Game Player and App User Privacy Policy
Last Updated: December 4, 2024
Last Edit/ Review: July 3, 2024
1. Frequently Asked Questions (FAQs)
These FAQs provide a handy entry point to our longer and more comprehensive Privacy Policy (below). They enhance rather than replace the important notices in this Privacy Policy, which governs our collection, use, storage, and sharing of the information that we collect or receive from you.
What’s new as of December 4, 2024?
On December 4, 2024, we updated our position with LevelPlay from a “Data Processor” to a “Data Controller”. We also made some formatting updates, updated our Third Party Partners list.
The difference between an edit/review and an update is that "updates" involve material changes to our Policy whereas edits are not material or simply indicate a review has occurred. For example, we may make clarifying edits by giving additional examples. When we provide an update, you will receive a notice to accept and read the changes, which are summarized here.
2. Privacy Policy Overview
Unity Technologies and its subsidiaries and affiliates (collectively “Unity”) offer a variety of products, Services, and websites for Developers and App Users that will be referred to in this Policy as the “Service” or “Services.” The Policy refers to Unity as “we” or “us” and to game players / App Users as “you.” When we say “device,” we mean any device, including desktop, laptop, PC or Mac computers, smartphones, tablets, or any other device that is used to access or interact with the Service. When we say “Developer,” or “Publisher” we mean a third party that develops and/or distributes a game or other app made with and/or using Unity Services. When we say “App User” we mean a game player or person who is using an app made with and/or using Unity Services. When we say “User” we mean an App User and people browsing our websites. “Struckd” is inclusive of all Struckd by Unity products. When we say “Personal Information” we mean information that identifies you as an individual or relates to an identifiable individual. Personal Information does not include aggregated, de-identified, and/ or anonymized information, i.e., when the information has been transformed so that it no longer relates back to a person's identity.
It is important that you read this Privacy Policy together with any other privacy policy or fair processing notice we may provide on specific occasions when we are collecting or processing Personal Information, so that you are fully aware of how and why we are using your Personal Information. To learn about our practices for Developer data, please see our Developer Privacy Policy. You can find a link to all privacy notices here.
This App User Privacy Policy (this “Policy”) will provide you with information on how Unity Technologies (herein “we”, “us”, “our”, or “Unity”) will collect, use, store, share or otherwise handle your Personal Information (as described below) that we are responsible for and collect or receive through your use of applications (“app” or “apps”) which are owned by third parties but utilize Unity’s technology. This Privacy Policy also applies to Personal Information we collect offline, such as when you call us or interact with Unity in person, such as at an industry event or at a place of business.
Developers use our products in their applications. They may collect Personal Information that we, they, or another party is responsible for. This Policy only applies to your Personal Information that we are responsible for when acting as a data controller and as explained below. As such, please be sure to also read the privacy policy for the application you are using for a full understanding of how Developers use your Personal Information.
3. Information We Collect
Depending on how you interact with Unity (e.g., by contacting us, by interacting with our website) we may collect the following categories of Personal Information:
A. Personal Information we receive from you:
Name & Contact Details | Such as first and last name, title, prefix, email address, telephone number, postal address, country of residence. |
Account Information | Such as password(s) you create to access the Service, username/user ID. For Struckd, this may include your age or date of birth, which we do not store. |
Social Network Information | When you log into our Services with a social network account, you may have the option of sharing information, such as the username you use on that network and your friends list or other information that you or the third-party social network choose to share with Unity. By doing so, you understand that the use of shared information will be governed by the social media provider’s privacy policy and this Privacy Policy. |
Information Uploaded Through Use of Services | In using the Services, such as the Struckd App, a User may upload information such as assets for publication or display on public areas of the App. Please note that any information you post or disclose through these Services will become public and may be available to other Users and the general public. |
Information Provided Through Use of Services | In using the Services, such as the Struckd App,Users provide us with various information when they participate in community and forum pages. Please note that any information you post or disclose through these public forums will be available to other Users and the general public. |
Biometric Information | We may collect information, including voice data, associated with our Users’ storage of data they collect from you using our tools, such as Safe Voice which may be considered biometric information under applicable laws. For more information on our collection of biometric information, please refer to the Biometric Information section below. |
Name & Contact Details | |
Such as first and last name, title, prefix, email address, telephone number, postal address, country of residence. |
Account Information | |
Such as password(s) you create to access the Service, username/user ID. For Struckd, this may include your age or date of birth, which we do not store. |
Social Network Information | |
When you log into our Services with a social network account, you may have the option of sharing information, such as the username you use on that network and your friends list or other information that you or the third-party social network choose to share with Unity. By doing so, you understand that the use of shared information will be governed by the social media provider’s privacy policy and this Privacy Policy. |
Information Uploaded Through Use of Services | |
In using the Services, such as the Struckd App, a User may upload information such as assets for publication or display on public areas of the App. Please note that any information you post or disclose through these Services will become public and may be available to other Users and the general public. |
Information Provided Through Use of Services | |
In using the Services, such as the Struckd App,Users provide us with various information when they participate in community and forum pages. Please note that any information you post or disclose through these public forums will be available to other Users and the general public. |
Biometric Information | |
We may collect information, including voice data, associated with our Users’ storage of data they collect from you using our tools, such as Safe Voice which may be considered biometric information under applicable laws. For more information on our collection of biometric information, please refer to the Biometric Information section below. |
B. Personal Information we collect through your use of our Services or from other sources:
Device Information | Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
IP Address | Our systems automatically collect an IP address when Users access the Service. IP addresses can be used to learn about the general location (e.g., city, state, and country) of the User’s point of access to the web. |
Log Information | When you access the Unity website, Services or products that use an aspect of our Service, we may log a variety of technical information (“Log Info”), including but not limited to User ID, device identifiers (including advertiser ID), browser information, session IDs, session token data, authentication token data, unique app installation-specific ID, login data, play session information, and events such as monetization events and/or campaign and app interaction events. To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. |
Cookies and Related Technologies | We collect Personal Information through cookies and similar technologies. For more information on how Unity uses cookies, the types of cookies and other technologies used, and your privacy choices, please see our Cookie & Advertising Policy. |
Other Information | We may obtain additional information about you from third parties such as marketers, partners, researchers, and others. We may combine information that we collect from you with information about you that we obtain from such third parties and information derived from any other subscription, product, or Service we provide. |
Device Information | |
Such as information about your devices and your use of our Services. This includes data obtained through cookies and similar technologies, as described in our Cookie & Advertising Policy. |
IP Address | |
Our systems automatically collect an IP address when Users access the Service. IP addresses can be used to learn about the general location (e.g., city, state, and country) of the User’s point of access to the web. |
Log Information | |
When you access the Unity website, Services or products that use an aspect of our Service, we may log a variety of technical information (“Log Info”), including but not limited to User ID, device identifiers (including advertiser ID), browser information, session IDs, session token data, authentication token data, unique app installation-specific ID, login data, play session information, and events such as monetization events and/or campaign and app interaction events. To the extent cookies and similar technologies are used to do this, please see our Cookie & Advertising Policy. |
Cookies and Related Technologies | |
We collect Personal Information through cookies and similar technologies. For more information on how Unity uses cookies, the types of cookies and other technologies used, and your privacy choices, please see our Cookie & Advertising Policy. |
Other Information | |
We may obtain additional information about you from third parties such as marketers, partners, researchers, and others. We may combine information that we collect from you with information about you that we obtain from such third parties and information derived from any other subscription, product, or Service we provide. |
C. Sensitive Information:
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership) on or through the Unity website, the Services or otherwise to us.
