Last Edit/Review: December 4, 2024
Last Update: February 25, 2024
1. Frequently Asked Questions (FAQs)
These FAQs provide a handy entry point to our longer and more comprehensive Privacy Policy (below). They enhance rather than replace the important notices in this Privacy Policy, which governs our collection, use, storage, and sharing of the information that we collect or receive from you.
What’s new as of December 4, 2024?
On December 4, 2024, we updated our Developer Privacy Policy, removing references to Ziva, Reflect, and Furioos. We also made some formatting updates and made clarifications to data which may be collected .
The difference between an edit/review and an update is that "updates" involve material changes to our Policy whereas edits are not material or simply indicate a review has occurred. For example, we may make clarifying edits by giving additional examples. When we provide an update, you will receive a notice to accept and read the changes, which are summarized here.
2. Privacy Policy Overview
Unity Technologies and its subsidiaries and affiliates (collectively “Unity”) offer a variety of products, Services, and websites for Developers that will be referred to in this Policy as the “Service” or “Services.” The Services include those provided to Developers under the Unity Advertising Services Terms of Service and Create Terms of Service. The Policy refers to Unity as “we” or “us” and to the Developers as “you.” When we say “device,” we mean any device, including desktop, laptop, PC or Mac computers, smartphones, tablets, or any other device that is used to access or interact with the Service. When we say “Developer,” we mean a third party that develops and/or distributes a game or other app made with and/or using Unity Services. For clarity, Developer is inclusive of Users of our Art Tools. When we say “User” we mean a Developer, people browsing our websites, a customer, or a prospective customer. When we say “Personal Information” we mean information that identifies you as an individual or relates to an identifiable individual. Personal Information does not include aggregated, de-identified, and/ or anonymized information, i.e., when the information has been transformed so that it no longer relates back to a person’s identity.
It is important that you read this Privacy Policy together with any other privacy policy or fair processing notice we may provide on specific occasions when we are collecting or processing Personal Information, so that you are fully aware of how and why we are using your Personal Information. While this is our main Privacy Policy for Developers there may be supplemental privacy policies depending on the service being used. You can find a link to all privacy notices here. To learn about our practices for game player data, please see our Game Player and App User Privacy Policy.
This Privacy Policy governs our information practices for our Developer Services, which includes any websites, where a link to this Policy is provided. Developer Services means products and services intended for a party that develops and/or distributes a game or other app made with and/or using Unity Services. This Privacy Policy also applies to Personal Information we collect offline, such as when you call us or interact with Unity in person, such as at an industry event or at a place of business.
If you are a student using a Unity Educational Product (excluding the Student Plan), please see the Unity Educational Privacy Notice. For clarity, this main Privacy Policy does not apply to you unless you are on the Student Plan.
3. Information We Collect
We collect the following categories of Personal Information:
A. Personal Information we receive from you:
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Company Information | Such as company name, work address, job title |
Account Information | Such as password(s) you create to access the Service, username/ userID, profile photo (should you choose to use one), license information (such as entitlement information which indicates whether you have a valid license to use the software), organization information (information about the organization which your account may be assigned to), transaction information. |
Billing & Financial Information | Tax or government IDs, Credit card information, bank account information, transaction information. This may be provided by Users, e.g.., Developers to purchase a license to use the Services This may also be provided by other Users, e.g., Asset Store Publishers, Advertisers in the Ad Network, who may provide us with financial information so that we can pay them. |
Social Network Information | When you log into our Services with a social network account, you may have the option of sharing information, such as the username you use on that network and your friends list or other information that you or the third-party social network choose to share with Unity. By doing so, you understand that the use of shared information will be governed by the social media provider’s privacy policy and this Privacy Policy. When you otherwise share your social media account with Unity through any means for example, when you comment using your GitHub account. Similarly you may share your social media account in order to be considered for our Influencer Program or our Unity Affiliate Program. |
Information Uploaded Through Use of Services | In using the Services, a User may upload information such as images, files (such as a text file you wish to upload into a project) and projects (such as your game which you have built using the Unity Editor). |
Information Provided Through Use of Services | Users provide us with various information when they participate in community and forum pages such as message boards, chat, profile pages, blogs and other Services to which you can post information and content (including on our social media pages). Please note that any information you post or disclose through these Services will become public and may be available to other Users and the general public. In Services such as Unity Cloud Build, Unity Multiplayer, and Unity Analytics, Users may further provide game information and credentials, including source control information as well as codes and keys. |
Biometric Information | We may collect biometric information, including images, associated with our Users’ storage of data they collect from you using our tools. For more information on our collection of biometric information, please refer to the Biometric Information section below. |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Company Information | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. Such as company name, work address, job title |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Account Information | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. Such as password(s) you create to access the Service, username/ userID, profile photo (should you choose to use one), license information (such as entitlement information which indicates whether you have a valid license to use the software), organization information (information about the organization which your account may be assigned to), transaction information. |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Billing & Financial Information | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. Tax or government IDs, Credit card information, bank account information, transaction information. This may be provided by Users, e.g.., Developers to purchase a license to use the Services This may also be provided by other Users, e.g., Asset Store Publishers, Advertisers in the Ad Network, who may provide us with financial information so that we can pay them. |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Social Network Information | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. When you log into our Services with a social network account, you may have the option of sharing information, such as the username you use on that network and your friends list or other information that you or the third-party social network choose to share with Unity. By doing so, you understand that the use of shared information will be governed by the social media provider’s privacy policy and this Privacy Policy. When you otherwise share your social media account with Unity through any means for example, when you comment using your GitHub account. Similarly you may share your social media account in order to be considered for our Influencer Program or our Unity Affiliate Program. |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Information Uploaded Through Use of Services | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. In using the Services, a User may upload information such as images, files (such as a text file you wish to upload into a project) and projects (such as your game which you have built using the Unity Editor). |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Information Provided Through Use of Services | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. Users provide us with various information when they participate in community and forum pages such as message boards, chat, profile pages, blogs and other Services to which you can post information and content (including on our social media pages). Please note that any information you post or disclose through these Services will become public and may be available to other Users and the general public. In Services such as Unity Cloud Build, Unity Multiplayer, and Unity Analytics, Users may further provide game information and credentials, including source control information as well as codes and keys. |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|---|
Biometric Information | |
Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. We may collect biometric information, including images, associated with our Users’ storage of data they collect from you using our tools. For more information on our collection of biometric information, please refer to the Biometric Information section below. |
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal/ billing address, date of birth, gender, country of residence. |
---|
