It will be news to no-one that Facebook has a poor reputation when it comes to protecting your data. 

Most notably, the Cambridge Analytica data misuse scandal saw a whistleblower reveal that the personal data belonging to millions of Facebook users was collected without their consent by a British consultancy firm for targeting voters. Since then, the personal information of more than 533 million accounts was found posted on a dark web forum and Facebook was forced to admit that it stored “hundreds of millions” of account passwords in plaintext for years, plus several leaks of scraped user data.

These scandals have led to the #DeleteFacebook movement, which has seen some of Facebook’s most vocal critics mobilized against privacy invasion, including WhatsApp founder Brian Acton, who sold the messaging app to Facebook for $19 billion in 2014. But for so many deleting Facebook just isn’t that easy. Some have to use Facebook as part of their daily 9-to-5 grind, and some are obliged to stay to keep touch with family members who have yet to discover end-to-end encrypted messaging apps.

Thankfully, there are ways to reclaim your data from Facebook’s many privacy downfalls.

How to delete your personal information

Even if you seldom post on Facebook, you may be surprised by how much personal information you’ve shared over the years, from places you’ve lived and visited to your phone number, date of birth, and more. Facebook’s privacy settings have changed so much over the years, it’s hard to keep track of who can see what of your profile.

The first step you should take to preserve your privacy is to find and delete the information that you don’t want Facebook or other people to know using Facebook’s privacy settings.

Tap on your Facebook profile picture then About, where you’ll be presented with a number of categories, such as Work and Education and Places You’ve Lived. Hover over each entry you don’t want Facebook to retain and hit Options or Edit to delete the information — or most of it, at least. There are a few entries, like Birth Date and Gender that can be changed but not removed for good.

Control who sees your posts with Facebook privacy settings

If you use Facebook begrudgingly, you’re already likely far removed from the oversharing camp. But if you’ve had an account for a while, there’s likely a lot more information – from embarrassing photos to pages you’ve liked — that you could be potentially exposing to strangers.

Thankfully, you can control who sees your posts and personal information with Facebook privacy settings. Head to Facebook’s Privacy section in Settings, and in the You’re Activity section look for Who can see your future posts? From here, you can choose who sees your posts: the public, just your Facebook friends, certain Facebook friends, or just you. 

You can also review each of the posts and items you’ve been tagged in and choose whether to hide them and limit past posts so that they can only be seen by friends.

Revoke third-party access to your Facebook data

As demonstrated by the Cambridge Analytics scandal, your Facebook data can easily end up in the hands of third-party developers. That’s particularly true if you use Facebook to log in to other sites or mobile apps, as those sites get access to data from your Facebook account, including your photo, name, and other information.

To stop these third parties from accessing your data, head to Settings then Apps and websites, and you’ll see all of the apps and websites that are connected to your Facebook account. Put a check in the box next to any website or app you want to disassociate from Facebook, and then click Remove.

You can also choose what information is shared with advertisers. Head to Settings then Ad preferences, and you can choose which information they can access, such as relationship status, employer, and job title. 

Switch on 2FA

It might sound simple, but one of the easiest things you can do to secure your Facebook account is to enable two-factor authentication (2FA), which means that in addition to a password being required to log in from a new device, a six-digit security code is also needed. While by no means perfect, this added layer of protection will make it significant more difficult for hackers to access your profile.

Delete your account

Ultimately, Facebook’s business model is all about sharing users’ personal information, so if you’re really concerned about where your data is going, downloading your data and deleting your account is the final resort — even if it means you lose all contact with your family. 

That doesn’t mean that all of your data is gone for good. Any information your friends have posted about you will remain on the social network, and if you’ve shared any information with third-party apps or advertisers, they’ll keep it even when your account is gone. Worse still, even if you’re not a Facebook user, the social network can still track you across the internet on any site that has Facebook “Like” buttons. That’s where privacy-preserving encrypted messaging apps and anti-tracking browser tools can help you block hidden website trackers.