In short, YES you do. There are both legal and third-party requirements to be met here.
You can find out how to determine your law of reference here.
As well as:
- Don’t knowingly share information with us that you have collected from children under the age of 13.
As mentioned in the quote above, if your app is directed towards children based in the US, you’ll be required to comply with the U.S. Children’s Online Privacy Protection Act which introduces more stringent rules for your apps when you target children under the age of 13. Similarly, if you fall under the scope of the GDPR, you’ll need to comply with the GDPR’s guidelines for processing the data of minors.
Facebook also further states via their GDPR developer FAQ (emphasis ours).
Facebook is the data processor of data that developers pass to Facebook for analytics and measurement purposes. Facebook’s Platform Policy and Business Tool Terms require developers to notify individuals when they are using Facebook technology (including pixels, SDKs, and APIs) that enables Facebook to collect and process data about them and obtain users’ prior informed consent for their use of such tools. Developers must also comply with all applicable laws and regulations in the jurisdictions where they operate, including laws and regulations governing notice to individuals whose personal information is being used or disclosed. The developer is the data controller of all data they send to Facebook for measurement and analytics purposes and they are responsible for establishing a legal basis for the use of such data.
From the above quote, Facebook makes it explicitly clear that as the data controller, you (the developer) bear all responsibility for complying with applicable law, including obtaining the prior informed consent of users and having a legal basis for processing user data.
Regarding legal bases, even if you have determined, with the help of a lawyer, that a legal basis outside of consent such as “legitimate interest” applies to your situation, processing user data via cookies (e.g those used in FB analytics) still fall under the ePrivacy Directive and therefore the consent requirement will most-likely still apply.
Meeting your requirements here is actually quite straightforward:
All our policies are created by lawyers, monitored by our lawyers and hosted on our servers to ensure that they are always up-to-date with the latest legal changes and third-party requirements.
The generation process is easy and intuitive:
Our Cookie Solution makes this task simple. Just click to activate, then integrate the script into your app (or website).