B. Personal Information we collect through your use of our Services or from other sources:
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|---|
IP Address | Our systems automatically collect an IP address when Users access the Service. IP addresses can be used to learn about the general location (e.g., city, state and country) of the User’s point of access to the web. |
Log Information | When you access the Unity website, Services or products that use an aspect of our Service, we may log a variety of technical information (“Log Info”), including but not limited to User ID, device identifiers, browser information, session IDs, session token data, authentication token data, data event information, login data, events captured through your interaction with the Services, events captured through your searching of/ use of the Services, and requesting/ referring page(s) (referred to as Usage Data in your Terms of Service). To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. |
Core Business Metric Information | When you use Unity Software to develop games and apps, we may collect information such as IP address, Unity ID, organization ID, project ID, session ID, time stamps (associated with events), Unity Software serial and version number, Unity Software Revision ID, build target, OS platform and version, asset count (approximate number of assets in a folder), session duration, and active duration (this differs from session duration as a session may not time out), Verified Solutions Partner name and UserID required by such Partners (where applicable), and crash data. To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. |
Cookies and Related Technologies | We collect Personal Information through cookies and similar technologies. For more information on how Unity uses cookies, the types of cookies and other technologies used, and your privacy choices, please see our Cookie & Advertising Policy. |
Other Information | When you use Unity Software, it may automatically make Internet connections to check for updates, validate your license keys, and provide us with aggregated usage statistics. We may employ third-party analytics services to collect and analyze Developers’ use of the Unity Software. To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. We may obtain additional information about you from third parties such as marketers, partners, researchers, and others. We may combine information that we collect from you with information about you that we obtain from such third parties and information derived from any other subscription, product, or Service we provide. |
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|---|
IP Address | |
Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. Our systems automatically collect an IP address when Users access the Service. IP addresses can be used to learn about the general location (e.g., city, state and country) of the User’s point of access to the web. |
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|---|
Log Information | |
Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. When you access the Unity website, Services or products that use an aspect of our Service, we may log a variety of technical information (“Log Info”), including but not limited to User ID, device identifiers, browser information, session IDs, session token data, authentication token data, data event information, login data, events captured through your interaction with the Services, events captured through your searching of/ use of the Services, and requesting/ referring page(s) (referred to as Usage Data in your Terms of Service). To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. |
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|---|
Core Business Metric Information | |
Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. When you use Unity Software to develop games and apps, we may collect information such as IP address, Unity ID, organization ID, project ID, session ID, time stamps (associated with events), Unity Software serial and version number, Unity Software Revision ID, build target, OS platform and version, asset count (approximate number of assets in a folder), session duration, and active duration (this differs from session duration as a session may not time out), Verified Solutions Partner name and UserID required by such Partners (where applicable), and crash data. To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. |
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|---|
Cookies and Related Technologies | |
Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. We collect Personal Information through cookies and similar technologies. For more information on how Unity uses cookies, the types of cookies and other technologies used, and your privacy choices, please see our Cookie & Advertising Policy. |
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|---|
Other Information | |
Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. When you use Unity Software, it may automatically make Internet connections to check for updates, validate your license keys, and provide us with aggregated usage statistics. We may employ third-party analytics services to collect and analyze Developers’ use of the Unity Software. To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. We may obtain additional information about you from third parties such as marketers, partners, researchers, and others. We may combine information that we collect from you with information about you that we obtain from such third parties and information derived from any other subscription, product, or Service we provide. |
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
---|
C. Sensitive Information:
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership) on or through the Unity website, the Services or otherwise to us.
D. Aggregated, De-Identified, and/ or Anonymized Information:
We may aggregate, de-identify, and/ or anonymize Personal Information, i.e., transform the information so it no longer relates back to a person's identity so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
4. How We Use the Information we Collect or Receive
Below, you will find a table depicting how we use the information we collect or receive through the use of our Services.
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources | |
---|---|---|---|---|---|
Service Provision & Maintenance |
|
| - Performing the terms of the contract, including the Terms of Service we enter with you to provide the Services. - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as in: - Maintaining the Service & operational improvements - Responding to inquiries - Legal obligations such as when you submit a request to access your personal information. | ||
Sales Operations |
| - Legitimate Interest, such as in enhancing and growing our business and meeting the needs of our customers. - Comply with a legal obligation* such as financial reporting obligations |
| ||
Notices |
| - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Legal obligations* such as when we obtain your information from a third party and are obligated to notify you. |
| ||
Customer service | Administering customer-care services to facilitate and address inquiries, requests, comments, and complaints about any of our Services (such as in person, through phone lines, email, or on social media), e.g., to send you documents or product information you request or assist you in using the Services. | - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Legitimate Interests, such as: - Responding to and resolving inquiries or complaints - Providing support to customers so that they can use the service - Legal obligations* such as when you submit a request to access your Personal Information. | N/A | ||
Newsletters and Marketing |
| - Consent, such as: - When you have opted into marketing communications - When we have your soft opt-in to certain communications We have your soft opt-in when you provide your contact information to us in the context of a purchase of a product or service.** - When we collect Personal Information through our use of cookies and similar technologies. - Contacting users for sales and marketing opportunities |
| ||
Social Sharing | Facilitating social sharing, including through your GitHub account, the Influencer Program or the Unity Affiliate Program. | - Consent,such as: - When you have opted in to sharing your social media account(s) with us. - Legitimate Interest, such as: - Such as interacting with you on social media through posts - Such as attributing a contribution to an individual - Performance of the Terms of Service Agreement we enter with you to provide the Services, such as fulfilling our obligations associated with those who sign up to the Unity Affiliate Program. |
| ||
Promotions & Contests | Allowing you to participate in sweepstakes, contests, or other promotions. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Information, which we will communicate to you separately | - Manage our contractual relationship, such as fulfilling obligations associated with a contest. Consent, such as: - When you have opted into relevant marketing communications When we collect Personal Information through our use of cookies and similar technologies. | Marketers Third-Party Social Networks Unity Partners Researchers Third party lead generation services | ||
Personalizing Services | Personalizing our interactions with you and providing you with information and/ or offers. These may be: - Based on your past usage and/ or preferences - Delivering content via our Services that we believe will be relevant and interesting to you | - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as: - Such as providing tailored Services based on past usage and/or preferences, and such tailoring would be based on basic and privacy-non-intrusive segmentation. |
| ||
Business Reporting |
|
| - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as: - Such as developing new Services and/ or products - Understanding market sentiments and market standards |
| |
