Mastodon vs Facebook

Followers-only and direct posts may be stored on other servers, and the policy warns that server operators or recipients may view, screenshot, copy, or resh​are them. In practice, these messages are not treated as truly private.

The service records your login IP address and says the latest IP address used may be stored for up to 12 months. That is a meaningful amount of identity-linked metadata retention.

The policy says Mastodon does not sell or trade your personal information. That reduces the risk of ad-tech style sharing or monetization of your data.

You can request and download an archive of your content, including posts, media, and profile images. This makes it easier to back up your data or move on from the service.

The policy says you may irreversibly delete your account at any time. That gives users a clear exit path, though deletion is permanent.

Cookies are used to recognize your browser and associate it with your account, as well as save preferences. This is standard, but it does mean persistent browser tracking on the site.

Server logs containing IP addresses are retained, if kept at all, for no more than 90 days. That is a relatively limited retention period for operational logs.

Your information may be used for moderation, including checking for ban evasion by comparing IP addresses. This is a normal platform operation, but it means account and network activity are used for enforcement.

Meta collects information you provide, your activity, devices, contacts, and data from partners and third parties. In practice, this means Facebook can build a very detailed profile even from activity outside the app.

The policy says Meta receives information through cookies, pixels, and similar technologies from other websites and apps. This can connect your off-Facebook browsing and app activity back to your account or ad profile.

Some information is public by default, and public content can be viewed, reshared, downloaded, and even appear off Meta. Users should assume public posts may travel far beyond Facebook.

By posting content, you grant Meta a worldwide, sublicensable license to use, modify, distribute, and create derivatives. That gives Meta wide operational freedom to reuse what you upload while it remains on its systems.

Account or content deletion can take up to 90 days, plus another 90 days to remove copies from backups and disaster recovery systems. Some content can also be retained longer for legal, safety, or technical reasons.

Meta states it does not sell your personal data to advertisers and does not share directly identifying information without permission. That is better than a true data-selling model, though it still uses your data for ad targeting.

You can delete individual content, delete your account, and trash items begin a deletion process automatically after 30 days. The policy also says deleted items are removed from visibility while deletion is pending.

Facebook uses your personal data to show personalized ads and sponsored content, including across Meta products and sometimes off-platform. Even though Meta says it does not sell your personal data, your activity is still used for targeted advertising.

Meta can remove content, restrict features, suspend, disable, or delete accounts for serious or repeated violations, often in its discretion. Some review explanations may be withheld for safety, legal, or technical reasons.

Meta says you can download your information and, in some cases and subject to law, port it. This gives users at least some ability to take their data elsewhere.

For consumers, disputes are governed by the law of your country and may be brought in competent local courts. That is more user-friendly than forcing all users into a distant arbitration forum.

Meta says it will notify users at least 30 days before material Terms changes, unless the change is required by law. That gives users a chance to review updates before they take effect.