Unity Statement on GDPR Readiness

On May 25, 2018, the General Data Protection Regulation (GDPR) will become effective in the European Economic Area (EEA). This new regulation builds on the data privacy regulations in place in the EEA since 1995. The GDPR provides specific protections for individuals in Europe on how their data may be collected, moved, stored and processed.

Last Updated: May 18, 2018.

Unity Games and Data Collection

Unity is committed to the responsible collection and use of player data – and enhancing privacy safeguards. As such, if you are a developer or publisher that uses Unity Ads, Unity Analytics or any other Unity service, you can be confident that Unity is committed to GDPR compliance and will assist you with your technical preparations, including collaborating with your privacy and legal teams, so that you are aware of, and have confidence in, our GDPR implementation.

If you are a player of games made with Unity, or if you see ads in other games that are served by the Unity Ads SDK, we currently collect gameplay and device data. This data allows game developers and publishers to tune their games for player devices and to serve players with relevant advertisements about other games, movies and/or products that may interest them. These ads enable the developers and publishers to offer free-to-play games.

With the GDPR – and to be transparent about the data we collect and how it is used – we will be providing players with a data privacy option. On a game-by-game basis, players will be able to opt-out of data collection. As well, they will have access to Unity’s Privacy Policy (to be updated for the GDPR by May 25, 2018), and will be able to change their privacy setting any time they see an ad. Players who opt-out of data collection will still see ads, but these ads will be random and not tailored for the player.

Frequently Asked Questions

To clearly explain how Unity will comply with the GDPR – and how this will impact developers, publishers, and players – we have provided answers to common questions. We will update the FAQ as necessary. Contact us at GDPR@unity3d.com if you have questions not covered below.

General Information

What kind of player data does Unity collect and what does Unity use it for?
If a game developer or publisher enables Unity Ads or Unity Analytics for their game, we collect data such as device type, country, device language, in-game behavior and purchases, IP address, Apple’s Advertising Identifier (IDFA), and Google Play advertising ID. This information helps developers and publishers tailor games and ads for players and their devices, such as providing ads designed for specific device types, player languages, and game preferences.

Why provide advertising at all?
A great deal of creativity and resources go into making all games. Developers and publishers can provide free-to-play games because advertising helps cover their costs. As such, Unity tailors ad types and frequency so players have a better experience (for example, by seeing fewer but more relevant ads). This also allows advertisers to serve the most pertinent ads to players.   

Does Unity collect what the GDPR refers to as “special categories” of personal information about players, such as political, religious, or sexual orientation?
No. Unity only collects gameplay and device information. Unity does not collect these special categories of personal information.  

What is Unity’s strategy to assure GDPR compliance on May 25, 2018?
Prior to that date, Unity Ads will provide an updated SDK (see below for more information) and an Analytics plug-in and other resources to Unity game developers and publishers so they can provide players with a simple way to learn about and set their data privacy option. Unity is also working closely with other partners to ensure they are aware of these resources and changes.

When will players be able to opt-out of data collection?
As of May 25, 2018, when a player begins playing a new free-to-play game, they will be presented with the opt-out option and a link to the Unity Privacy Policy. This will appear on the first ad they see in each game.

What will happen if a player opts-out of data collection?
On a per-game basis, the player’s data will be deleted and the player will only see random, non-targeted ads or ads based solely on contextual data.

Will players be able to opt-in or opt-out of data collection at any time?
Each time a Unity ad appears in a game, players will be able to access and change their privacy setting via the Info “ℹ” icon on the Unity ad.

 

Information for Developers, Publishers and Other Partners

Is Unity classified as a processor or a controller when processing data under the GDPR?
Unity is a processor with respect to developer data in Cloud Services, and a controller of player data that we collect via Unity Ads and Analytics.

As a developer or publisher, do I need a new Data Processing Addendum (DPA) with Unity?
Unity Legal has added an updated Processor DPA and Controller-Controller DPA. They can be found here. The GDPR page will identify which documents apply to which services. Terms and Conditions for services will be updated prior to May 25, 2018, to provide appropriate references to these addenda as well.

Will your Privacy Policy move from its current URL?
No. Our Privacy Policy will be updated to reflect certain new processes for players and the URL will remain the same. You may use the current link if you need to update your own privacy policy.

As a publisher, what should I do to be transparent with my players?
You should continue to notify your players about third-party ad partners (like Unity) that you share data with. You can do this by placing a link to our Privacy Policy within your own privacy policy. This is no different from the transparency Unity has recommended prior to the GDPR.