AI Data Analytics | Conducting data analytics, i.e., applying analytics to business operations and data to describe, predict, and improve business performance within Unity and/or to provide a better user experience, including the use of AI, including Generative AI. Please note: we aim to include data minimization into our AI practices, such as through the incorporation noise reduction tools such as - Removal, tokenization, and anonymization of some personal information - To detect and restrict Unacceptable Content as provided for in our Content Policy being provided by users. | - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as: - Developing new Services and/ or products - Understanding market sentiments and market standards |
| ||
Security Purposes |
|
| - Comply with a legal obligation* - Legitimate Interests, such as: - Securing our services, investigating cyber intrusions, fraud, and abuse. - Protecting our operations, rights, safety, or property - Pursuing all available legal remedies, defending claims, and limiting damages we may sustain | Law enforcement | |
Legal Purposes |
|
| - Comply with a legal obligation* such as financial reporting obligations - Legitimate Interests, such as: - Securing our services, investigating cyber intrusions, fraud, and abuse. - Reporting on company progress to key stakeholders and making decisions on such reporting - Protecting our operations, rights, safety, or property - Pursuing all available legal remedies, defending claims, and limiting damages we may sustain | Law enforcement | |
Law Enforcement Requests |
|
| - Comply with a legal obligation* - Legitimate Interest, such as: Monitoring, reacting to, and documenting an emergency and/or incident | Law enforcement | |
Business Transactions |
|
| - Legitimate Interests, such as: - Pursuing a business transaction - Corporate restructuring | N/A | |
Emergency & Incident Response |
| Legitimate Interest, such as in monitoring, reacting to, and documenting an emergency and/or incident | Law Enforcement Incident reporter |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Service Provision & Maintenance | ||||
Examples of Processing Activities
| ||||
Personal Information Categories
| ||||
Legal Basis under GDPR - Performing the terms of the contract, including the Terms of Service we enter with you to provide the Services. - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as in: - Maintaining the Service & operational improvements - Responding to inquiries - Legal obligations such as when you submit a request to access your personal information. | ||||
Third-Party Sources |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Sales Operations | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Legitimate Interest, such as in enhancing and growing our business and meeting the needs of our customers. - Comply with a legal obligation* such as financial reporting obligations | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Notices | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Legal obligations* such as when we obtain your information from a third party and are obligated to notify you. | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Customer service | ||||
Examples of Processing Activities Administering customer-care services to facilitate and address inquiries, requests, comments, and complaints about any of our Services (such as in person, through phone lines, email, or on social media), e.g., to send you documents or product information you request or assist you in using the Services. | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Legitimate Interests, such as: - Responding to and resolving inquiries or complaints - Providing support to customers so that they can use the service - Legal obligations* such as when you submit a request to access your Personal Information. | ||||
Third-Party Sources N/A |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Newsletters and Marketing | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Consent, such as: - When you have opted into marketing communications - When we have your soft opt-in to certain communications We have your soft opt-in when you provide your contact information to us in the context of a purchase of a product or service.** - When we collect Personal Information through our use of cookies and similar technologies. - Contacting users for sales and marketing opportunities | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Social Sharing | ||||
Examples of Processing Activities Facilitating social sharing, including through your GitHub account, the Influencer Program or the Unity Affiliate Program. | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Consent,such as: - When you have opted in to sharing your social media account(s) with us. - Legitimate Interest, such as: - Such as interacting with you on social media through posts - Such as attributing a contribution to an individual - Performance of the Terms of Service Agreement we enter with you to provide the Services, such as fulfilling our obligations associated with those who sign up to the Unity Affiliate Program. | ||||
Third-Party Sources
| ||||
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Promotions & Contests | ||||
Examples of Processing Activities Allowing you to participate in sweepstakes, contests, or other promotions. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Information, which we will communicate to you separately | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Manage our contractual relationship, such as fulfilling obligations associated with a contest. Consent, such as: - When you have opted into relevant marketing communications When we collect Personal Information through our use of cookies and similar technologies. | ||||
Third-Party Sources Marketers Third-Party Social Networks Unity Partners Researchers Third party lead generation services |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Personalizing Services | ||||
Examples of Processing Activities Personalizing our interactions with you and providing you with information and/ or offers. These may be: - Based on your past usage and/ or preferences - Delivering content via our Services that we believe will be relevant and interesting to you | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as: - Such as providing tailored Services based on past usage and/or preferences, and such tailoring would be based on basic and privacy-non-intrusive segmentation. | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Business Reporting | ||||
Examples of Processing Activities
| ||||
Personal Information Categories
| ||||
Legal Basis under GDPR - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as: - Such as developing new Services and/ or products - Understanding market sentiments and market standards | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
AI Data Analytics | ||||
Examples of Processing Activities Conducting data analytics, i.e., applying analytics to business operations and data to describe, predict, and improve business performance within Unity and/or to provide a better user experience, including the use of AI, including Generative AI. Please note: we aim to include data minimization into our AI practices, such as through the incorporation noise reduction tools such as - Removal, tokenization, and anonymization of some personal information - To detect and restrict Unacceptable Content as provided for in our Content Policy being provided by users. | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Consent, such as: - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interest, such as: - Developing new Services and/ or products - Understanding market sentiments and market standards | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Security Purposes | ||||
Examples of Processing Activities
| ||||
Personal Information Categories
| ||||
Legal Basis under GDPR - Comply with a legal obligation* - Legitimate Interests, such as: - Securing our services, investigating cyber intrusions, fraud, and abuse. - Protecting our operations, rights, safety, or property - Pursuing all available legal remedies, defending claims, and limiting damages we may sustain | ||||
Third-Party Sources Law enforcement |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Legal Purposes | ||||
Examples of Processing Activities
| ||||
Personal Information Categories
| ||||
Legal Basis under GDPR - Comply with a legal obligation* such as financial reporting obligations - Legitimate Interests, such as: - Securing our services, investigating cyber intrusions, fraud, and abuse. - Reporting on company progress to key stakeholders and making decisions on such reporting - Protecting our operations, rights, safety, or property - Pursuing all available legal remedies, defending claims, and limiting damages we may sustain | ||||
Third-Party Sources Law enforcement |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Law Enforcement Requests | ||||
Examples of Processing Activities
| ||||
Personal Information Categories
| ||||
Legal Basis under GDPR - Comply with a legal obligation* - Legitimate Interest, such as: Monitoring, reacting to, and documenting an emergency and/or incident | ||||
Third-Party Sources Law enforcement |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Business Transactions | ||||
Examples of Processing Activities
| ||||
Personal Information Categories
| ||||
Legal Basis under GDPR - Legitimate Interests, such as: - Pursuing a business transaction - Corporate restructuring | ||||
Third-Party Sources N/A |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Emergency & Incident Response | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR Legitimate Interest, such as in monitoring, reacting to, and documenting an emergency and/or incident | ||||
Third-Party Sources Law Enforcement Incident reporter |
*For more information on our legal obligations, please see section ‘Other Disclosures’ below.
** In these cases, our marketing communication will only relate to our own similar products or services to that which you purchased. At the time of purchase, we will have given you the opportunity to easily object to receiving these types of marketing messages, and we will always include an unsubscribe link in each marketing communication so that you can easily opt-out if preferred.