D. Aggregated, De-Identified, and/ or Anonymized Information:
We may aggregate, de-identify, and/ or anonymize Personal Information, i.e., transform the information so it no longer relates back to a person's identity so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
4. How We Use the Information we Collect or Receive
Below, you will find a table depicting how we use the information we collect or receive through the use of our Services.
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Service Provision & Maintenance |
|
|
| |
Social Sharing | Facilitating social sharing, such as through your Struckd account. | - Consent, such as: - When you have opted in to sharing your social media account(s) with us. - Legitimate Interests, such as: - Interacting with you on social media through posts - Attributing a contribution to an individual - Performance of the Terms of Service Agreement we enter with you to provide the Services, such as fulfilling our obligations associated with those who sign up to the Unity Affiliate Program. |
| |
Promotions & Contests | Allowing you to participate in sweepstakes, contests, or other promotions, such as related to Struckd. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Information, which we will communicate to you separately | - Manage our contractual relationship, such as fulfilling obligations associated with a contest. - Consent, such as: - When you have opted into relevant marketing communications - When we collect Personal Information through our use of cookies and similar technologies. |
| |
Personalizing Services |
| - Consent, such as - To send you offers tailored to your specific interests, and/or behavior. - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interests, such as: - Providing tailored Services based on past usage and/or preferences, and such tailoring is based on basic and privacy-non-intrusive segmentation. |
| |
Business Reporting |
| - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Consent such as when we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interests, such as developing new Services and/ or products |
| |
Security Purposes |
|
|
| |
Legal Purposes |
| - Comply with a legal obligation - Legitimate Interests, such as: - Securing our services, investigating cyber intrusions, fraud, & abuse. - Reporting company progress to key-stakeholders and making decisions on such reporting - Protecting our operations, rights, safety, or property - Pursuing all available legal remedies, defending claims, and limiting damages we may sustain |
| |
Law Enforcement Requests |
|
|
| |
Business Transactions | -In connection with a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). You will be notified of any such business transaction and of possible changes to the processing of your Personal Information in accordance with applicable law.* |
|
| N/A |
Emergency & Incident Response |
| - Legitimate Interests, such as in monitoring, reacting to, and documenting an emergency and/ or incident. |
| |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Service Provision & Maintenance | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR
| ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Social Sharing | ||||
Examples of Processing Activities Facilitating social sharing, such as through your Struckd account. | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Consent, such as: - When you have opted in to sharing your social media account(s) with us. - Legitimate Interests, such as: - Interacting with you on social media through posts - Attributing a contribution to an individual - Performance of the Terms of Service Agreement we enter with you to provide the Services, such as fulfilling our obligations associated with those who sign up to the Unity Affiliate Program. | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Promotions & Contests | ||||
Examples of Processing Activities Allowing you to participate in sweepstakes, contests, or other promotions, such as related to Struckd. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Information, which we will communicate to you separately | ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Manage our contractual relationship, such as fulfilling obligations associated with a contest. - Consent, such as: - When you have opted into relevant marketing communications - When we collect Personal Information through our use of cookies and similar technologies. | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Personalizing Services | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Consent, such as - To send you offers tailored to your specific interests, and/or behavior. - When we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interests, such as: - Providing tailored Services based on past usage and/or preferences, and such tailoring is based on basic and privacy-non-intrusive segmentation. | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Business Reporting | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Performance of the Terms of Service Agreement we enter with you to provide the Services. - Consent such as when we collect Personal Information through our use of cookies and similar technologies. - Legitimate Interests, such as developing new Services and/ or products | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Security Purposes | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR
| ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Legal Purposes | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Comply with a legal obligation - Legitimate Interests, such as: - Securing our services, investigating cyber intrusions, fraud, & abuse. - Reporting company progress to key-stakeholders and making decisions on such reporting - Protecting our operations, rights, safety, or property - Pursuing all available legal remedies, defending claims, and limiting damages we may sustain | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Law Enforcement Requests | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR
| ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Business Transactions | ||||
Examples of Processing Activities -In connection with a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). You will be notified of any such business transaction and of possible changes to the processing of your Personal Information in accordance with applicable law.* | ||||
Personal Information Categories
| ||||
Legal Basis under GDPR
| ||||
Third-Party Sources N/A |
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|---|---|---|---|
Emergency & Incident Response | ||||
Examples of Processing Activities
| ||||
Personal Information Categories | ||||
Legal Basis under GDPR - Legitimate Interests, such as in monitoring, reacting to, and documenting an emergency and/ or incident. | ||||
Third-Party Sources
|
Purpose | Examples of Processing Activities | Personal Information Categories | Legal Basis under GDPR | Third-Party Sources |
---|
*Services Provided Include:
--> User Acquisition
Allows Developers to run ad campaigns to find the most valuable users to keep their application growing.
--> Audience Pinpointer
Allows Developers to optimize advertising campaigns
--> Mediation
Allows Developers to establish rules for how that developer’s partnered ad networks can bid on the developer’s inventory
--> Header Bidding
Allows ad networks to participate in a real time auction for a specific piece of inventory.
--> Unity Ads
Allows Developers to implement advertising in their application.