As a publisher, do I need to obtain consent from players about targeted advertising?
Unity will provide opt-out choices for behaviorally targeted advertising from anyone who sees a Unity ad. If you are not exclusively using Unity Ads, Unity can handle this for you through your mediation partners. Contact your Account Manager for more information. If you do not have an Account Manager, please contact support@unity3d.com.

How will Unity allow players to decide if they receive targeted ads?
Unity will provide players with the ability to opt-out of targeted advertising. The first Unity ad that a player sees in each game will provide them with information about the data we collect, a link to our Privacy Policy, and the opt-out option. Players will be able to change their privacy setting any time they see a Unity ad via the Info “ℹ” icon.

How can I let Unity know that I have obtained consent for targeted ads from my players outside of the Unity platform?
Unity will give publishers the ability to indicate that you have obtained consent from your own systems. If you would like to let Unity know that you will be obtaining consent outside Unity, please contact your Account Manager. If you do not have an Account Manager, please contact support@unity3d.com.

As a publisher, do I need to update my Unity Ads SDK?
If you are using Unity Ads SDK 2.0 or newer, GDPR-related changes will be automatically available to you no later than May 25, 2018. If you are using SDK 1.5 or older, we recommend that you update the SDK; otherwise, Unity can only serve contextual ads for your players.

What does opting-out of Unity Analytics mean for a player?
Players will be able to opt-out of Unity Analytics on a per-game basis. If a player chooses to opt-out, Unity Analytics will no longer optimize game experiences based on their in-game behaviors.

How will Unity allow players to opt-out of Analytics?
Similar to Unity Ads, you will be able to give players the ability to opt-out of data collection via a plug-in that you can integrate into your games. Integrating the plug-in will only be necessary if you are not using Unity Ads. It will be provided prior to May 25, 2018.

 

Information for Users of Developer Services

This section covers Unity Collaborate, Cloud Build, Performance Reporting, and Bug Reporting (Alpha).

General Information

  • In the context of Developer Services and the data it collects, Unity is a processor of data. The customer (“developer”) is the controller.

  • In regards to “personally identifiable information” (PII), Developer Services maintains a Name/Public User ID in the form of project history. For example, when a developer makes a change to a project, that change is recorded and communicated to other team members. To “forget” that user, Developer Services will provide functionality allowing a developer to “mask” their historical activity upon request.  

What creator data is collected by Developer Services?

Developer Services collects project-related data such as project assets, code, developer activity, and credentials, as provided by the developer to Unity.  

How is the data used?

Unity is a processor of the data, and uses the data provided by the developer (who is the controller of the data) to fulfill tasks and services that the developer chooses. For example, tasks and services include:

  1. Project assets stored in Cloud Storage to secure files and enable Collaborate features.

  2. Developer activity recorded by Unity to show and manage the historical state of a project in Collaborate.

  3. Project credentials to access project assets and automatically create builds for the developer via Cloud Build.

How long is data retained?

Project data, including backups, is retained for a finite period. The retention policy varies depending on the nature of the primary service processing it. A developer can manually delete data at any time via features provided by the service, or by contacting Unity at support.unity3d.com.

In addition to using data to deliver services that the developer has opted into, Unity may also use data to identify and target individual developers to further the Unity business, including requests for product feedback and exposure to marketing materials. Developers have the ability to opt-out of these communications.  

What player data is collected by Developer Services?

Through reporting features – Performance Reporting, Bug Reporting (Alpha) – Developer Services collects error reports generated by an application made with Unity and information about the device it was collected on. Device information includes data that could be considered personal data (machine ID), but this information is anonymized before it is retained.  

In some cases, a developer may send PII to Unity inadvertently. For example, with features provided via Bug Reporting, a player could share a screenshot that includes the player’s in-game name. Unity does not identify or data-process information collected in this fashion.

How do I inquire about a GDPR-related issue concerning Developer Services?

You can create a ticket at support.unity3d.com and your request will be acknowledged and prioritized.

 

Information for Unity Developers, and Unity Profile Updates

Unity is committed to compliance with the General Data Protection Regulation (GDPR), which will go into effect May 25, 2018, in the European Economic Area (EEA). Over the past year, we have been working to update your Unity Profile with the goal of streamlining how you invoke your rights under GDPR. Please note that nothing in this communication is intended to replace or supersede the Privacy Policy on our website, which governs our use of your data; however, we are providing you with a summary of changes that are coming your way by May 25 and throughout this year.