*** For more information on disclosure of Personal Information in connection with a sale or business transaction, please see ‘Other Disclosures’ below.
Please note: When the legal basis is to manage our contractual relationship with you, the minimum information required will be Name & Contact Details, Account Information, Billing & Financial Information (if a service requires payment from any party), IP Address, Log Information, and Core Business Metric Information or in the case of ensuring that our services are operating with enough servers and capacity, machine ID and event telemetry information. Not providing this information may result in you not being able to use the Services.
5. Sharing Information
Below, you will find an outline of scenarios in which information may be shared using our Services.
Recipients | Purpose |
---|---|
Our Affiliates, including ironSource | All purposes described in this Privacy Policy |
Asset Store Sellers (a person who sells Assets on our Asset Store) | With certain Asset Store sellers, we provide Personal Information, such as an email address, when you purchase or license certain products (like SDKs) to the sellers of those products in our Asset Store. We provide this information to assist the provider with fulfilling your purchase(s) and, in the case of our Asset Store partners, to allow them to contact you about new products and Services |
Vendors & Service Providers | We share Personal Information with select vendors and service providers to help us provide our Services such as: - Website & Data Hosting and Analytics including Cloud Servers - These assist us with operations and general business such as: - Providing the functionality of the Services - Storing and transferring data in a secure manner - Improving and developing new products and Services - Data analytics - Marketing & Events - These assist us with activities such as: - Event hosting - Sending you marketing communications, consistent with your choices - Facilitating & sponsoring sweepstakes, contests, and similar promotions - Conducting research and surveys - Payment Processors - Facilitating financial transactions. - Our payments processors request that we provide you with a link to their privacy statements: - Worldpay - Privacy Statement - Zuora - Privacy Statement - Stripe - Privacy Center - SpeedTree payment data is stored by Authorize.net and Paypal. You may find their privacy policy link(s) here: https://www.authorize.net/about-us/privacy/ and https://www.paypal.com/us/webapps/mpp/ua/privacy-full. - Fraud & Security - These assist us with activities such as: - Protecting and securing our systems and Services - Monitoring, investigating, and taking action on fraudulent activity - Professional Services - These provide a variety of services to us such as audit, legal, and financial. - Information Technology - These assist us with infrastructure provision - Sales Infrastructure - These assist us with sales operations such as: - Customer relationship management - Lead management - Account and transaction recordkeeping - Resell our products and services |
Law Enforcement or other similar parties | For safety, security, and legal compliance, including: - When we are required to disclose the information in response to legal process (e.g., if we receive a court order, search warrant, subpoena, or similar legal process); - If we believe that the Service is being used in the commission of a crime, including to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction; - To protect the vital interests of you, another person or the public, for example when there is a meaningful risk that poses a threat to the safety of you, another person or the public generally; and - To protect the rights or property of Unity, including to enforce the terms and licenses that govern the use of the Services. |
Advertisers | As discussed in our Cookie & Advertising Policy, we may permit advertisers and their agents to use cookies or related technologies within the Service to store information on or read information from your browser or device so that they can optimize their advertising campaigns, including to frequency cap and deliver targeted ads |
To third parties in the event of a business transaction | |
With your consent | We may share your information for other purposes if (i) you direct us to do so or (ii) you consent to such sharing. |
Due to your actions | Sharing can happen within our Services and outside it when you take certain actions. For example: - When you share a replay on a social network – depending on your privacy settings at the relevant social network – some users of the relevant social network will be able to see the replay; - When you post comments on our forums, visitors and other forum users will be able to see your username, photo, and comments; - When you publish or provide assets for license on the Asset Store, your seller name and other information in your Publisher profile will be visible; - When you sign up for a certification program, your Name & Contact Information will be shared with the vendor who runs the certifications. |
Recipients | Purpose |
---|---|
Our Affiliates, including ironSource | |
Purpose All purposes described in this Privacy Policy |
Recipients | Purpose |
---|---|
Asset Store Sellers (a person who sells Assets on our Asset Store) | |
Purpose With certain Asset Store sellers, we provide Personal Information, such as an email address, when you purchase or license certain products (like SDKs) to the sellers of those products in our Asset Store. We provide this information to assist the provider with fulfilling your purchase(s) and, in the case of our Asset Store partners, to allow them to contact you about new products and Services |
Recipients | Purpose |
---|---|
Vendors & Service Providers | |
Purpose We share Personal Information with select vendors and service providers to help us provide our Services such as: - Website & Data Hosting and Analytics including Cloud Servers - These assist us with operations and general business such as: - Providing the functionality of the Services - Storing and transferring data in a secure manner - Improving and developing new products and Services - Data analytics - Marketing & Events - These assist us with activities such as: - Event hosting - Sending you marketing communications, consistent with your choices - Facilitating & sponsoring sweepstakes, contests, and similar promotions - Conducting research and surveys - Payment Processors - Facilitating financial transactions. - Our payments processors request that we provide you with a link to their privacy statements: - Worldpay - Privacy Statement - Zuora - Privacy Statement - Stripe - Privacy Center - SpeedTree payment data is stored by Authorize.net and Paypal. You may find their privacy policy link(s) here: https://www.authorize.net/about-us/privacy/ and https://www.paypal.com/us/webapps/mpp/ua/privacy-full. - Fraud & Security - These assist us with activities such as: - Protecting and securing our systems and Services - Monitoring, investigating, and taking action on fraudulent activity - Professional Services - These provide a variety of services to us such as audit, legal, and financial. - Information Technology - These assist us with infrastructure provision - Sales Infrastructure - These assist us with sales operations such as: - Customer relationship management - Lead management - Account and transaction recordkeeping - Resell our products and services |
Recipients | Purpose |
---|---|
Law Enforcement or other similar parties | |
Purpose For safety, security, and legal compliance, including: - When we are required to disclose the information in response to legal process (e.g., if we receive a court order, search warrant, subpoena, or similar legal process); - If we believe that the Service is being used in the commission of a crime, including to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction; - To protect the vital interests of you, another person or the public, for example when there is a meaningful risk that poses a threat to the safety of you, another person or the public generally; and - To protect the rights or property of Unity, including to enforce the terms and licenses that govern the use of the Services. |
Recipients | Purpose |
---|---|
Advertisers | |
Purpose As discussed in our Cookie & Advertising Policy, we may permit advertisers and their agents to use cookies or related technologies within the Service to store information on or read information from your browser or device so that they can optimize their advertising campaigns, including to frequency cap and deliver targeted ads |
Recipients | Purpose |
---|---|
To third parties in the event of a business transaction | |
Purpose |
Recipients | Purpose |
---|---|
With your consent | |
Purpose We may share your information for other purposes if (i) you direct us to do so or (ii) you consent to such sharing. |
Recipients | Purpose |
---|---|
Due to your actions | |
Purpose Sharing can happen within our Services and outside it when you take certain actions. For example: - When you share a replay on a social network – depending on your privacy settings at the relevant social network – some users of the relevant social network will be able to see the replay; - When you post comments on our forums, visitors and other forum users will be able to see your username, photo, and comments; - When you publish or provide assets for license on the Asset Store, your seller name and other information in your Publisher profile will be visible; - When you sign up for a certification program, your Name & Contact Information will be shared with the vendor who runs the certifications. |
Recipients | Purpose |
---|
Additional information for those located in the European Economic Area
We also disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so, as set out in further detail here.
