Important: If you are using our Custom Facebook Feed plugin on your website then please refer to our GDPR disclosure for full details regarding compliance and how data is transferred and stored.
GDPR Setting
As of version 2.18 of the free version and 3.17 of the Pro version, there is a setting to enable special GDPR related features in feeds. By default this setting is set to “Automatic.” If one of the following plugins is detected, the plugin will load a GDPR compliant version of the feed until consent is given:
- Cookie Notice by dFactory
- GDPR Cookie Consent by WebToffee
- Cookiebot by Cybot A/S
- Complianz by Really Simple Plugins
- Borlabs Cookie by Borlabs
For other GDPR plugins that are not listed here, if they have a setting to run custom JavaScript code once the cookie notice has been accepted, see this guide for setting up a GDPR integration.
Before the visitor gives consent, the GDPR compliant version of the feed has the following differences:
- Only local images (not from Facebook’s CDN) will be displayed in the feed.
- Placeholder blank images will be displayed until images are available.
- To view videos, visitors will click a link to view the video on Facebook.
- Visual header is disabled.
- The “Load More” button will be disabled.
- For album feeds, Only the album cover image is available in the lightbox.
- The maximum image resolution will be 700 pixels wide in the lightbox. If your images are smaller, reset the resized images using the button on the plugin “Misc” tab on the “Customize” settings page.
If this setting is enabled, and your web server is not configured to allow the setting to work as expected, then you may see the following errors that need to be addressed:
- Images cannot be resized and stored locally.
- Please see this FAQ for more information.
- Image uploads folder was not created.
- Your server must be configured to allow directories in the uploads folder to be created. Please contact your host to ask them to allow this.
- Custom database tables were not created.
- Your MySQL user must have “create” capabilities. Please contact your host for help with this.
Older Versions of the Plugin (before Pro v3.17 and Free v2.18)
In the latest version of the plugin, no third-party requests are made so long as the GDPR setting in the plugin is enabled. In older versions of the plugin there are some things you can change to make the plugin more GDPR compliant:
Facebook “Like Box” widget
The only part of our Facebook plugin which transfers personal data is the official Facebook “Like Box” widget that we include at the bottom of the by default. If you wish to continue using this widget then we have a text snippet you can include in your website’s privacy notice here.
If you’d prefer, you can disable the Like Box widget by using the following setting: WordPress Dashboard > Facebook Feed > Customize > General > Like Box / Page Plugin > Show the Like Box
In the Standalone version you can use the following setting: 'exclude' => 'likebox',
Icon Font
By default, the icon font used in the plugin is loaded from a CDN (MaxCDN), which is an external service which hosts common resources in order to improve performance. This request makes the user’s IP address visible to the third-party, MaxCDN, who may use that data in accordance with their privacy policy. If you wish to continue loading the font file from the CDN then we have a text snippet you can include in your website’s privacy notice here. If you’d prefer to load a local version of the font file instead then you can do so by using the following setting: WordPress Dashboard > Facebook Feed > Customize > Misc > Misc Settings > Icon font source > Local copy
