Autodesk Privacy Statement

Updated:  October 24, 2014

Autodesk and you
How to use this privacy statement
What this privacy statement covers (and what it doesn’t)
How to contact us
Self-regulatory frameworks
Information we receive from and collect about you
Information and content that you disclose
Storage, retention and deletion of personal information
How we use personal information
Sharing information inside the Autodesk family of companies
Sharing information with third parties
Sharing information with companies, organizations or institutions with which you are affiliated
Security and integrity of personal information
Changes to this privacy statement
Children’s Privacy Policy
Education and FERPA
Cookie Policy

Autodesk and you

How to use this privacy statement

This privacy statement tells you about our online and offline privacy practices.
Our primary goal is to help you understand what we do (and don’t do) when it comes to your personal information, so we’ve done our best to be clear.  We’ve provided different ways for you to look up topics of interest to you.  As a result, we may repeat important points. 
In this statement we refer to our products, online services and web services, and apps (online, mobile and desktop) as “applications.”  Sometimes we may refer to something specific like a “website,” “mobile application” or “online service” for clarity.

What this privacy statement covers (and what it doesn’t)

Websites and applications that link to this privacy statement are covered

This privacy statement tells you about our privacy practices for our websites and applications that include a link or reference to this statement.  It also tells you about our marketing and advertising practices, and applies to our offline practices. 

Sometimes there’s more information in context, when you need it

Some of our websites and applications may display supplemental privacy or data collection notices that we share so you can make informed choices about what you want to do at the time you review the notices.  For example, you may see a notice explaining a data collection program in an application, and your choices for participating.

Websites and applications that do not link to this privacy statement are covered by other privacy policies or statements

Sometimes, websites and applications owned by Autodesk may have their own privacy statements or policies.  For example, we may buy another company to expand our business, and need some time to fully integrate the company’s privacy practices with the ones we explain here.

Third parties

Third parties are responsible for their own privacy practices.  These include social media platforms or other company websites that we link to from our websites and applications.  Be sure to read the privacy policies, supplemental notices, and settings of all websites or platforms that you visit so you can understand their privacy practices and your options.

Terms of use, terms of service and software license agreements cover issues like content

Websites and applications are subject to terms such as our website terms of use, application terms of service, and software license agreements.  These terms can help answer questions you may have about the confidentiality and security of designs and other content you create, and the effect when you share and post content.

How to contact us

If you have privacy questions, concerns or complaints you can contact us by the methods below.
In any correspondence, please include the name of the website or application about which you are contacting us:

Contact us through our webform

By email at (remove the spaces):

privacy.questions @ autodesk.com

By postal mail to:

Privacy Questions
Autodesk, Inc.
The Landmark @ One Market
Suite 500
San Francisco, CA 94105
U.S.A.

Regarding children’s privacy matters, you can also contact us:

By phone at: 1-415-547-2288

By email at (remove the spaces):

For Tinkercad: tinkercad.parents @ autodesk.com

For 123D Circuits: 123DCircuits.parents @ autodesk.com

For Project Ignite: projectignite.parents @ autodesk.com

Please note that if you contact us to assist you, for your safety and ours we may need to authenticate your identity before fulfilling your request.

Self-regulatory frameworks

By email at (remove the spaces):

privacy.questions @ autodesk.com

By postal mail to:

Privacy Questions
Autodesk, Inc.
The Landmark @ One Market
Suite 500
San Francisco, CA 94105
U.S.A.

Information we receive from and collect about you

User IDs, registration, purchases, and contact with us
Data supplementation
Making purchases
Contacting us
Autodesk desktop product activation, connectivity, and automatic updates
Websites and applications available on a consumption basis
In-application data collection programs
Our websites and servers, your use of browsers
Advertising on our websites and in applications
Advertising networks
“Do not track” and similar mechanisms
Social networking pages
Social networking widgets and third party tools

User IDs, registration, purchases, and contact with us

We collect information that identifies you when you (or someone acting on your behalf, like an administrator, school or parent):

• create a user ID to access our websites or applications (including through social media credentials)
• create a user profile
• register a product or to attend an event
• make a purchase
• contact us for services, support, information or other reasons. 

Some information is required, other information is optional.
For our customers who make purchases through our channel partners or ecommerce providers, we will receive personal information about you from these companies so that we can have an accurate record of applications to which you have access.
Please note that if you contact us to assist you, for your safety and ours we may need to authenticate your identity before fulfilling your request. 