Purpose | Further Detail |
---|---|
To comply with applicable law and regulations | This may include laws outside your country of residence, which could give rise to a legal obligation requiring us to process your Personal Information, including: - Civil and commercial matters: - Where we are in receipt of a court order to disclose information for the purposes of court proceedings, such as under Regulation (EU) No 1215/2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters. - To comply with Council Regulation (EC) No 1206/2001 of 28 May 2001 on cooperation between the courts of the Member States in the taking of evidence in civil or commercial matters. - Criminal matters: to comply with requests and orders from EU and EU Member State law enforcement to provide information in relation to a criminal investigation in compliance with applicable local laws, or to take steps to report information we believe is important to law enforcement where so required or advisable under applicable local laws. - Consumer matters: to comply with requests from competent authorities under EU or EU Member State consumer protection law, such as under Directive (EU) 2019/2161 and its implementing laws in EU Member States. - Corporate and taxation matters: to comply with our obligations under applicable EU Member State corporate and tax legislation, such as where a national tax law of an EU Member State requires collection of specific transactional personal information for tax purposes. - Regulatory matters: to respond to a request or to provide information we believe is necessary or appropriate to comply with our obligations to engage with regulators, such as when relevant EU Member State data protection supervisory authorities initiate investigation under the General Data Protection Regulation into our Company. These can include authorities outside of your country of residence. - Compliance and internal investigations: to comply with whistleblowing requirements under Directive (EU) 2019/1937 and its implementing laws in EU Member States. - Health and safety regulations: to comply with health and safety reporting obligations in accordance with applicable local laws, such as in relation to accidents involving members of the public on our premises. - - Compliance with the Digital Services Act (Regulation (EU) 2022/2065) and any other applicable laws: Note: Unity will provide its users of impacted services with aggregate reporting regarding Unity’s compliance with the Digital Services Act upon the user’s request. New laws may be enacted, or other obligations may become binding on our processing of your information which may require us to process your information and we will update this list from time to time. |
For other legal reasons |
|
Purpose | Further Detail |
---|---|
To comply with applicable law and regulations | |
Further Detail This may include laws outside your country of residence, which could give rise to a legal obligation requiring us to process your Personal Information, including: - Civil and commercial matters: - Where we are in receipt of a court order to disclose information for the purposes of court proceedings, such as under Regulation (EU) No 1215/2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters. - To comply with Council Regulation (EC) No 1206/2001 of 28 May 2001 on cooperation between the courts of the Member States in the taking of evidence in civil or commercial matters. - Criminal matters: to comply with requests and orders from EU and EU Member State law enforcement to provide information in relation to a criminal investigation in compliance with applicable local laws, or to take steps to report information we believe is important to law enforcement where so required or advisable under applicable local laws. - Consumer matters: to comply with requests from competent authorities under EU or EU Member State consumer protection law, such as under Directive (EU) 2019/2161 and its implementing laws in EU Member States. - Corporate and taxation matters: to comply with our obligations under applicable EU Member State corporate and tax legislation, such as where a national tax law of an EU Member State requires collection of specific transactional personal information for tax purposes. - Regulatory matters: to respond to a request or to provide information we believe is necessary or appropriate to comply with our obligations to engage with regulators, such as when relevant EU Member State data protection supervisory authorities initiate investigation under the General Data Protection Regulation into our Company. These can include authorities outside of your country of residence. - Compliance and internal investigations: to comply with whistleblowing requirements under Directive (EU) 2019/1937 and its implementing laws in EU Member States. - Health and safety regulations: to comply with health and safety reporting obligations in accordance with applicable local laws, such as in relation to accidents involving members of the public on our premises. - - Compliance with the Digital Services Act (Regulation (EU) 2022/2065) and any other applicable laws: Note: Unity will provide its users of impacted services with aggregate reporting regarding Unity’s compliance with the Digital Services Act upon the user’s request. New laws may be enacted, or other obligations may become binding on our processing of your information which may require us to process your information and we will update this list from time to time. |
Purpose | Further Detail |
---|---|
For other legal reasons | |
Further Detail
|
Purpose | Further Detail |
---|
6. Our Policies Concerning Children
Unless expressly provided otherwise, the Services are intended for general audiences and are not intended for children. We do not knowingly collect Personal Information from children under 13. If any party becomes aware that a child under the age to provide lawful consent to processing in their region (e.g., 13 in the U.S., 16 in the E.U.,16 in Japan) has provided us with Personal Information in contravention of our policies, they should contact us at DPO@unity3d.com.
- Some third parties, such as platform providers like the iTunes Store or Google Play, may provide age-based ratings on some of the apps created by Developers. These ratings shall have no bearing on the limitations set out in applicable law and in this Privacy Policy. Third parties may also provide content categories on some of the Services. These categories shall have no bearing on the limitations set out in applicable law and in this Privacy Policy.
7. Your Choices About Unity’s Collection and Use of Your Information
Below, you will find information on how any User can access, correct, update, suppress, restrict, or delete your Personal Information, object to or opt out of the processing of Personal Information, withdraw your consent (which will not affect the lawfulness of processing prior to the withdrawal), or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the instructions immediately above, or in accordance with the ‘Contact Us’ section below. We may not be able to accommodate a request if we believe the request would violate any law or legal requirement.
In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
1. You always have the option to refrain from using the Service or to discontinue using the Service if you do not want Personal Information collected about you. If you choose to discontinue using the service and wish for your Personal Information to be deleted, please exercise your rights as described in the “Privacy Rights” section below.
2. You can choose to use the Service in a manner that limits the Personal Information we collect.
- Unity Editor opt-out
- You can opt-out of usage analytics in "Edit Your Privacy Settings" in the Privacy section under "My Account".
- Please note: You cannot opt-out of core business metrics analytics as such analytics are strictly necessary for us to run the services as they are used for items such as testing new system features to evaluate their impact, system and log maintenance, technical support, system debugging, deciding whether to continue to support certain operating systems.
- You can opt-out of usage analytics in "Edit Your Privacy Settings" in the Privacy section under "My Account".
- Unity Hub opt-out
- You can opt-out of usage analytics in the Privacy Settings under “Preferences”, indicated by the gear wheel.
