Documentation

Support

In-App Purchasing

In-App Purchasing

Privacy overview

Learn about privacy and data handling considerations when implementing Unity In-App Purchasing in your game.
Read time 2 minutesLast updated 15 hours ago
In-App Purchasing SDK - Expand your revenue opportunities across multiple stores and platforms with one SDK. Unity IAP supports industry-leading app stores, including Google Play, the App Store, and more. This documentation is intended to assist products to display their privacy compliance to Developers. It is not intended to be used as legal guidance or as a replacement to reading Unity’s Privacy Policy. If you have questions about a term used, please see the Glossary below. If you have further questions about the privacy implications of your product, please email DPO@unity3d.com with your question. For expediency, please list the product about which you are inquiring.

Personal Data Collected about App Users/Game Players

Default Personal Data Collected (always collected in order for the product to work)
  • This product does not collect any personal data about app users.
Optional Personal Data Collected (personal data which may be collected at choice/action of the end user/Developer)
  • This product does not collect any personal data about app users.

Relationship under Privacy Laws

Not Applicable

Legal Basis for Processing

Not Applicable

Consent (Opt in) vs Opt out

Not Applicable

Data Subject Requests

Not Applicable

Dependencies

Not Applicable

Data Retention

Not Applicable

Child Privacy

If required to do so under applicable laws, you (the developer) must obtain Verified Parental Consent prior to submitting child-user data, as outlined in the Unity Terms of Service.

Privacy Policy Requirements

It is never appropriate to use Unity’s privacy policy for your application. You will need to ensure that the personal data practices are reflected in your Privacy Policy, as required in the Unity Terms of Service.

Data Processing Agreement (DPA)

The Unity DPA applies to the transfer of data for this product.

Glossary & Notable Laws

  • GDPR - The General Data Protection Regulation (GDPR) took effect in the European Economic Area (EEA). References to GDPR also encompass UK GDPR which is the UK’s version of GDPR which applies post-Brexit.
  • CCPA - The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (“CPRA”).
  • PIPL - In November of 2021, Personal Information Protection Law (PIPL) took effect in China.
  • LGPD - The Brazilian General Data Protection Law
  • VCDPA - The Virginia Consumer Data Protection Act
  • CPA - The Colorado Privacy Act
  • CTDPA - The Connecticut Data Protection Act
  • UCPA - The Utah Consumer Privacy Act
  • PIPEDA - The Canadian Personal Information Protection and Electronic Documents Act
  • COPPA - The Children’s Online Privacy Protection Act (COPPA) imposes restrictions on how data can be collected and used from children under the age of 13.
  • CARU - A self-regulatory organization for the promotion of responsible privacy practices to children under the age of 13
  • DPA - A Data Processing Addendum (or Data Processing Agreement) forms part of a contract and governs the rights and obligations of each party concerning the processing of personal data.
  • ATT - iOS 14 and later requires publishers to obtain permission to track the user's device across applications. This device setting is called App Tracking Transparency, or ATT.