t use any alternative means or technology to access Workplace (or related data or content) other than the Workplace APIs or as expressly authorized by Facebook in writing.
    2. Unless expressly permitted by Facebook and the Customer, you can use data you obtain from a Customer only to provide the specific services requested by that Customer.
    3. Don't use email, phone numbers, or any other contact information obtained from Workplace APIs for communication on another channel (ex: mailing lists).
    4. Sharing Customer Data. Unless expressly authorized by the Customer, you will not share data obtained through the Workplace API in any manner which is inconsistent with the restrictions imposed by the Customer's privacy settings. Non-limiting examples of this are provided below:
      1. Don't transfer any data, including app secrets and access tokens, you obtain through the Workplace API, either in aggregated or individualized form, to any third party (ex: ad provider, ad network, data broker, or another developer).
      2. Don't make content visible to anyone other than the people who would be able to see that content within the Workplace interface (ex: the members of a group, recipients of a message, or the system administrator).
      3. Don't create cross-Customer benchmarks or comparisons.
    5. Securing Customer Data. You must implement reasonable and appropriate technical and organizational security measures in accordance with the best industry practices to ensure the protection of Customer data and any API access tokens you obtain against loss, misuse and unauthorized access, disclosure, alteration, and/or destruction.
    6. If you cache data you receive from a Customer, use it to improve that Customer's user experience and keep it up to date.
    7. Don't proxy, request or collect Workplace usernames or passwords.
    8. Don't sell, license, or purchase any data obtained from us or our services.
    9. If you are acquired by or merge with a third party, you must ensure they agree to comply with these policies.
  2. Data Separation and Aggregation
    1. Don't make data obtained from one Workplace Customer available to another Workplace Customer.
    2. You must not aggregate data from multiple Workplace Customers together (ex: to create cross-Customer benchmarks or comparisons).
  3. Termination of Service by You, Us, or a Workplace Customer
    1. If you decide to no longer offer your Developer Services to Workplace Customers, you must immediately delete any access tokens you have obtained, and delete any Customer Data you obtained through the Workplace API within 30 days.
    2. If a Workplace Customer disables your App or revokes your access tokens, you must delete any Customer Data you obtained from the Workplace API within 30 days.
    3. If a Workplace Customer asks you to delete any data obtained via the Workplace API, you must do so within 30 days.
    4. If Facebook decides to terminate your App, you must remove any Customer Data you obtained via the Workplace API on behalf of any Workplace Customer within 30 days.
    5. You may retain data obtained from us if you are required to keep it by law, regulation, or a separate agreement with Facebook and your Customer.
    6. Obtain consent from people before you give us information that you independently collected from them.
    7. Provide meaningful customer support for your app, and make it easy for Customers to contact you.
    8. Upon our request, you must promptly provide us with a written confirmation that you have complied with your obligations to delete data under Section 3 of these policies.
  4. Distribution and Advertisements
    1. You may publicize your App and/or Developer Services and how it can benefit Workplace Customers.
    2. Don’t create a directory or aggregation of Apps or Developer Services that integrate with Workplace other than of your own Apps or Developer Services.
    3. You may place advertisements on, in or around your own App user interface, but:
      1. Don't include advertising in any of the ways in which your App or Developer Services appears within the Workplace website or applications (ex: app icons, app screenshots, link attachments or URLs).
      2. Don't include any data you obtained via the Workplace API in advertisements.
      3. Don't use any data you obtained via the Workplace API (aggregated or otherwise) to target advertisements.
  5. Build a Quality Product
    1. Build an app that is stable and easily navigable.
    2. Follow any instructions we include in our technical documentation.
    3. Request only the permissions necessary to improve your Customer's Workplace experience.
    4. Don’t provide or promote content that infringes upon the rights of any third party.
    5. Don't include another brand's name in the title of your integration unless your integration serves as a connector to that brand.
    6. Use message templates and quick replies in chat wherever possible (i.e., don't ask the user for structured text inputs unless necessary).
    7. Ensure a quality experience if your integration fails (ex: if a user enters the wrong text input, acknowledge this and enable the user to try again).
    8. Ensure your integration acknowledges through a comment reply when an action is performed successfully.
    9. Ensure your integration has a clear and helpful response to a “Help” message or command.
    10. Integrations that enable people to create a new entry in another app must link to the new entry after it is created.
  6. Give Customers Control
    1. Obtain consent from people before publishing content on their behalf.
    2. Don't build content creation flows (ex: comments or posts) using impersonate tokens.
    3. Don't message or tag the Customer's users (ex: to let each user know the integration is now available), except you may offer this feature for admins of your integration.
    4. Don't modify content on behalf of people without their consent.
  7. Policy Updates and Other Notes
    1. Updates to the Policies. We may change these terms at any time without prior notice. Please check them regularly. Your continued use of or access to Workplace's Platform and/or APIs constitutes acceptance of those changes.
    2. We don't guarantee that Workplace Platform will always be free.
    3. We can analyze your app, website, content, and data for any purpose, including commercial.
    4. We can create apps or products that offer features and services similar to your app.
    5. Don't sell, transfer or sublicense our code, APIs, or tools to anyone.
    6. Don’t publicly disseminate performance information or analysis (including uptime, response time and/or benchmarks) relating to the Workplace APIs or Workplace.
    7. Respect the way that Workplace looks and functions. Don't offer experiences that change it.
    8. Respect the limits we've placed on Workplace functionality.
    9. Don't build an app whose primary purpose is to direct people off Workplace.
    10. If you want to use our logos or brand, follow the guidelines in the Facebook Brand Resource and Permissions Center.
    11. Be honest about your relationship with Facebook when talking to the press or users. Get approval from us before issuing any formal press release or blog post mentioning Workplace or Facebook. We can issue a press release describing our relationship with you.
    12. Comply with all applicable laws and regulations.
    13. We may share your content information with people who want to contact you.
    14. We may use your name, logos, content, and information, including screenshots and video captures of your app, to demonstrate or feature your use of Workplace, worldwide and royalty-free.
    15. We and our Workplace Customers have the right to request, and if so you will provide sufficient information (ex: security documentation) to help ensure that you are adhering to these policies.
    16. We may remove your app if we conclude that it violates our terms or policies or is negatively impacting the Workplace Platform. We may or may not notify you in advance.
    17. We communicate with developers through Developer Alerts and email from the fb.com or facebookmail.com domain. Ensure that the email address associated with your Facebook account and the email address registered to the app are current and that you don’t filter out these messages.
  8. Definitions
    1. “Customer” means a bona fide Workplace customer.
    2. “Customer Data” means any data, content or information in a Customer’s Workplace account that Developer accesses or retrieves using the Workplace APIs.
    3. “App”means any technical integration we have assigned an app identification number.
    4. “Developer Services” means services offered through the App(s) by Developer to a Customer that has requested and approved such services.
    5. “Workplace API(s)”means the Workplace API(s) specified by Facebook, as may be modified by Facebook from time to time. Except where otherwise noted, references to Workplace APIs include the API Documentation, any API access keys or related Workplace platform elements made available by Facebook.
    6. “Workplace” means the Workplace service generally made available by Facebook, including any related Facebook websites, apps, online services, tools, as may be modified by Facebook from time to time.