- Pixyz Services
- You can opt-out of Usage Analytics collection anytime, by simply changing the parameter inside the software settings.
3. Generative AI
- Prior to using Generative AI we will provide a just-in-time notice (like an interstitial for example, when you log in) that will provide you with notice of a particular use of data and then gives you an opportunity to opt-out.
4. You can exercise your rights as described in the “Privacy Rights” section below.
5. You can opt out of receiving marketing-related emails from us or certain communications like email, by following the instructions in any marketing message you receive, or by withdrawing your consent. However:
- We reserve the right to confirm your opt-out; and
- Users who opt-out of marketing messages may still receive administrative, relationship, or transactional messages (e.g., we might send a notice about changes to our Terms of Service or changes to the functionality of a product or Service).
6. In any event, we will try to comply with your request(s) as soon as reasonably practicable.
In the following Services you can access, update, and delete your Personal Information through your account. To exercise your other rights, please contact us in accordance with the instructions immediately below, or in accordance with the ‘Contact Us’ section below.
- Unity Software
- Asset Store
- Unity Cloud Build
- Note: Unity may not be able to fulfill a request to delete (erase) or port a project without first receiving an account administrator’s permission. For requests to delete (erase) or port a project, please contact us in accordance with the instructions immediately below, or in accordance with the ‘Contact Us’ section below.
- SyncSketch
- You can delete your account by following the instructions here. To exercise your other rights, please contact us in accordance with the instructions immediately below, or in accordance with the ‘Contact Us’ section below.
- Unity Ads
- Unity Analytics
- Unity connected games service (including Multiplay)
- Unity Student Plan
- You can request access to your student verification data by emailing privacy@sheerid.com
- Unity’s Vivox Service
For ironSource Services
To exercise your rights for all ironSource Services, please see the relevant instructions in the ironSource Privacy Policy.
For Services not listed
To exercise your rights for all other Developer Services, please contact us in accordance with the instructions immediately below, or in accordance with the ‘Contact Us’ section below.
For efficiency, please note the service your request is about.
If you are signed up for VisualLive through Unity or if you were a customer of VisualLive before Unity purchased VisualLive, Unity's data privacy office will make every effort to fulfill your VisualLive access request within 10 business days.
We may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion).
8. Privacy Rights
Depending on the country or state in which you reside, you may have additional privacy rights. For more information on the applicable rights in, please choose the appropriate location in Brazil, Canada, European Economic Area (“EEA”) and United Kingdom (“UK”), Israel, Japan, Republic of Korea, and U.S.A. (California) below:
Brazil
The Brazilian General Data Protection Act provides you the right to:
- Confirm Unity's processing of your data;
- Access your data;
- Correct your incomplete, inaccurate, or outdated data;
- Request anonymization, blocking or elimination of unnecessary or excessive data or of data processed in noncompliance with the Brazilian General Data Protection Act;
- Port your data to other service providers or suppliers of products;
- Delete your personal data when processed with your consent;
- Obtain information on the public and private entities with whom Unity shared your data;
- Obtain information on the possibility of not providing consent and on the consequences of the denial;
- Revoke your consent to the processing of your data when we seek your consent; and
- Lodge complaints before data protection authorities.
Canada
The Canadian Personal Information Protection and Electronic Documents Act provides certain rights with respect to your personal data, such as:
- Right to Access - You have the right to request Unity provide you with a copy of your personal data.
- Right to Rectification (Correction) - You have the right to request Unity to correct any information about you that you believe is incorrect. You also have the right to request Unity to complete information about you that you believe is incorrect.
EEA and UK
The EU and UK General Data Protection Regulations (collectively, the “GDPR”) provide certain rights (when applicable to you) in relation to the way in which Unity processes your Personal Information as a data controller. You have the following rights:
- Right to Access - You have the right to request Unity provide you with a copy of your Personal Information.
- Right to Rectification (Correction) - You have the right to request Unity to correct any information about you that you believe is incorrect. You also have the right to request Unity to complete information about you that you believe is incorrect.
- Right to Erasure (Deletion) - You have the right to request Unity to erase your Personal Information, under certain conditions.
- Right to Restrict Processing - You have the right to request Unity to restrict the processing of your Personal Information, under certain conditions.
- Right to Object to Processing - You have the right to object to Unity’s processing of your Personal Information, under certain conditions.
- Right to Data Portability - You have the right to request Unity to transfer your Personal Information to another organization, or directly to you, under certain conditions.
- Right to Lodge a Complaint - You may lodge a complaint with an EEA data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs. In the UK, you may lodge a complaint with the Information Commissioner’s Office (“ICO”). A list of data protection authorities is available at https://ec.europa.eu/newsroom/article29/items/612080
- If you do have a complaint, we would appreciate the chance to deal with your concerns before approaching your supervisory body, so please contact us at dpo@unity3d.com if you wish to discuss any complaint.
The Israel Protection of Privacy Law 5741-1981:
- Any information provided by you is on a voluntary basis with no legal requirement to do so, but if you refuse to provide such information we may not be able to provide you with the Services. According to the Protection of Privacy Law, each person is entitled to inspect, either himself or through a representative authorized by him in writing or his guardian, any information about him kept in a database.
Japan
The Act on the Protection of the Personal Information of Japan provides certain rights with respect to your personal information, such as:
- The right to request a notification of the purposes of use of your personal information
- The right to request the disclosure, correction, addition, or deletion of your personal information
- The right to request the discontinuation of use or provision to any third party
- The right to request the disclosure of the record of provision of your personal information
- If you are a resident of Japan and wish to exercise any of the above rights, please email us at DPO@unity3d.com (or contact us at the address indicated in the “Contact Us” section listed below)
- Unity Technologies, GINZA SIX 8F, 6-10-1 Ginza, Chuo-ku, Tokyo Japan 104-0061
United States of America
- California
- Please see Section 18 “Additional Information for Residents of California” for additional information on how we handle your Personal Information and the privacy requests you may make under applicable law.
9. Transfers out of Country of Collection
Unity has implemented and maintains a framework consistent with applicable law for transfers of Personal Information outside of the country of collection, including for transfers out of the UK and/or EEA.
Your Personal Information may be stored and processed in any country where we have facilities, including ironSource which is headquartered in Israel, or in which we engage service providers, such as Google Cloud Platform and Salesforce and by using the Services you understand that your Personal Information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
Where this will involve transferring your Personal Information outside the UK and/or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Adequacy Decisions: Some non-EEA countries are recognized under the UK GDPR and by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here). For example, we may transfer to our affiliates who are located around the world, including Canada, Japan, New Zealand, Republic of Korea, Switzerland, and the United Kingdom.
