Meta Business Help Centre

Troubleshoot Meta Business Tools prohibited information notifications

You may receive notifications, for example, via email, in the Diagnostic tab in Meta Events Manager, or in Meta Ads Manager, saying that potentially prohibited data was removed from the data you're sharing. Sharing prohibited information about people – information defined as sensitive under applicable laws, regulations or industry guidelines, or otherwise not allowed under our terms and policies – is a violation of the Meta Business Tools Terms and may result in actions including, but not limited to, data restrictions and suspension of your account. Learn more about prohibited information.

If you receive a notification from Meta to say that potentially prohibited data was removed from the data you're sharing, you should follow the instructions below and immediately take steps to fix any issues with the information you're sending.

  1. Detailed information about what has been removed from the data you're sharing can be found in the Diagnostics tab in Events Manager (actual data that has been detected and removed is not displayed). Review the diagnostic information to determine which parameters, from which pages, had information removed. Learn more in the How to check if prohibited data is being sent with your events section below.
  2. Review your Meta Business Tool integration to determine whether you are sharing prohibited information from anywhere in your website or app, including in URL strings from pages on which you use a Meta Business Tool, parameter names and values you're sending, and the names that you've chosen for custom events, custom conversions and custom audiences.
  3. Take all necessary actions to update your integration to ensure that you will not send Meta prohibited data in the future. You must not attempt to send data that has previously been detected and removed.
  4. Refer to Meta's developer documentation or contact your support partner at Meta for questions. For assistance in developing a data sharing compliance plan, please work with your own legal counsel.

While Meta's systems are designed to filter out potentially prohibited information that they're able to detect, you are ultimately responsible for the data that you share with Meta. You are in the best position to ensure that your integration does not send sensitive or prohibited information to Meta. Meta's systems are not a substitute for your own compliance mechanisms.

How to check if prohibited data is being sent with your events

To check if prohibited data is being sent with your events, you can review pages, parameters and URLs that were recently received. Learn how to view pages, parameters and URLs in Meta Events Manager.

When you check if prohibited data is being sent with your events, consider the following:

Pages and parameters

Check the specific pages where you have placed your Meta pixel code and assess whether those pages, including the URL, contain information that may be considered prohibited data or if you don't want to continue to use the pixel on those pages.

You can use the pixel on specific pages of your website that are relevant to your advertising and remove it from the specific pages where you don't want to continue using the pixel. For example, you shouldn't send information about people from web pages where visitors may log in and provide potentially sensitive information, such as patient data portals or web applications for financial account management or tax preparation (these examples are non-exhaustive).

Analyse data fields, such as forms, on your web pages and the data that you send with events, such as product IDs, content names, custom properties, URL query parameters and urchin tracking module (UTM) parameters to ensure that these fields and parameters do not contain prohibited information. For example, UTM parameters in a URL string may contain prohibited data from the landing pages viewed.

Hashing customer information parameters

You can use the Meta Business Tools to send Meta customer information parameters with your events. Some customer information parameters must be hashed prior to transmission to Meta, as required by the Meta Business Tools Terms and set forth in Meta's developer documentation. Meta requires the hash method to be SHA-256, an industry standard cryptographic secure hash algorithm.

Customer information parameters must be hashed if required and sent using the designated parameter names. Failure to do so is both a violation of our terms and useless to your advertising performance.

Custom names

Some advertising features allow you to choose custom names, such as custom events, custom conversions and custom audiences. When you use these advertising features, make sure that you're not sharing prohibited data with Meta.

For example, your custom conversion or custom audience must not reflect or imply any prohibited information about people, including in the name that you choose and the criteria that you establish. Prohibited information includes health-related data such as diseases, medical conditions, medications or medical treatments, or financial data such as insurance, tax, income or filing status. Learn more about prohibited information.

  • To review custom events, you can go to Events Manager, click the Data sources tab, select the name and ID of the data that you want to review, scroll down to the events table and then select the event that you want to review.
  • To review custom conversions, you can go to Events Manager, click the Custom conversions tab, and then select the custom conversion that you want to review.
  • To review custom audiences, you can go to Ads Manager, select the ad account that you want to review and then select Audiences in the left-hand menu.

Learn more

PermalinkShare
Was this information helpful?

EVENTS |

META BUSINESS TOOLS DATA

Back to Home