-->Unity Ads & Analytics product
Allows Developers to implement in-app advertisement placements which will be sold to various demand sources on the Unity network.
--> deltaDNA Predictive Segments
Analytics which creates predictions about user behavior
--> IAP
Allows Developers to integrate their in-game economies with the applicable platforms' in app purchase transaction mechanisms.
--> Unity Player Sign In
Allows App Users to create an account so they have a persistent ID across projects or games/apps.
-> Unity Rewards Offerwall
Allows Users to complete various offers in order to earn rewards in participating Developer applications.
-> Unity Levelplay
Allows Developers to manage and optimize their monetization strategy through mediation.
-> Struckd
Allows Users to create, and play games on mobile and web applications.
**For more information on our legal obligations, please see section ‘Other Disclosures’ below.
*** For more information on disclosure of Personal Information in connection with a sale or business transaction, please see ‘Other Disclosures’ below.
5. Sharing Information
Below, you will find an outline of scenarios in which information may be shared using our Services.
Our Affiliates, including ironSource | All purposes described in this Privacy Policy |
Developers | Developers using some of our Services including Unity Analytics, will have ongoing access to Personal Information about the App User, including information relating to the users previous purchases, actions completed within their games, and entitlements to be received. |
Vendors & Service Providers | We share Personal Information with select vendors and service providers to help us provide our Services such as: - Website & Data Hosting and Analytics - These assist us with operations and general business such as: - Providing the functionality of the Services - Storing and transferring data in a secure manner - Improving and developing new products and Services - Data analytics - Payment Processors - Facilitating financial transactions. Our payments processors request that we provide you with a link to their privacy statements: - Tilia (used for Struckd Mobile) - Privacy Statement - Fraud & Security - These assist us with activities such as: - Protecting and securing our systems and Services - Monitoring, investigating, and taking action on fraudulent activity - Professional Services - These provide a variety of services to us such as audit, legal, and financial. - Information Technology - These assist us with infrastructure provision |
Law Enforcement or other similar parties | For safety, security, and legal compliance, including: - When we are required to disclose the information in response to legal process (e.g., if we receive a court order, search warrant, subpoena, or similar legal process); - If we believe that the Service is being used in the commission of a crime, including to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction; - To protect the vital interests of you, another person or the public, for example when there is a meaningful risk that poses a threat to the safety of you, another person or the public generally; and - In order to protect the rights or property of Unity, including to enforce the terms and licenses that govern the use of the Services. |
Advertisers | As discussed in our Cookie & Advertising Policy, we may permit advertisers and their agents to use cookies or related technologies within the Service to store information on or read information from your browser or device so that they can optimize their advertising campaigns, including to frequency cap and deliver targeted ads. Unity Ads - We use Personal Information as discussed in this policy collected from Developers’ apps to place personalized ads in Developers’ apps and elsewhere. This usage will permit other parties, such as publishers and attribution companies, to learn about the devices that received, viewed or interacted with ads. For more information about our partners, please see the section Unity Ads Privacy Features and Third-Party Partners in Providing Advertising. |
To third parties in the event of a business transaction | |
Bidding Partners | We use Personal Information as discussed in this policy with our Bidding Partners for our Mediation Service. For more information about our partners, please see the section Unity Ads Privacy Features and Third-Party Partners in Providing Advertising. |
Third-party products and Services | As discussed in our Cookie & Advertising Policy and elsewhere, we may permit advertisers and their agents to use cookies or related technologies within the Service to store information on or read information from your browser or device so that they can optimize their advertising campaigns, including to frequency cap and deliver targeted ads. |
With your consent | We may share your information for other purposes if (i) you direct us to do so or (ii) you consent to such sharing. |
Due to your actions | Sharing can happen within our Services and outside it when you take certain actions. For example: - When you share a replay on a social network – depending on your privacy settings at the relevant social network – some users of the relevant social network will be able to see the replay; - When you post comments on our forums, visitors and other forum users will be able to see your username, photo, and comments; - When you publish games on the Struckd, your game and profile will be visible; - When you ask to be matched with another player to play a connected game. |
Our Affiliates, including ironSource |
All purposes described in this Privacy Policy |
Developers |
Developers using some of our Services including Unity Analytics, will have ongoing access to Personal Information about the App User, including information relating to the users previous purchases, actions completed within their games, and entitlements to be received. |
Vendors & Service Providers |
We share Personal Information with select vendors and service providers to help us provide our Services such as: - Website & Data Hosting and Analytics - These assist us with operations and general business such as: - Providing the functionality of the Services - Storing and transferring data in a secure manner - Improving and developing new products and Services - Data analytics - Payment Processors - Facilitating financial transactions. Our payments processors request that we provide you with a link to their privacy statements: - Tilia (used for Struckd Mobile) - Privacy Statement - Fraud & Security - These assist us with activities such as: - Protecting and securing our systems and Services - Monitoring, investigating, and taking action on fraudulent activity - Professional Services - These provide a variety of services to us such as audit, legal, and financial. - Information Technology - These assist us with infrastructure provision |
Law Enforcement or other similar parties |
For safety, security, and legal compliance, including: - When we are required to disclose the information in response to legal process (e.g., if we receive a court order, search warrant, subpoena, or similar legal process); - If we believe that the Service is being used in the commission of a crime, including to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction; - To protect the vital interests of you, another person or the public, for example when there is a meaningful risk that poses a threat to the safety of you, another person or the public generally; and - In order to protect the rights or property of Unity, including to enforce the terms and licenses that govern the use of the Services. |
Advertisers |
As discussed in our Cookie & Advertising Policy, we may permit advertisers and their agents to use cookies or related technologies within the Service to store information on or read information from your browser or device so that they can optimize their advertising campaigns, including to frequency cap and deliver targeted ads. Unity Ads - We use Personal Information as discussed in this policy collected from Developers’ apps to place personalized ads in Developers’ apps and elsewhere. This usage will permit other parties, such as publishers and attribution companies, to learn about the devices that received, viewed or interacted with ads. For more information about our partners, please see the section Unity Ads Privacy Features and Third-Party Partners in Providing Advertising. |
To third parties in the event of a business transaction |
Bidding Partners |
We use Personal Information as discussed in this policy with our Bidding Partners for our Mediation Service. For more information about our partners, please see the section Unity Ads Privacy Features and Third-Party Partners in Providing Advertising. |
Third-party products and Services |
As discussed in our Cookie & Advertising Policy and elsewhere, we may permit advertisers and their agents to use cookies or related technologies within the Service to store information on or read information from your browser or device so that they can optimize their advertising campaigns, including to frequency cap and deliver targeted ads. |
With your consent |
We may share your information for other purposes if (i) you direct us to do so or (ii) you consent to such sharing. |
Due to your actions |
Sharing can happen within our Services and outside it when you take certain actions. For example: - When you share a replay on a social network – depending on your privacy settings at the relevant social network – some users of the relevant social network will be able to see the replay; - When you post comments on our forums, visitors and other forum users will be able to see your username, photo, and comments; - When you publish games on the Struckd, your game and profile will be visible; - When you ask to be matched with another player to play a connected game. |
Other Disclosures
Additional information for those located in the European Economic Area
We also disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so, as set out in further detail below.