Standard Contractual Clauses: For transfers of Personal Information from the UK and/or EEA to third countries, which are not considered adequate under the UK GDPR and/or by the European Commission, we have put in place standard contractual clauses adopted under the UK GDPR and/or by the European Commission to protect your Personal Information. For example, we use Google Cloud Platform’s infrastructure and data centers which are located around the world, including the United States. We rely on both controller-controller and controller-processor Standard Contractual Clauses. You may obtain a copy of these measures by contacting us in accordance with the “Contacting Us” section below. “UK GDPR” has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018.
Japan
For transfers from Japan to countries other than the EEA/UK, we have put adequate measures in place to protect your Personal Information.
The transferees are obligated to comply with equivalent or comparable rules to those under the Act on the Protection of Personal Information of Japan (APPI) on a continuous basis, and we periodically confirm their compliance. We also periodically confirm any changes to the data privacy regulations of other countries that may affect the compliance measures taken by our overseas affiliates and third-party service providers and take measures such as requesting that they take corrective measures or suspending the provision of Personal Information if any issues arise in the implementation of such compliance measures. We will provide you with further information on the measures we take in this regard upon your request.
10. Retention
We retain Personal Information for as long as is necessary or as permitted in light of the purpose(s) for which it was obtained and consistent with applicable law, for example, for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. The criteria to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Where a legal obligation arises or retention is advisable in light of our legal position, in some circumstances, we will retain certain Personal Information, even after your account has been deleted and/or we no longer provide the Services to you; for example:
- To cooperate with law enforcement or public, regulatory and government authorities: If we receive a preservation order or search warrant, related to your Services account, we will preserve Personal Information subject to such order or warrant after you delete your Services account.
- To comply with legal provisions on tax and accounting: We may retain your Personal Information, such as Name & Contact Details, Account Information, Billing & Financial Information, after you delete your Services account, as required by tax law and to comply with bookkeeping requirements. Please note the length of time may vary by country.
- For fraud and security purposes: We may retain your Personal Information for fraud or security purposes. In the event you have acted fraudulently through the use of the Services (e.g., by refusing monies properly owed for the Services), we may retain Name & Contact Details, Company Information, Account Information, and IP address.
- To pursue or defend a legal action: We may retain relevant Personal Information in the event of a legal claim or complaint, including regulatory investigations or legal proceedings about a claim related to your Personal Information, or if we reasonably believe there is a prospect of litigation (whether in respect of our relationship with you or otherwise) after the dispute has been settled or decided by a court or tribunal from which there is no further right of appeal. The criteria for determining the length of time we will retain this information include:
- Whether there is a legal obligation to which we are subject (for example, if the settlement or decision requires us to keep the records for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
11. Security
We employ a variety of measures to safeguard the collection, transmission, and storage of the information we collect. These measures vary based on the sensitivity of the information that we collect, process, and store, and the current state of technology. Please note that no system can be guaranteed to be 100% secure. Therefore, while we strive to employ reasonable protections for your information that are appropriate to its sensitivity, we cannot guarantee or warrant the security of the information you share with us, and we cannot be responsible for the theft, destruction, loss or inadvertent disclosure of your information. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below
12. Biometric Information
Please note, Unity is a data processor for biometric information. The following Section contains legal information which is only applicable under U.S. Law.
Your use of certain features may result in the collection of biometric information. Biometric information is any information based on an individual's biometric identifier used to identify an individual. Biometric information that may be collected depending on how you use Unity's products includes scans of an individual's hand or face geometry. For example, if you are using Unity AR Companion App to scan a person's hand or face geometry, that may be considered to be collecting biometric information under applicable laws. At this time, Unity only stores scans collected through your use of the Unity AR Companion App in accordance with how you choose to store the data, but we do not otherwise use such scans.
We use commercially reasonable organizational, technical, and administrative methods designed to protect biometric information within our organization.
We retain biometric information for as long as needed or permitted in light of the purposes stated in this policy, unless a longer retention period is permitted or required by applicable law. For more information on the criteria used to determine our retention periods, please see the "Retention" section in our Privacy Policy.
We will destroy or dispose of your biometric information as required by applicable law. For example, we may destroy electronic records of biometric information through such processes as overwriting magnetic media, degaussing, or physical destruction, and we may dispose of paper records by such processes as shredding or incineration.
Please note you may need to make your request for deletion through Unity’s customer as we do not directly collect your Personal Information and cannot likely locate your account without our customer’s assistance.
13. Cookie & Advertising Policy
We may collect Personal Information using cookies and similar technologies. For more information on how Unity uses cookies, the types of cookies and other technologies used, and your privacy choices, please see our Cookie & Advertising Policy.
To update your cookie preferences, please select "Cookie Settings" at the bottom of the web page or click the shield icon.
14. Sites and Services Operated by Others
The Unity Service may contain links to other sites, applications, and services. Because Unity does not operate those other sites, applications, and services, we cannot take responsibility for the privacy practices of the entities that operate them. We recommend that you consistently check privacy policies to understand an operator’s practices. As a reminder, this Privacy Policy describes Unity’s practices.
This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.
The Services may provide functionality allowing you to make payments to us using third-party payment services with which you have created your own account. When you use such a service to make a payment to us, your Personal Information will be collected by such a third party and not by us and will be subject to the third party’s privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, this third party’s collection, use, and disclosure of your Personal Information.
In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.
15. Other Useful Information
Some of Unity’s product features require access to your camera. While using these features we ask that you be aware of your surroundings and be considerate of others. Use of these features may result in cached images being saved to your device. In certain products, we may save your images to our cloud servers. For Unity the Unity AR Companion App, you will be notified at the time of access if the images are being saved to our servers. Please keep your security features on your device up to date and securely dispose of your device when you change devices by clearing this information.
For more information on the Unity AR Companion app, which is one of our services that uses your camera, please see the App's Supplemental Privacy Notice.
You will have an opportunity to consent to camera access prior to Unity accessing your camera.
For more information on Unity's policies and other Legal Information, please see our Legal Information page.
16. Contact Us
Unity Technologies SF, located at 30 3rd Street, San Francisco, CA 94103, USA, is the organization responsible for collection, use, and disclosure of your Personal Information under this Privacy Policy.
Our European Contact remains Unity Technologies ApS, located at Niels Hemmingsens Gade 24, 1153 Copenhagen, Denmark.
If you have any questions about this Privacy Policy, please contact us at DPO@unity3d.com.
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
You can contact us as follows:
- DPO@unity3d.com
- Unity Technologies, 30 3rd Street, San Francisco, CA 94103 (United States contact)
- Unity Technologies ApS, Niels Hemmingsens Gade 24, 1153 Copenhagen, Denmark (European Union contact)
- Unity Technologies, GINZA SIX 8F, 6-10-1 Ginza, Chuo-ku, Tokyo Japan 104-0061 (Japan Contact)
17. Changes to this Privacy Policy
The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services.
