EU and UK users have the right to ask Unity to show them, correct, or delete their personal data, and to object to how Unity uses it, including for advertising. Requests can be submitted at privacy.unity.com or by emailing privacy@unity3d.com.
This analysis describes what Unity's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
These rights give EU and UK users meaningful legal tools to control their data held by Unity, including the ability to object to profiling for advertising purposes, which can stop Unity from building or using a behavioral ad profile on you.
EU and UK users can exercise the right to object to profiling and targeted advertising, which if honored means Unity must stop using their behavioral data for advertising targeting; exercising these rights through privacy.unity.com is the most direct way to limit Unity's advertising data use.
How other platforms handle this
If you are located in the EEA or UK, you may have the following rights under applicable data protection law: the right to access your personal data; the right to rectify inaccurate personal data; the right to erasure of your personal data; the right to restrict processing of your personal data; the ...
In addition to the above rights, your local laws (including those in the EU, UK, Japan, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Virginia, or Utah) may afford you f...
If you are located in the European Economic Area or the United Kingdom, you have certain rights under applicable data protection laws, including the right to access, correct, or delete your personal data, the right to object to or restrict processing, and the right to data portability. You may also ...
Monitoring
Unity has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you are located in the European Economic Area or the United Kingdom, you have the following rights regarding your personal data: the right to access your data, the right to rectification, the right to erasure ('right to be forgotten'), the right to restrict processing, the right to data portability, the right to object to processing (including processing for direct marketing and profiling), and the right to lodge a complaint with a supervisory authority. To exercise these rights, please contact us at privacy@unity3d.com or use our privacy request portal at privacy.unity.com.— Excerpt from Unity's Unity Privacy Policy
REGULATORY LANDSCAPE: This provision implements GDPR Articles 15-22 and the equivalent UK GDPR provisions, covering the full suite of data subject rights. The identified EEA controller is Unity Technologies Finland Oy, meaning the Finnish Data Protection Ombudsman is the lead supervisory authority for GDPR purposes, though users in any EU member state may lodge complaints with their local supervisory authority. The right to object to profiling under Article 21 is particularly significant given Unity's advertising business model. GOVERNANCE EXPOSURE: Medium. Unity's provision of a centralized rights request portal at privacy.unity.com and a dedicated privacy email address is consistent with GDPR operational requirements. Key governance risks include response time compliance (GDPR requires response within one month, extendable to three), the technical feasibility of honoring erasure requests across Unity's SDK data infrastructure and partner data shares, and the adequacy of identity verification processes for rights requests submitted by individuals who have no direct account with Unity. JURISDICTION FLAGS: EU and EEA users are covered under GDPR; UK users are covered under UK GDPR post-Brexit. The Finnish DPA is the lead EEA supervisory authority. The right to data portability under Article 20 applies only where processing is based on consent or contract, not legitimate interests, which limits its scope in the advertising context. CONTRACT AND VENDOR IMPLICATIONS: Game developers using Unity's SDK who receive GDPR data subject rights requests from their end users must assess whether they have contractual mechanisms to pass those requests to Unity as the relevant data controller or processor. Data processing agreements between Unity and developer customers should address the handling of data subject rights requests that are received by developers but relate to Unity-controlled data. COMPLIANCE CONSIDERATIONS: Compliance teams should audit the response workflows for data subject rights requests submitted via privacy.unity.com, including identity verification, response timelines, and technical fulfillment processes especially for erasure of data held in advertising partner systems. Documentation of legitimate interests assessments supporting processing of end-user data should be reviewed to confirm they withstand balancing test scrutiny under GDPR Article 6(1)(f).
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
These rights give EU and UK users meaningful legal tools to control their data held by Unity, including the ability to object to profiling for advertising purposes, which can stop Unity from building or using a behavioral ad profile on you.
EU and UK users can exercise the right to object to profiling and targeted advertising, which if honored means Unity must stop using their behavioral data for advertising targeting; exercising these rights through privacy.unity.com is the most direct way to limit Unity's advertising data use.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Unity.