we are considering using adbridge to create custom audiences in facebook.
It seems that there are 2 ways to create those.
Importing a custom list
1. Facebook hashes the data our users have provided us. You begin uploading your customer list and it's hashed locally in your browser before it's uploaded to Facebook.
2. After your hashed data is uploaded to Facebook, we match it against ours.
3. The matches are added to a Custom Audience for you.
4. The matched and unmatched hashes are deleted.
Send data directly to Facebook with Marketo AdBridge
This seems to be a direct connection between Marketo & Facebook.
What I could not find out from the help documents is if the customer data is hashed in this process like it is for the custom list import.
This information is important for countries with strict data privacy and consent rules.
Would be awesome if someone could explain in more detail the process on how data flows into Facebook via AdBridge.
When you use AdBridge to send data to Facebook, you agree to Facebook's Custom Audience Terms, which do imply ("You represent and warrant that you (or your data provider) have provided appropriate notice to and secured any necessary consent from the data subjects whose data will be hashed to create the Hashed Data") that the data is being hashed. Given that Facebook's developer documentation requires anything (other than user uploaded data) to be SHA256 ha... ("You must hash your data as SHA256; we don't support other hashing mechanisms. This is required for all data except External Identifiers."), this indicates the hashing is being done on Marketo's side prior to getting pushed to Facebook.
Again, Facebook's own Custom Audience Terms indicate they're aware and comply with EU and other such laws (and given that Facebook is Facebook, it'd be pretty surprising if they weren't!).
Someone may have more insight into how the hashing occurs, but it looks like you're pretty safe in using AdBridge.