Facebook’s privacy settings are confusing. Anyone who takes the time to go looking for the app’s controls is treated to more than 30 pages of settings, with nested menus, unclear descriptions, and cascading lists of confusing toggles. Many of the most important privacy controls aren’t even on the page labeled “Privacy Checkup.”

But there’s good news, too. Some of these settings are powerful, if you know where to find them.

It would take hours to pour through every single setting and understand exactly what they actually do. Trust us—we’ve done it. But the tips below will lead you to the most useful Facebook privacy settings, and explain their limitations. We even have a few outside tools to further limit the way the company tracks you.

‘Clear’ the Data Facebook Collects by Tracking You Around the Web

Meta doesn’t just collect data about you on its own products: Facebook, Instagram, and WhatsApp. The platform harvests information about users from millions of other apps, websites, and services, which send Meta reams of data to help the company target you with ads. It can even collect details about what you do in the real world, away from your phone and laptop.

Some of this data is visible through the Activity Off Meta Technologies menu. It’s worth looking at just to see the sheer scale of Meta’s surveillance empire. You’ll find a Clear History button, which, despite the name, doesn’t actually delete anything. It “disconnects” the data from your account, preventing the company from using it for targeted ads. Meta keeps a copy, though, and will continue to use it for analytics reports provided to other websites and advertising clients.

Companies will keep on sending fresh data, even after you hit Clear History. But you can use a different setting called Manage Future Activity to “clear” your history by default going forward.

There’s just one big caveat. Turning off Future Activity disables the Facebook Login tool that lets you sign in to other services with your Facebook credentials. As an alternative, you can disable Future Off-Meta Activity for specific apps and sites where you don’t need Facebook Login.

On the Facebook app: Tap the Menu button in the bottom right > Settings & privacy > Settings. At the top, tap Accounts Center > Your Information and Permissions > Your Activity Off Meta Technologies.

From there, you can tap Clear Previous Activity. To prevent the data from being used for targeted ads going forward, tap Manage Future Activity > Disconnect Future Activity.

Keep Your Location Data Private

Facebook is constantly collecting data about your location when you use the mobile app. That information is used for targeted ads and a host of other purposes. Meta uses information such as your network connection to approximate your location, but the most accurate source of location data comes from your device’s GPS, which, fortunately, you can control. That won’t stop Meta from accessing your whereabouts entirely, but the data will be far less precise.

On an iPhone: Open the phone’s Settings > Privacy & Security > Location Services > Facebook. Then click either “While Using the App” or “Never.”

On an Android phone: Open the phone’s Settings > Location > App Permissions > Facebook > Allow Only While Using the App or Deny. (These instructions can vary depending on your phone. Location settings may be under a Permissions menu on older devices. If you’re not on a recent version of Android, you may not have the Only While Using the App Feature, either. In that case, there’s a Background location setting in the Facebook app that provides the same effect.)

Keep Your Data Private and Secure

Use Consumer Reports’ Permission Slip and Security Planner to limit data collection and stay safer online.

Limit Data Collection by Facebook’s Partners

The Facebook Login feature is an easy way to sign in to other websites and apps, but Meta gets to collect more of your data in exchange. It can also give the companies that provide those outside services ongoing access to details about your Facebook account.

Disabling Facebook Login on services you don’t need will solve that problem. Facebook will notify the app so that it has an opportunity to give you another way to log in. (You can disable that with a checkbox when you remove the app, if you prefer.)

On the Facebook app: Tap the Menu button in the bottom right > Settings & privacy > Settings > Under Your Activity, tap Apps and Websites > Login > Click on the box next to the app’s name > Remove.

Guard Your Account From Hackers

You’ve heard this one before: Creating a strong password isn’t enough. If you want to stay safe, you need to use two-factor authentication (2FA), also known as multifactor authentication.

With 2FA the company can send you a verification code—via text or app—to confirm your identity when you log in from an unverified location, device, or browser. That makes it much harder for someone to breach your account with a stolen password.

You don’t have to give Facebook your phone number to use 2FA, either. (The company admitted several years ago that it had been using phone numbers to collect 2FA for advertising purposes; the Federal Trade Commission ordered the company to stop the practice.) A dedicated app such as Google Authenticator or Duo Mobile can be a more private and secure solution.

On the Facebook app: Tap the Menu button in the bottom right > Settings & Privacy > Settings > Accounts Center > Password and Security > Two-factor Authentication > Follow the steps.

Make Your Profile Harder to Find

Facebook’s default settings let your profile show up on Google Search, but you can change your settings to be more discreet. While you’re at it, set limits on who can send you friend requests.

In the Facebook app: Tap the Menu button in the bottom right > Settings & Privacy > Settings > Under Audience and Visibility, tap How People Find and Contact You > Do You Want Search Engines Outside of Facebook to Link to Your Profile? > Toggle off.