By May 25, we will provide updates to id.unity.com to offer you these new security and privacy options. With Unity Profile, new and existing users will have a seamless experience with all our services. In addition, users will also have enhanced control over the information in their profiles.

Security and privacy are areas we’re always focused on improving. In the upcoming months, we will consolidate public-facing user profiles from community services – including Unity Forums, Unity Asset Store, and Unity Answers – into Unity Connect. To be clear, you will not experience any interruption of these services nor changes to their features. Be on the lookout for more information as we progress.

Coming Soon – Unity Profile Updates

We’re making some significant updates to your Unity Profile to make it easier to access community services and to manage your privacy and information.

  • Easier access to all your Unity services. We’re always working on improving your experience to ensure it’s easy for you to find and access all of our services. With Unity Profile, we’re updating our global Dashboard to enable you to easily move between our various communities and services.

  • Enhanced control over your privacy and information. We’re making it easier for you to see relevant profile information in a central location. Unity Profile will provide you with the ability to fine-tune your privacy and security settings as well as help you control what information you want visible on your profile.

  • Engage with the community with a single profile. Many of our users currently have multiple public profiles on our community services. In order to make it simpler for you to update and manage your information across these profiles, we’re migrating your community profiles into a central location on Unity Connect this year.

 

Frequently Asked Questions

To understand how Unity Profile will affect your information as a Unity user, we’ve compiled the following FAQs. Contact us at DPO@unity3d.com if you have questions not covered below.

What is a Unity Profile?

A Unity Profile is your public identity within the Unity ecosystem and community. It’s how you define who you are and how others see you. With it, you’ll be able to access Unity Connect community features such as Unity Connect Groups and Messenger.

This is not to be confused with your UnityID, which is your developer user account with Unity. Your UnityID allows you to connect with your Unity teams and resources, and securely control access to Unity services for you and your team members.

Why are you doing this?

We want to ensure that users have a seamless experience with all our community services. With our improved Dashboard, you can seamlessly move among core Unity services. We also want to make sure users have more control over their privacy settings, particularly any information they share via Unity services.

What privacy settings should I expect by May 25?

All Unity creators will have access to a new privacy panel found at id.unity.com/privacy. From there, you’ll be able to directly access our services that have potential privacy choices for you to make via a link to the respective service’s privacy profile settings. In the future, we will migrate these options to the UnityID privacy panel.

What security settings should I expect by May 25?

All Unity creators will have access to a new security panel found at id.unity.com/security. Here you’ll be able to manage your 2-factor authentication settings as well as see your most recent sessions beside the associated IP address.

How can I delete my UnityID?

In a new Account Management section of your UnityID, you’ll be able to delete your UnityID. This process shouldn’t be taken lightly, however, as it will remove your personal information from many of Unity’s applications and services, including content you have created in connection with your UnityID.  

Please note that Unity may keep certain information in our financial records even after your account is no longer active. Moreover, deletion is always subject to determination that there is no outstanding financial obligation to Unity or from Unity to you. To clarify, if you currently have an account balance, your account cannot be deleted.

Once again, before deleting your account, be sure to arrange to port your content to another system and resolve all open financial issues.

IMPORTANT NOTE: Once you delete your account, you will lose all access to your Unity projects, your Unity Connect Messenger logs, all your assets from the Asset Store, and all other account-related data. If you still plan on deleting your profile but want to have access to your information, we strongly recommend that you manually back up your information/data.  

What if I don’t want a Unity Connect profile?

Once your profile is migrated, you can make your profile public. Your profile will not be public by default. You can choose to leave your profile setting on private, meaning other users will not be able to see your profile and your information will not be discoverable publicly. If you would like to delete your profile, contact support@unity3d.com.

 

GDPR and Unity Services: Unity Connect

Frequently Asked Questions

What information do you collect from my profile?

Profile information: We collect information about you when you register and fill out your account, which includes information such as your full name, email, experience, skills, and role. Your contact information is not publicly visible. You also have the option of adding a display name, experience, profile photo, role, and other details to your profile to be displayed on your public profile.

Content you share: We collect and store content you post, send, receive, and share on our sites (e.g.,  articles or comments you have posted).

Content you provide: We collect content you share on the site, including submitted feedback, surveys, contests, and promotions.

Content you interact with: In order to serve more relevant content, we collect information about content and users you interact with on the site. An example would be any users you follow on Unity Connect or any projects you “like,” which we use to recommend similar projects and users.

What does Unity use it for?

Unity uses information we collect in order to improve user experience and our services.

