It seems Facebook recently modified their App policy. So starting from now, to make your App go Live, it is indeed required to enter either a “Data Deletion Callback URL” or a “Data Deletion Instructions URL”.
What you need to know is that, Nextend Social Login registers the WordPress accounts according to the details which are coming from the provider. So if a user would request deleting his/her Facebook details, that means the WordPress account deletion as well.
By deleting the WordPress account, all the details we stored from Facebook will be deleted.
So basically you need to handle this case the same way, as you would handle a normal account deletion requests.
To comply with GDRP ( GDPR – Art. 17 – Right to erasure ), in your Privacy Policy you should already have a section informing users the way they can delete their accounts ( e.g.: by sending a deleting request email to your email address where you handle these requests).
So in your Facebook App > User Data Deletion you need to choose the “Data Deletion Instructions URL” option, and you need to enter the URL of your Privacy Policy, maybe with an anchor pointing to the corresponding section. And that will be fine.
Note: Currently this step is missing from our Facebook – Getting Started page as these changes were only added recently, but I will update it, so in the next release users will also be informed about this.
Thanks for informing us!
Best regards,
Laszlo.