Purpose | Further Detail |
---|---|
To comply with applicable law and regulations | This may include laws outside your country of residence, which could give rise to a legal obligation requiring us to process your Personal Information, including: - Civil and commercial matters: - Where we are in receipt of a court order to disclose information for the purposes of court proceedings, such as under Regulation (EU) No 1215/2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters. - To comply with Council Regulation (EC) No 1206/2001 of 28 May 2001 on cooperation between the courts of the Member States in the taking of evidence in civil or commercial matters. - Criminal matters: to comply with requests and orders from EU and EU Member State law enforcement to provide information in relation to a criminal investigation in compliance with applicable local laws, or to take steps to report information we believe is important to law enforcement where so required or advisable under applicable local laws. - Consumer matters: to comply with requests from competent authorities under EU or EU Member State consumer protection law, such as under Directive (EU) 2019/2161 and its implementing laws in EU Member States. - Corporate and taxation matters: to comply with our obligations under applicable EU Member State corporate and tax legislation, such as where a national tax law of an EU Member State requires collection of specific transactional personal information for tax purposes. - Regulatory matters: to respond to a request or to provide information we believe is necessary or appropriate to comply with our obligations to engage with regulators, such as when relevant EU Member State data protection supervisory authorities initiate investigation under the General Data Protection Regulation into our Company. These can include authorities outside of your country of residence. - Compliance and internal investigations: to comply with whistleblowing requirements under Directive (EU) 2019/1937 and its implementing laws in EU Member States. - Health and safety regulations: to comply with health and safety reporting obligations in accordance with applicable local laws, such as in relation to accidents involving members of the public on our premises. - Compliance with the Digital Services Act: (Regulation (EU) 2022/2065) and any other applicable laws. Note: Unity will provide its users of impacted services with aggregate reporting regarding Unity’s compliance with the Digital Services Act upon the user’s request. |
For other legal reasons |
|
Purpose | Further Detail |
---|---|
To comply with applicable law and regulations | |
Further Detail This may include laws outside your country of residence, which could give rise to a legal obligation requiring us to process your Personal Information, including: - Civil and commercial matters: - Where we are in receipt of a court order to disclose information for the purposes of court proceedings, such as under Regulation (EU) No 1215/2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters. - To comply with Council Regulation (EC) No 1206/2001 of 28 May 2001 on cooperation between the courts of the Member States in the taking of evidence in civil or commercial matters. - Criminal matters: to comply with requests and orders from EU and EU Member State law enforcement to provide information in relation to a criminal investigation in compliance with applicable local laws, or to take steps to report information we believe is important to law enforcement where so required or advisable under applicable local laws. - Consumer matters: to comply with requests from competent authorities under EU or EU Member State consumer protection law, such as under Directive (EU) 2019/2161 and its implementing laws in EU Member States. - Corporate and taxation matters: to comply with our obligations under applicable EU Member State corporate and tax legislation, such as where a national tax law of an EU Member State requires collection of specific transactional personal information for tax purposes. - Regulatory matters: to respond to a request or to provide information we believe is necessary or appropriate to comply with our obligations to engage with regulators, such as when relevant EU Member State data protection supervisory authorities initiate investigation under the General Data Protection Regulation into our Company. These can include authorities outside of your country of residence. - Compliance and internal investigations: to comply with whistleblowing requirements under Directive (EU) 2019/1937 and its implementing laws in EU Member States. - Health and safety regulations: to comply with health and safety reporting obligations in accordance with applicable local laws, such as in relation to accidents involving members of the public on our premises. - Compliance with the Digital Services Act: (Regulation (EU) 2022/2065) and any other applicable laws. Note: Unity will provide its users of impacted services with aggregate reporting regarding Unity’s compliance with the Digital Services Act upon the user’s request. |
Purpose | Further Detail |
---|---|
For other legal reasons | |
Further Detail
|
Purpose | Further Detail |
---|
6. Our Policies Concerning Children
Unity Struckd
If the user is a child, we may collect and store the below information solely for our internal operations and our legitimate interest:
- IP address
- Unique Installation-specific ID
- Randomly generated User ID
- Vendor ID
- Device ID
We collect the above information
- for internal analytics to understand the service and e.g., why an error is occuring in Struckd or what causes users to engage with Struckd
- so that we can send push notification
- so that we can make updates to the application without needing to push an update
We may share some of this information with our service providers who we contract with to help us provide our services to you. Please note, while we collect country and birth date, this information is not stored.
Unity Advertising Services
Developers using Unity’s Advertising Services may offer any of the following three categories of applications: 1) child-directed (Users are likely children), 2) mixed audience (Users are both children and non-children), 3) non-child directed (Users are unlikely to be children). If the application is a mixed audience, the Developer should implement an age-gate where required by law, and send a signal to Unity which indicates that we need to limit data collection, serve non-personalized ads, or otherwise disable the service. The Developer similarly categorizes applications which are specifically child-directed. A child is considered to be any User under the age of consent in their applicable jurisdiction.
In connection with the Ads Service, in the event we receive a signal from a Developer, we reduce our data collection for our Ads Service. In such instances, we will only collect Personal Information listed below. We collect this Personal Information for internal operations and our legitimate interests in providing the Service.
- IP address is used to provide a compliant experience suitable for the User’s region.
- Unique Installation-specific ID is used for operational purposes related to the serving of contextual advertisements.
- User ID is used in connection with providing rewards in exchange for watching an ad. Unity uses a developer-set identification (User ID) to let the Developer know when a User with the User ID has completed the watched the ad and is therefore entitled to receive the in-game reward (coin, gems, etc.).