Personalize your experience: We use the information collected about you to provide a more custom experience. For example, if you follow a user, when that user posts new content, you are more likely to see their content in your feed.

Research and product development: We use some of the information we collect to better understand our community and improve our existing services. We always strive to improve our services; to accomplish that, we collect learnings about users such as activity, purchase behavior, and overall usage.

To communicate with you about major updates: In order to keep you up to date about service changes, we use your contact information to send transactional emails about changes that will affect your experience with our service (e.g., communications about new features or new contests).

To market our services: We use information submitted by users within marketing material to promote the use of our services (e.g., we use reviews from certain assets to promote them on the site). As a part of the Unity Privacy Policy that you agree to when creating your Unity Connect profile, you grant Unity permission to use your content to market our services. However, Unity does not claim any ownership rights for content you publish on Unity Connect.

How do we share information we collect?

Sharing with other users

Our service is a community platform, meaning that certain information is shared with other members of the community. When you use our service, we share certain information you have added to your public profile with other users. You can create and publish content that can be seen and shared by other users.

Sharing with third parties

We share information with third parties in order to better operate, customize, and market our services.

Unity Connect employers: We promote featured profiles and projects to employers on the site through our monthly newsletters.

Unity Connect contest partners: We share submissions for contests with partners who are recognized as a sponsor of the contest. In order to provide support for contests, we provide access to discussion channels and groups for contest partners to be able to answer questions regarding submission criteria for contests. After a contest has been judged, personal contact information for contest winners is provided to partners in order to be able to distribute prizes.

How do I access and control my information?

To update your current information, click My Profile when you log in to your Unity Connect profile. To manage your privacy and notification settings, go to https://connect.unity.com/settings while logged into your profile.

How do I opt-out of data processing?

To opt-out of data processing services, go to https://connect.unity.com/settings. Under Privacy Settings, toggle on or off all of the options regarding data collection and processing. These settings will allow you to toggle on or off recommended jobs, tasks, projects, and people based on your interactions on Unity Connect.

 

GDPR and Unity Services: Unity Asset Store

General Information

Currently, users of Unity Connect and the Asset Store have separate public profiles. These profiles will be merged and hosted on Unity Connect in the upcoming migration in order to make it simpler for users to access their privacy settings and modify all of their public-facing information.

 

Frequently Asked Questions

What information do you collect from my profile?

Profile information: We collect information about you when you register and fill out your account, which includes information such as your full name, email, billing information, and billing address.

From Users

Content you share: We collect information on content you share on the site ( e.g., a list of assets you have curated,  a wish list you have created, or reviews you have posted on downloaded assets).

Content you provide: We collect information on the additional content you provide on the site, including submitted feedback, surveys, and promotions.

Content you interact with: In order to serve more relevant content, we collect information about content you interact with and purchase on the site.

From Publishers

Content you provide: We collect information on the assets you publish on the site, such as images and descriptions of your assets. Additionally, we track the total number of downloads in order to provide you with reports on SKU performance to pay out your royalties.

What does Unity use it for?

Unity uses information we collect in order to improve user experience and our services.

Personalize your experience: We use the information collected about you to provide a more custom experience. For example, we use your purchase history to recommend more relevant assets to you.

Research and product development: The information we collect helps us understand how we can improve the site. We collect anonymized learnings about users such as downloads, activity, purchase behavior, and overall usage.

To communicate with you about major updates: In order to keep you up to date about service changes, we use your contact information to send transactional emails about changes that will affect your experience with our service (e.g., communications about our monthly newsletter, promotions, and to let you know about new features on the site).

To market our services: The information we collect is used to promote our services. For example, we use user reviews and thumbnails on asset store listings to promote some assets on the site and via email campaigns.

How do we share information we collect?

Sharing with other users

Your public profile information is visible to other users. Any content you submit to the site, such as reviews, is visible to other users on the site.

Sharing with third parties

We share information with third parties in order to better operate, customize, and market our services. We provide this information to assist Providers (publishers) with fulfilling your purchase(s) and, in the case of our Asset Store partners, to allow them to contact you about new products and services. To clarify, we provide this information for a limited number of partners who license their SDKs through the Asset Store.

How do I access and control my information?

To update your current information and manage privacy and notification settings, go to https://assetstore.unity.com/account/settings. To update your Provider (publisher) information, go to https://publisher.assetstore.unity3d.com/info.html.

 

Further Information

If you have any questions not addressed above, please contact us at GDPR@unity3d.com.

 

Back to Top