How is customer data processed by Google and Facebook?
Regarding the processing of customer file data by Facebook:
Facebook indicates in this documentation that:
"Hashing is a type of cryptographic security method which turns the information in your customer list into randomized code. The process cannot be reversed.
When you upload your customer list in Ads Manager to create a Custom Audience, the information in your list is hashed before it’s sent to Facebook. Facebook uses this hashed information and compares it to our own hashed information. Then, we help build your audience by finding the Facebook profiles that match and create a Custom Audience for you from those matches.
After your Custom Audience is created, the matched and unmatched hashed information is deleted."
Regarding the processing of customer file data by Google:
Google indicates in this documentation :
"The customer data files you upload will only be used to match your customers to Google accounts and to ensure your Google Ads Customer Match campaigns comply with our policies.
Google’s system transforms the contact information we have for Google accounts, like email addresses and phone numbers, into hashed codes using the secure hashing algorithm SHA256, a one-way hashing mechanism that is not unencrypted by Google.
We won’t retain your data files for any longer than necessary to create your Customer Match audiences and ensure compliance with our policies. Once those processes are complete, we'll promptly delete the data files you uploaded via the Google Ads interface or the API."