In connection with the Unity Rewards service, in the event we receive a signal from a Developer, we will collect and maintain a service-specific identifier associated with the Developer’s application in order to enable a service block since the Unity Rewards service is not intended for children.
Our Services are otherwise not intended for children. If you are aware that our Services are otherwise collecting Personal Information about children, please contact us at DPO@unity3d.com
If you or your parent or guardian have questions about this policy or how we use your personal information, you can contact us at DPO@unity3d.com.
7. Your Choices About Unity’s Collection and Use of Your Information
Below, you will find information about your choices regarding Unity’s collection and use of your information through the use of our Services.
A. Unity Ads opt-out
- You cannot opt-out of receiving ads in games or apps using Unity Ads, but you can take steps to opt-out of certain personalized ads, within the ad unit, by clicking or tapping the Data Privacy icon.
B. Unity Ads opt-in
- In certain jurisdictions, Unity will ask for your affirmative consent before serving you personalized ads. Your consent (and other privacy choices) may be changed at any time within the ad unit by clicking or tapping the Data Privacy icon
C. Analytics
- Developers may choose to install a mechanism to opt-out of analytics.
D. Unity Player Sign-In
- You may opt-out of aggregated analytics by clicking the “opt-out” button at the bottom of the screen.
E. Safe Voice
- Developers may install a mechanism to opt-out.
F. Unity Rewards Offerwall
- Developers should have a User opt-out mechanism. Access and erasure requests can be submitted through this webform.
G. Unity Struckd
- Users can opt-out of optional data collection and sharing through the settings of the application.
8. Privacy Rights
Depending on the country or state in which you reside, you may have various privacy rights. For more information on the applicable rights in , please choose the appropriate location in Brazil, Canada, European Economic Area (“EEA”) and United Kingdom (“UK”) , Israel, Japan, Republic of Korea, and U.S.A. (California, Colorado, Connecticut, Utah and Virginia) below:
Brazil
The Brazilian General Data Protection Act provides you the right to:
- Confirm Unity's processing of your data;
- Access your data;
- Correct your incomplete, inaccurate, or outdated data;
- Request anonymization, blocking or elimination of unnecessary or excessive data or of data processed in noncompliance with the Brazilian General Data Protection Act;
- Port your data to other service providers or suppliers of products;
- Delete your personal data when processed with your consent;
- Obtain information on the public and private entities with whom Unity shared your data;
- Obtain information on the possibility of not providing consent and on the consequences of the denial;
- Revoke your consent to the processing of your data when we seek your consent; and
- Lodge complaints before data protection authorities.
Canada
The Canadian Personal Information Protection and Electronic Documents Act provides certain rights with respect to your personal data, such as:
- Right to Access - You have the right to request Unity provide you with a copy of your personal data.
- Right to Rectification (Correction) - You have the right to request Unity to correct any information about you that you believe is incorrect. You also have the right to request Unity to complete information about you that you believe is incorrect.
EEA and UK
The EU and UK General Data Protection Regulations (collectively, the “GDPR”) provides certain rights (should they apply to you) in relation to the way in which Unity processes your Personal Information as a data controller. You have the following rights:
- Right to Access - You have the right to request Unity provide you with a copy of your Personal Information.
- Right to Rectification (Correction) - You have the right to request Unity to correct any information about you that you believe is incorrect. You also have the right to request Unity to complete information about you that you believe is incorrect.
- Right to Erasure (Deletion) - You have the right to request Unity to erase your Personal Information, under certain conditions.
- Right to Restrict Processing - You have the right to request Unity to restrict the processing of your Personal Information, under certain conditions.
- Right to Object to Processing - You have the right to object to Unity’s processing of your Personal Information, under certain conditions.
- Right to Data Portability - You have the right to request Unity to transfer your Personal Information that we have collected to another organization, or directly to you, under certain conditions.
- Right to Lodge a Complaint - You may lodge a complaint with an EEA data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available at https://ec.europa.eu/newsroom/article29/items/612080. In the UK, you may lodge a complaint with the Information Commissioner’s Office (“ICO”).
- If you do have a complaint, we would appreciate the chance to deal with your concerns before approaching your supervisory body, so please contact us at dpo@unity3d.com if you wish to discuss any complaint.
The Israel Protection of Privacy Law 5741-1981:
- Any information provided by you is on a voluntary basis with no legal requirement to do so, but if you refuse to provide such information we may not be able to provide you with the Services. According to the Protection of Privacy Law, each person is entitled to inspect, either himself or through a representative authorized by him in writing or his guardian, any information about him kept in a database.
Japan
The Act on the Protection of the Personal Information of Japan provides certain rights with respect to your personal information, such as:
- The right to request a notification of the purposes of use of your personal information
- The right to request the disclosure, correction, addition, or deletion of your personal information
- The right to request the discontinuation of use or provision to any third party
- The right to request the disclosure of the record of provision of your personal information
- If you are a resident of Japan and wish to exercise any of the above rights, please email us at DPO@unity3d.com (or contact us at the address indicated in the “Contact Us” section listed below)
- Unity Technologies, GINZA SIX 8F, 6-10-1 Ginza, Chuo-ku, Tokyo Japan 104-0061
United States of America
- If you are a resident of California, Colorado, Connecticut, Utah, or Virginia, please see Section 19 “Additional Information for Residents of California”, below, for additional information on how we handle your Personal Information and the privacy requests you may make under applicable law.
Below, you will find information on how to access, correct, update, suppress, restrict, or delete your Personal Information, object to or opt out of the processing of Personal Information, withdraw your consent (which will not affect the lawfulness of processing prior to the withdrawal), or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the instructions immediately below, or in accordance with the ‘Contact Us’ section below. We will respond to your request consistent with applicable law.
In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular identifier (e.g., email address, device ID, advertising ID) that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion).
In the event your request relates to the following Services, you will need to contact the Developer directly as we do not process the Personal Information to which your request relates:
- Unity Analytics
- Please note: the Developer may have configured privacy settings within the app in order to permit you to: object to profiling, opt-out of further profiling, request deletion (erasure) of Personal Information, or request access to Personal Information.
