Documentation

Support

Unity Cloud

Get Started

Creator SDKs and Services

Open Unity Dashboard

Unity Cloud

Privacy overview

Get an overview of privacy information for data you link from Google Analytics to the Developer Data framework.
Read time 3 minutesLast updated 2 days ago
You can link Google Analytics to the Developer Data framework to get a comprehensive view of data for your Unity project. When integrated, Unity treats this data as Developer Data. This documentation is intended to provide data privacy information about Unity’s products. It is not intended to be used as legal guidance or as a replacement to reading Unity’s Privacy Policy. If you have questions about a term used, please see the Glossary below. If you have further questions about the privacy implications of your product, please email DPO@unity3d.com with your question. For expediency, please list the product about which you are inquiring.

Personal Data Collected about App Users/ Game Players

The following Personal Data will be collected by Unity where it has been originally collected by the developer via their Google Analytics integration:
  • Masked IP Address
  • Developer set User ID
  • Account Identifiers
  • Unique installation-specific ID
  • Advertising ID
  • IDFV
The foregoing list is only an example, and the applicable data collected by the developer is subject to the developer’s Google Analytics implementation.

Relationship under Privacy Laws

Under GDPR, Unity is the Processor. You, the developer, are the Controller. Under CCPA (as modified by CPRA), Unity is the Service Provider. You, the developer, are the Business.

Legal Basis for Processing

As we are a Processor, we do not determine your legal basis for processing. Instead, it is your responsibility as the Controller to determine such a legal basis.

Consent (Opt in) vs Opt out

This product does not have a consent or opt-out service. If the Developer determines they do not have a legal basis to collect the applicable Google Analytics data, they must disconnect their Google Analytics account from the Developer Data framework.

Data Subject Requests

Two of the most common data subject requests based in law are the request for access to personal data and the request for deletion of personal data.

Access

This service has no native functionality to support data access requests. You, the developer, are responsible for actioning them. You can action them by submitting the request to dpo@unity3d.com.

Deletion

This service has no native functionality to support data access requests. You, the developer, are responsible for actioning them. You can action them by submitting the request to dpo@unity3d.com. Please note: this functionality only applies to this service. If you are using other services which collect app user personal data you will need to review that service's documentation for how it handles data deletion requests

Dependencies

This product has no dependencies on other Unity products.

Data Retention

By default, personal data is retained for 30 days.

Child Privacy

If required to do so under applicable laws, you (the developer) must obtain Verified Parental Consent prior to submitting child-user data, as outlined in the Unity Terms of Service.

Privacy Policy Requirements

It is never appropriate to use Unity’s privacy policy for your application. You will need to ensure that the personal data practices are reflected in your Privacy Policy, as required in the Unity Terms of Service.

Privacy URL

If you need to present the user with Unity's privacy policy or reference Unity’s privacy policy within your own, use the privacy URL: https://unity.com/legal/game-player-and-app-user-privacy-policy.

Data Processing Agreement (DPA)

Unity DPA applies to the transfer of data for this product.

Glossary & Notable Laws

  • GDPR - The General Data Protection Regulation (GDPR) took effect in the European Economic Area (EEA). References to GDPR also encompass UK GDPR which is the UK’s version of GDPR which applies post-Brexit.
  • CCPA - The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).
  • PIPL - In November of 2021, Personal Information Protection Law (PIPL) took effect in China.
  • LGPD - The Brazilian General Data Protection Law.
  • VCDPA - The Virginia Consumer Data Protection Act.
  • CPA - The Colorado Privacy Act.
  • CTDPA - The Connecticut Data Protection Act.
  • UCPA - The Utah Consumer Privacy Act.
  • FDBR - The Florida Digital Bill of Rights
  • OCPA - The Oregon Consumer Privacy Act
  • TDPSA - The Texas Data Privacy and Security Act
  • MTCDPA - The Montana Consumer Data Privacy Act
  • TIPA - The Tennessee Information Protection Act
  • MODPA - The Online Data Privacy Act
  • MNCDPA - The Consumer Data Privacy Act
  • PIPEDA - The Canadian Personal Information Protection and Electronic Documents Act
  • COPPA - The Children’s Online Privacy Protection Act (COPPA) imposes restrictions on how data can be collected and used from children under the age of 13.
  • CARU - A self-regulatory organization for the promotion of responsible privacy practices to children under the age of 13
  • DPA - A Data Processing Addendum (or Data Processing Agreement) forms part of a contract and governs the rights and obligations of each party concerning the processing of personal data.
  • ATT - iOS 14 and later requires publishers to obtain permission to track the user's device across applications. This device setting is called App Tracking Transparency, or ATT.