We reserve the right to change our practices and this Policy at any time. We may also send an email or provide notice within some or all of our offerings when this Policy changes. We encourage you to check this page regularly so that you know what our current practices are.
18. Additional Information for Residents of California
Collection and Disclosure of Personal Information
The following chart details which categories of Personal Information we collect and process, as well as which categories of Personal Information we disclose to third parties for our operational business purposes, including within the 12 months preceding the date this Privacy Policy was last updated. You may view our CCPA Transparency Report at https://unity.com/legal/privacy-report. This report provides details on our responses to requests to access, delete or opt-out under CCPA.
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Identifiers, such as name, signature, contact information, online identifiers, and government-issued ID numbers | affiliates; service providers; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | none | none |
Personal information as defined in the California customer records law, such as name, contact information, payment card number, financial information, medical information, insurance information, education information, employment information, and government-issued ID numbers | affiliates; service providers; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | none | none |
Characteristics of protected classifications under California or federal law, such as sex, age, race, disability, and marital status | affiliates; service providers; marketing partners; contest sponsors; legal authorities | none | none |
Commercial Information, such as transaction information and purchase history | affiliates; service providers; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | none | none |
Biometric information, such as scans of hand and face geometry | affiliates; service providers; legal authorities | none | none |
Internet or network activity information, such as browsing history and interactions with our Services | affiliates; service providers; ad networks; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Geolocation Data, such as approximate location derived from IP address | affiliates; service providers; ad networks; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Audio/Video Data. Audio, electronic, visual, and similar information, such as call and video recordings | affiliates; service providers; marketing partners; legal authorities | none | none |
Education Information subject to the federal Family Educational Rights and Privacy Act such as student records, directory information | affiliates; service providers; legal authorities | none | none |
Employment Information. Professional or employment-related information, such as work history and prior employer | affiliates; service providers; legal authorities | ad networks | ad networks |
Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences or characteristics | affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Sensitive Personal Information. - Personal Information that reveals an individual’s social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, citizenship, immigration status, or union membership; the contents of mail, email, and text messages unless Unity is the intended recipient of the communication; genetic data; - The processing of biometric information for the purpose of uniquely identifying an individual; - Personal Information collected and analyzed concerning an individual’s health; - Personal Information collected and analyzed concerning an individual’s sex life or sexual orientation; - Personal Information collected from a known child. | affiliates; service providers; legal authorities | none | none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Identifiers, such as name, signature, contact information, online identifiers, and government-issued ID numbers | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Personal information as defined in the California customer records law, such as name, contact information, payment card number, financial information, medical information, insurance information, education information, employment information, and government-issued ID numbers | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Characteristics of protected classifications under California or federal law, such as sex, age, race, disability, and marital status | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Commercial Information, such as transaction information and purchase history | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Biometric information, such as scans of hand and face geometry | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Internet or network activity information, such as browsing history and interactions with our Services | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Geolocation Data, such as approximate location derived from IP address | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Audio/Video Data. Audio, electronic, visual, and similar information, such as call and video recordings | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; marketing partners; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Education Information subject to the federal Family Educational Rights and Privacy Act such as student records, directory information | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Employment Information. Professional or employment-related information, such as work history and prior employer | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences or characteristics | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Sensitive Personal Information. - Personal Information that reveals an individual’s social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, citizenship, immigration status, or union membership; the contents of mail, email, and text messages unless Unity is the intended recipient of the communication; genetic data; - The processing of biometric information for the purpose of uniquely identifying an individual; - Personal Information collected and analyzed concerning an individual’s health; - Personal Information collected and analyzed concerning an individual’s sex life or sexual orientation; - Personal Information collected from a known child. | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|
Individual Requests
If you are a California resident, you may make the following requests:
- You may request that we disclose to you the following information covering the 12 months preceding your request:
- The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
- The business or commercial purpose for collecting or sharing Personal Information about you;
- The categories of Personal Information about you that we shared (as defined under the applicable privacy law) and the categories of third parties to whom we shared such Personal Information; and
- The categories of Personal Information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such Personal Information (if applicable).
- You may request to correct inaccuracies in your Personal Information;
- You may request to have your Personal Information deleted; and
- You may request to receive specific pieces of Personal Information, including, where applicable, to obtain a copy of the Personal Information you provided to us in a portable format.
Please note that Unity has placed a California Notice of Rights on its website to explain how California residents may exercise their privacy rights under the California Consumer Privacy Act. This notice is incorporated into this policy.
We will not unlawfully discriminate against you for exercising your rights under applicable privacy law. To make a privacy request, please contact us at DPO@unity3d.com or Unity Technologies, 30 3rd Street, San Francisco, CA 94103. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as email address/ username/ country associated with the account where applicable, in order to verify your identity and protect against fraudulent requests. If you make a request to delete, we may ask you to confirm your request before we delete your Personal Information.
We do not sell or “share” the Personal Information of Developers, and we have not engaged in such activities in the preceding 12 months. Without limiting the forgoing, we do knowingly not sell or “share” the Personal Information of Developers who are minors under 16 years of age.
Authorized Agents
If an agent would like to make a request on your behalf as permitted under applicable law, the agent may use the submission methods noted in the section entitled “Individual Requests.” As part of our verification process, we may request that the agent provide, as applicable, proof concerning his or her status as an authorized agent. In addition, we may require that you verify your identity as described in the section entitled “Individual Requests” or confirm that you provided the agent permission to submit the request.
- For third party representatives writing in on behalf of Unity account holders, please provide the name and any signed documentation you may have to act on behalf of the account holder, or you may ask the account holder to write to us from their account email to provide us permission to transact with you directly. Unity reserves the right to take reasonable steps to verify the authenticity of identities and authorizations in compliance with applicable laws prior to making any disclosures.
De-Identified Information
Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.
Providing Personal Information to third parties for direct marketing purposes: California residents have the right to request the identity of any third parties to whom the resident’s Personal Information was provided, if such provision was to enable the third party’s direct marketing efforts. If you are a California resident and wish to make such a request, please submit your request to DPO@unity3d.com. Alternatively, you may opt-out of having your personal information shared with third parties for their direct marketing purposes, by emailing us at DPO@unity3d.com.
How we respond to “Do Not Track” signals: We are committed to providing you with meaningful choices about the information collected on our Services. Our cookie management tool on our website recognizes browser-initiated Do Not Track signals. To learn more about Do Not Track signals, you can visit allaboutdnt.com.
Removal of content.
Pursuant to California Business & Professions Code section 22581, if you are a resident of California, under 18, and a registered user of the Services, you may ask us to remove content or information that you have posted to the Services by writing to DPO@unity3d.com. Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.