2. App Users viewing Unity Ads
- Depending on your Developers implementation of privacy tools, you can access the Personal Information collected about your device on a per-app basis by clicking or tapping the Data Privacy icon
- on the ad unit. By scrolling through the disclosure, you will either see a dynamically populated paragraph of plain text showing you the Personal Information related to your device from that app or you will see an option to click/tap a link within the text to see the data display. If you object to our maintaining this Personal Information or collecting future app-usage data, you may elect to opt-out of further collection and request deletion of historical data. Please note IP addresses may be maintained in logs for security of our system for our Services running on your device and may continue to be collected.
3. Unity Player Sign-In
- If you are a game player using Unity Player Sign-In and would like to exercise your Privacy Rights, please submit it here.
4. Unity Rewards Offerwall
- Developers should have an opt-out mechanism. Access and erasure requests can be submitted through this webform.
5. Unity Struckd
Users can delete their data from within the application. Users can submit access requests, please contact us in accordance with the ‘Contact Us’ section below.
For ironSource Services
To exercise your rights for all ironSource Services, please see the relevant instructions in the ironSource Privacy Policy.
For the Tapjoy Offerwall
Please see the relevant instructions in the Tapjoy Privacy Policy.
For Services not listed
To exercise your rights for all other Services, please contact us in accordance with the instructions immediately above, or in accordance with the ‘Contact Us’ section below.
For efficiency, please note the service your request is about.
9. Transfers out of Country of Collection
Unity has implemented and maintains a framework consistent with applicable law for transfers of Personal Information outside of the country of collection, including for transfers out of the UK and/or EEA.
Unity has implemented and maintains a framework consistent with applicable law for transfers of Personal Information outside of the country of collection, including for transfers out of the UK and/or EEA.
Your Personal Information may be stored and processed in any country where we have facilities, including ironSource which is headquartered in Israel, or in which we engage service providers, such as Google Cloud Platform and Looker, and by using the Services you understand that your Personal Information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
Where this will involve transferring your Personal Information outside the UK and/or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Adequacy Decisions: Some non-EEA countries are recognized under the UK GDPR and by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here). For example, we may transfer to our affiliates who are located around the world, including Canada, Japan, New Zealand, Republic of Korea, Switzerland, and the United Kingdom.
Standard Contractual Clauses: For transfers of Personal Information from the UK and/or EEA to third countries, which are not considered adequate under the UK GDPR and/or by the European Commission, we have put in place standard contractual clauses adopted under the UK GDPR and/or by the European Commission to protect your Personal Information. For example, we use Google Cloud Platform’s infrastructure and data centers which are located around the world, including the United States. We rely on both controller-controller and controller-processor Standard Contractual Clauses. You may obtain a copy of these measures by contacting us in accordance with the “Contacting Us” section below. “UK GDPR” has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018.
Japan
For transfers from Japan to countries other than the EEA/UK, we have put adequate measures in place to protect your Personal Information.
The transferees are obligated to comply with equivalent or comparable rules to those under the Act on the Protection of Personal Information of Japan (APPI) on a continuous basis, and we periodically confirm their compliance. We also periodically confirm any changes to the data privacy regulations of other countries that may affect the compliance measures taken by our overseas affiliates and third-party service providers and take measures such as requesting that they take corrective measures or suspending the provision of Personal Information if any issues arise in the implementation of such compliance measures. We will provide you with further information on the measures we take in this regard upon your request.
10. Retention
We retain Personal Information for as long as is necessary or as permitted in light of the purpose(s) for which it was obtained and consistent with applicable law, for example, for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. The criteria to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Where a legal obligation arises or retention is advisable in light of our legal position, in some circumstances, we will retain certain Personal Information, even after your account has been deleted and/or we no longer provide the Services to you; for example:
- To cooperate with law enforcement or public, regulatory and government authorities: If we receive a preservation order or search warrant, related to your Services account, we will preserve Personal Information subject to such order or warrant after you delete your Services account.
- To comply with legal provisions on tax and accounting: We may retain your Personal Information after you delete your Personal Information, as required by tax law and to comply with bookkeeping requirements. Please note the length of time may vary by country.
- For fraud and security purposes: We may retain your Personal Information for fraud/ security purposes such as IP address, User ID, Device ID, and unique app installation-specific ID, which can be used to investigate whether a specific device exhibits a pattern of abnormal app interaction behavior, which may indicate a malicious bot or fraudulent actor.
- To pursue or defend a legal action: We may retain relevant Personal Information in the event of a legal claim or complaint, including regulatory investigations or legal proceedings about a claim related to your Personal Information, or if we reasonably believe there is a prospect of litigation (whether in respect of our relationship with you or otherwise) after the dispute has been settled or decided by a court or tribunal from which there is no further right of appeal. The criteria for determining the length of time we will retain this information include:
- Whether there is a legal obligation to which we are subject (for example, if the settlement or decision requires us to keep the records for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
11. Security
We employ a variety of measures to safeguard the collection, transmission, and storage of the information we collect. These measures vary based on the sensitivity of the information that we collect, process, and store, and the current state of technology. Please note that no system can be guaranteed to be 100% secure. Therefore, while we strive to employ reasonable protections for your information that are appropriate to its sensitivity, we cannot guarantee or warrant the security of the information you share with us and we cannot be responsible for the theft, destruction, loss or inadvertent disclosure of your information. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below
12. Biometric Information
Please note, Unity is a data processor for information uploaded through Safe Voice, which, depending on legal interpretation, may be considered biometric data. The following Section contains legal information which is only applicable under U.S. Law.
Your use of certain features may result in the collection of biometric information. Biometric information is any information based on an individual's biometric identifier used to identify an individual. Biometric information that may be collected depending on how you use Unity's products includes voice recordings. For example, if you are using Unity Safe Voice for in-app voice communication, that may be considered to be collecting biometric information under applicable laws.
We use commercially reasonable organizational, technical, and administrative methods designed to protect biometric information within our organization.
We retain biometric information for as long as needed or permitted in light of the purposes stated in this policy, unless a longer retention period is permitted or required by applicable law. For more information on the criteria used to determine our retention periods, please see the "Retention" section in our Privacy Policy.
We will destroy or dispose of your biometric information as required by applicable law. For example, we may destroy electronic records of biometric information through such processes as overwriting magnetic media, degaussing, or physical destruction, and we may dispose of paper records by such processes as shredding or incineration.
Please note you may need to make your request for deletion through Unity’s customer as we may need our customer’s assistance to locate your account.