Limit Who Sees Your Photos and Posts

Criminals comb through Facebook and other social media apps for personal details to use in identity-theft scams. If you leave your info open to the public, anyone can discover your birth date, mother’s maiden name, and passion for poodles.

When you make a new post, Facebook gives you the option to keep the news among your friends. You can even exclude certain pals—like your boss or a nosy neighbor. But the easiest solution is changing the default audience so that your future posts are automatically private. You can retroactively limit the audience for all your old posts, too. Start with the defaults, then find the second menu to fine-tune your preferences. 

On the Facebook app: Tap the Menu button in the bottom right > Settings & Privacy > Default Audience Settings > Select “Friends.”

Here you’ll find a wide variety of settings. You can hide the details on your profile, limit who can see your old posts, and even decide whether other people can tell when you’re online. These settings are particularly worth your time, so spend 30 seconds looking at each one.

Take Some Control Over Targeted Ads

There isn’t much you can do to keep your information away from Meta’s marketing services. But you can take some control over the kinds of ads you see.

On the Ad Preferences page, you’ll find six individual categories of settings. That sounds like a lot, but you can go through each in less than a minute. For example, you can limit whether or not Meta repurposes the data it collects from other companies for its own ads. You can decide whether you want Meta to target ads based on the job title or relationship status listed on your profile. You can even decide whether you want Meta to show ads that tell other people whether you’ve liked something on Instagram or Facebook.

The company will warn you that you’re going to see “less relevant” ads if you choose to protect your privacy. We think you’ll be fine. 

In the Facebook app: Tap the Menu button in the bottom right > Settings & Privacy > At the top, tap Accounts Center > Ad Preferences > Tap the Manage Info tab > Go through each setting and choose the most private option. 

Avoid Ads on Sensitive Subjects

You can’t turn off Facebook ads, but you can try to avoid ads on specific subjects or brands, such as alcohol, gambling, parenting, pets, politics, and weight loss. However, the company doesn’t guarantee you’ll never see ads on a topic, even if you use the settings below.

On the Facebook app: Tap the Menu button in the bottom right > Settings & Privacy > At the top, tap Accounts Center > Ad preferences > Customize Ads tab > scroll down to Ad Topics. Facebook will list some topics it has already associated with you, and you can tap the search bar to see some recommended selections or find the topic you want to avoid. Tap on the topic, and select “See less.”

Stop Meta From Following You on Other Websites

As we discussed above, Meta’s data collection doesn’t stop when you leave the platform. If you’ve ever gone to a website that uses Facebook services—Like and Share buttons, Facebook Login, or the company’s invisible analytics tools—you’ve provided info on the stories you’ve read, the videos you’ve watched, and the products you’ve looked at.

“If those buttons are on the page, regardless of whether you touch them, Facebook is collecting data,” says Casey Oppenheim, a co-founder of the digital security firm Disconnect.

Millions of websites also use Meta’s hidden tracking “pixels” that give you no visual clue you’re being monitored. There’s no foolproof way to stop that surveillance—and no way at all through Facebook’s settings. You can, however, install an ad blocking extension such as Disconnect, uBlock Origin, or Privacy Badger on your browser to disrupt Facebook’s efforts to track you online.

The Mozilla Foundation, the nonprofit organization behind the Firefox browser, has designed an ad blocker specifically for this task. It’s called Facebook Container, and it uses a unique browser tab to wall off the social media platform from the rest of your online activity. It takes only a few clicks to install the Facebook Container extension for Firefox.

Decide Who Can Message You

When someone you aren’t friends with tries to contact you, their messages generally get sent to a “message requests” folder. You won’t get a notification about these messages, and Facebook lets you read them without telling the other person you’ve taken a look. That gives you a little preview before you decide to open up a dialogue.

However, you can decide not to receive these messages at all. Or you can go in the other direction with some kinds of connections and have messages open up straight to a regular chat. Facebook allows for some fine-tuning. You can make specific choices for different categories of people, such as friends of friends.

On the Facebook app: Tap the Menu button in the bottom right > Settings & Privacy > Settings > Under Audience and Visibility, tap How People Find and Contact You > Scroll down to Message Requests and tap the various options to choose how you want to be contacted.

Clean Up Your Friends List

The people on your friends list can jeopardize your privacy, sometimes without even knowing it. They could tag you with inappropriate content, for example, or fall for scams that permit accounts to be hacked.

That’s why it’s best not to maintain Facebook “friendships” with people you don’t really know (e.g., your best friend’s sister’s yoga instructor). But Facebook doesn’t make it easy to delete large groups of friends. You have to go to your Facebook profile, select people to dismiss one at a time, call up a drop-down menu, and choose “Unfriend.”

To make the process a little easier, consider using the “birthday method.” When you log in to Facebook, check the birthday notifications the app has sent you, and for each one decide whether to send out well wishes or to quietly unfriend people you’re willing to part with. This can gradually help you make your account more secure.