13. Unity Ads Privacy Features and Third Party Partners in Providing Advertising
Privacy Features
If Unity delivers personalized advertising through its ad network, Unity will provide notice and information about how you may be able to opt-out of such personalized advertisements. Please note that the limitations available to you are determined by the laws within your jurisdiction and the tools the Developer chooses to implement. Such an opportunity to opt out may occur through your device settings (see the section “Information and choices regarding tracking and targeting on mobile devices” in our Cookie & Advertising Policy and the choices available within the ad unit as described in this Policy by accessing the Data Privacy icon in the ad unit.
Developer Advertising Using Other Ad Networks
Developers may use other third-party advertising networks, and Unity’s choice features within its ad units only apply to ads delivered in the Unity network.
Please note that the Developer of the app showing Unity Ads may have limited choices in providing certain identifying information, including your device advertising ID, about you to our third-party partners advertising goods and services with Unity. You may still see ads from the partners listed below, but they will not be based on your Personal Information. Additionally, you may have opted-out of profiling in Unity’s ad network within a Unity Ad for your app, in which case we will only serve contextual ads from ourselves and these partners within your app. For all others, please review the following information:
Third Party Ad Network Partners
The following third-party partners may receive an ad request from Unity containing your Personal Information. This list may be updated from time to time. These partners use this information to build your profile and personalize your ad experience to serve future ads you may see on the internet as well as inside the Unity ad network. The privacy policies linked below provide you with information around the Personal Information that they have from all sources, including Unity, and your data protection rights under applicable law in relation to the processing of your Personal Information.
Aarki, AdColony, Adikteev, Admazing, AdMaxim, Admix, AdMixer, Adtiming, Advlion, Affle, AlgoBluesea, Algorix, Appier, Appreciate, apptimus, Beeswax, Bidease, Bidmachine, Bidmatrix, BidSwitch, Bigabid, BigoAds, Brave People LTD, Bucksense , Centro, Chartboost, Clearpier, Connekt Media, Criteo LLC, Dataseat Ltd, DiscoverTech, Eskimi, GCMOB, Google (Review the link to AdSettings), Hybrid.Ai, Hyper LLC, IGNITE MEDIA, Illumin, Index Exchange, InMobi, Jampp , Kayzen (fka Applift), Kidoz, Lifestreet, Liftoff, LoopMe, Magnite, MediaMath, MeituEve, Mintegral, MobAvenue, Mobupps, Moloco, MoPub, OMS, OpenX, Opera, Pangle, Persona.ly, Playdigo, Inc., Pokkt, Pubmatic, Pubnative, Pubwise, PulsePoint, Inc., Remerge, Rhebus, RhythmOne, Rise, RTBHouse, Samsung, Se7en, Smadex, Snap Inc., Spotad, SuperAwesome, SVG, Telaria, Tencent, TheTradeDesk, TopOn, Unicorn, Vidazoo, Webeye, Wildlife Studios, Wish, Wof, Xandr, Xapads, Yandex, YeahMobi, Youappi and Zmaticoo.
Bidding Partners
In addition, Unity’s mediation product shares your Personal Information to the following bidding partners. This list may be updated from time to time. These partners use this information to build your profile and personalize your ad experience to serve future ads you may see on the internet as well as inside the Unity ad network. The privacy policies linked below provide you with information around the Personal Information that they have from all sources, including Unity, and your data protection rights under applicable law in relation to the processing of your Personal Information.
Adcolony, Applovin, Ironsource, Meta, Mintegral, Snap inc., and Vungle.
14. Cookie & Advertising Policy
We may collect Personal Information through the use of cookies and similar technologies. For more information on how Unity uses cookies, the types of cookies and other technologies used, and your privacy choices, please see our Cookie & Advertising Policy
To update your cookie preferences, please select "Cookie Settings" at the bottom of the web page or click the shield icon.
15. Sites and Services Operated by Others
The Unity Service may contain links to other sites, applications, and services. Because Unity does not operate those other sites, applications, and services, we cannot take responsibility for the privacy practices of the entities that operate them. We recommend that you consistently check privacy policies to understand an operator’s practices. As a reminder, this Privacy Policy describes Unity’s practices.
This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.
The Services may provide functionality allowing you to make payments to us using third-party payment services with which you have created your own account. When you use such a service to make a payment to us, your Personal Information will be collected by such a third party and not by us, and will be subject to the third party’s privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, this third party’s collection, use, and disclosure of your Personal Information.
In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.
16. Other Useful Information
For more information on Unity's policies and other Legal Information, please see our Legal Information page.
17. Contact Us
Unity Technologies S.F., located at 30 3rd Street, San Francisco, CA 94103 (United States contact), is the organization responsible for collection, use, and disclosure of your Personal Information under this Privacy Policy.
If you have any questions about this Privacy Policy, please contact us at DPO@unity3d.com.
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
You can contact us as follows:
-
- DPO@unity3d.com
- Unity Technologies, 30 3rd Street, San Francisco, CA 94103 (United States contact)
- Unity Technologies ApS, Niels Hemmingsens Gade 24, 1153 Copenhagen, Denmark (European Union contact)
- Unity Technologies, GINZA SIX 8F, 6-10-1 Ginza, Chuo-ku, Tokyo Japan 104-0061 (Japan Contact)
18. Changes to this Privacy Policy
The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services.
We reserve the right to change our practices and this Policy at any time. We may also send an email or provide notice within some or all of our offerings when this Policy changes. We encourage you to check this page regularly so that you know what our current practices are.
19. Additional Information for Residents of California, Colorado, Connecticut, Utah, Virginia, Florida, Montana, Oregon, Texas, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, and Tennessee.
Collection, Disclosure, Sharing, and Sale of Personal Information
California, Colorado, Connecticut, Utah, Virginia, Florida, Montana, Oregon, Texas, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, and Tennessee residents have certain rights under state privacy laws with respect to personal data we collect. If you are a resident of such states, this section of the privacy policy contains disclosures required by law and explains rights that may be available to you depending on the applicable jurisdiction.
The following chart details which categories of Personal Information we collect and process, as well as which categories of Personal Information we disclose to third parties for our operational business purposes, including within the 12 months preceding the date this Privacy Policy was last updated. The chart also details the categories of Personal Information that we “sell” or “share” for purposes of cross-context behavioral or targeted advertising, including within the preceding 12 months. You may view our CCPA Transparency Report at https://unity.com/legal/privacy-report. This report provides details on our responses to requests to access, delete or opt-out under CCPA.
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Identifiers, such as name, signature, contact information, online identifiers, and government-issued ID numbers | affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Personal information as defined in the California customer records law, such as name, contact information, payment card number, financial information, medical information, insurance information, education information, employment information, and government-issued ID numbers | affiliates; service providers; ad networks; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | none | none |
Characteristics of protected classifications under California or federal law, such as sex, age, race, disability, and marital status | affiliates; service providers; marketing partners; contest sponsors; legal authorities | none | none |
Commercial Information, such as transaction information and purchase history | affiliates; service providers; social networks; marketing partners; contest sponsors; legal authorities | none | none |
Biometric information, such as scans of hand and face geometry | affiliates; service providers; legal authorities | none | none |
Internet or network activity information, such as browsing history and interactions with our Services | affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Geolocation Data, such as approximate location derived from IP address | affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Audio/Video Data. Audio, electronic, visual, and similar information, such as call and video recordings | affiliates; service providers; marketing partners; legal authorities | none | none |
Education Information subject to the federal Family Educational Rights and Privacy Act such as student records, directory information | affiliates; service providers; legal authorities | none | none |
Employment Information. Professional or employment-related information, such as work history and prior employer | affiliates; service providers; legal authorities | none | none |
Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences or characteristics | affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | ad networks | ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Identifiers, such as name, signature, contact information, online identifiers, and government-issued ID numbers | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Personal information as defined in the California customer records law, such as name, contact information, payment card number, financial information, medical information, insurance information, education information, employment information, and government-issued ID numbers | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; Asset Store Sellers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Characteristics of protected classifications under California or federal law, such as sex, age, race, disability, and marital status | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Commercial Information, such as transaction information and purchase history | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Biometric information, such as scans of hand and face geometry | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Internet or network activity information, such as browsing history and interactions with our Services | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Geolocation Data, such as approximate location derived from IP address | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Audio/Video Data. Audio, electronic, visual, and similar information, such as call and video recordings | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; marketing partners; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Education Information subject to the federal Family Educational Rights and Privacy Act such as student records, directory information | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Employment Information. Professional or employment-related information, such as work history and prior employer | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising none | |||
Sold to Which Categories of Third Parties none |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|---|---|---|
Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences or characteristics | |||
Disclosed to Which Categories of Third Parties for Operational Business Purposes affiliates; service providers; ad networks; social networks; marketing partners; contest sponsors; legal authorities | |||
Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising ad networks | |||
Sold to Which Categories of Third Parties ad networks |
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising | Sold to Which Categories of Third Parties |
---|
Sensitive Personal Information. | ||||
---|---|---|---|---|
| affiliates; service providers; legal authorities | none | none |
Sensitive Personal Information. | |||
---|---|---|---|
| |||
affiliates; service providers; legal authorities | |||
none | |||
none | |||
Individual Requests
Subject to applicable law, you may make the following requests:
- You may request to know whether we process your Personal Information, and to access such Personal Information.
- If you are a California resident, you may request that we disclose to you the following information covering the 12 months preceding your request:
- The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
- The business or commercial purpose for collecting or sharing Personal Information about you;
- The categories of Personal Information about you that we shared (as defined under the applicable privacy law) and the categories of third parties to whom we shared such Personal Information; and
- The categories of Personal Information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such Personal Information (if applicable).
- If you are a California resident, you may request that we disclose to you the following information covering the 12 months preceding your request:
- You may request to correct inaccuracies in your Personal Information;
- You may request to have your Personal Information deleted;
- You may request to receive a copy of your Personal Information, including specific pieces of Personal Information, including, where applicable, to obtain a copy of the Personal Information you provided to us in a portable format;
- You may request to opt out of the “sale” of your Personal Information; and
- You may request to opt out of targeted advertising, including the “sharing” of your Personal Information for purposes of cross-context behavioral advertising.
Please note that Unity has placed a California Notice of Rights on its website to explain how California residents may exercise their privacy rights under the California Consumer Privacy Act. This notice is incorporated into this policy.
We will not unlawfully discriminate against you for exercising your rights under applicable privacy law. To make a privacy request, please contact us at DPO@unity3d.com or Unity Technologies, 30 3rd Street, San Francisco, CA 94103. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as your email or account information, such as email address/ device type/ device ID where applicable, in order to verify your identity and protect against fraudulent requests. If you make a request to delete, we may ask you to confirm your request before we delete your Personal Information.
To request to opt out of any future sale of your Personal Information, or to opt out of any future sharing of your Personal Information for purposes of cross-context behavioral advertising or any future processing for purposes of targeted advertising, click here: We do not knowingly sell or share the Personal Information of minors under 16 years of age.
Appeal Process
If you are a Colorado, Virginia, Connecticut, Florida, Montana, Oregon, or Texas consumer, and we refuse to take action on your request, you may appeal our refusal within a reasonable period after you have received notice of the refusal. You may file an appeal by contacting us DPO@unity3d.com or Unity Technologies, 30 3rd Street, San Francisco, CA 94103.
Authorized Agents
If an agent would like to make a request on your behalf as permitted under applicable law, the agent may use the submission methods noted in the section entitled “Individual Requests.” As part of our verification process, we may request that the agent provide, as applicable, proof concerning his or her status as an authorized agent. In addition, we may require that you verify your identity as described in the section entitled “Individual Requests” or confirm that you provided the agent permission to submit the request.
De-Identified Information
Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.
Providing Personal Information to third parties for direct marketing purposes: California residents have the right to request the identity of any third parties to whom the resident’s Personal Information was provided, if such provision was to enable the third party’s direct marketing efforts. If you are a California resident and wish to make such a request, please submit your request to DPO@unity3d.com. Alternatively, you may opt-out of having your personal information shared with third parties for their direct marketing purposes, by emailing us at DPO@unity3d.com.
How we respond to “Do Not Track” signals: We are committed to providing you with meaningful choices about the information collected on our Services. Our cookie management tool on our website recognizes browser-initiated Do Not Track signals. To learn more about Do Not Track signals, you can visit allaboutdnt.com.
Removal of content.
Pursuant to California Business & Professions Code section 22581, if you are a resident of California, under 18, and a registered user of the Services, you may ask us to remove content or information that you have posted to the Services by writing to DPO@unity3d.com Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user