Data supplementation

To help keep our databases current and to provide you with more relevant content, experiences and offerings, we may combine information you give us with information from public sources and trustworthy companies (such as our resellers and ecommerce providers, and business contact databases), all in accordance with applicable law.
For example, these sources can tell us about the company size and industry of our business customers, and also help us maintain the accuracy of our databases.

Making purchases

When you make purchases through our websites, we use a payment processor and do not receive credit card or other financial information (other than confirmation that payment in a certain amount has been made).  We may collect contact information from you that we pass through to the payment processor to facilitate the transaction.  Our e-store is run by an ecommerce provider.
You can contact our ecommerce provider and payment vendors as set forth in their respective privacy policies:

• Digital River
• BlueSnap
• PayPal
• Stripe

Contacting us

When you contact us to request services, support or other information, we may keep a record of the communication to help resolve the matter you contacted us about and consistent with our rules around data retention.

Autodesk desktop product activation, connectivity, and automatic updates

We collect system information during the desktop product activation process.
Many of our desktop applications include features that require online connectivity to make certain features work.  We will collect system information during these processes.  Also, if you need to login to access our desktop software or certain features, this information may be associated with you.
You can get more information by reading the terms of service or software license agreement that applies to the websites or applications you are using.
Certain of our desktop applications include features that allow you to enable automatic updates.  Where these features are enabled:

• We may receive information such as whether the install was successful.
• For our 2015 professional products and beyond, we collect information that may identify you to your system administrator.

Learn more about:

• Desktop product activation

Websites and applications available on a consumption basis

Some of our websites or applications are available on a consumption basis.  This means that you (or the company, organization or institution through which you receive access):

• receive access up to a certain limit
• pay for access based on your amount of use

For these types of websites and applications, we track your usage against how much access you (or the company, organization or institution through which you receive access) have been provided or paid for, as applicable.
Learn more about sharing with your company, organization or educational institution.

In-application data collection programs

• Desktop applications

Some of our applications include specific data collection programs.  Depending on the application or program, we may associate this data with your personal information.

Generally you will see a notice about this data collection in context, and you can follow the instructions to get more information and learn about your choices. 

Here is a list of our most common programs:

• Customer Involvement Program (CIP)
• Desktop Analytics Program (DAP)
• Customer Error Reporting (CER) and similar programs

For CIP and DAP, you can change your choice by going to the Help, Preferences, or other menu as prompted, opening the program dialogue box, and following the instructions.  For CIP and DAP, your choice will apply to all Autodesk desktop products installed on your computer.

For CER and other error reporting programs, a dialog box will appear in-application after the error has occurred, and you will be told what information the tool will collect, how it will be sent to us, and any other relevant information about the tool or its use.  You must choose to send us the report.

• Trial, preview and pre-release (beta) applications

For trial, preview or beta applications your limited or full participation in an in-application analytics program may be a condition of receiving access to those products.  Please review the applicable terms of service, license agreement and any specific privacy or data collection notice attached to a given application for more details.  If you do not wish to participate please do not use these products. 

• Mobile applications

We may use the Desktop Analytics Program in our mobile applications.  We may also use third party analytics services to support analytics for some of our mobile applications.  For details about a specific mobile application, please read the About section (iOS and Microsoft mobile devices) or the Legal/Privacy section (Android devices).  You can opt-out of data collection for an application by following the in-application instructions.  Unless the data collection notice in About or Legal/Privacy tells you otherwise, the control selection will be located in the application or device settings (iOS devices), the settings menu (Android devices) or the About section (Microsoft devices).

For convenience, here is a non-exclusive set of links to the privacy policies and opt-out instructions to services we may use:

• Flurry
  • Privacy Policy: http://www.flurry.com/about-us/legal/privacy.html
  • End user opt-out: Follow instructions provided via the notice in our mobile application.
  • Alternatively, please go to http://www.flurry.com/user-opt-out.html or see current instructions in the Flurry Privacy Policy.
• Mixpanel
  • Privacy Policy: http://mixpanel.com/privacy/
  • End-user opt-out: Follow instructions provided via the notice in our mobile application. 
  • Alternatively, please go to https://mixpanel.com/optout/ or see current instructions in the Mixpanel Privacy Policy.
• Google Analytics (Measurement Protocol SDK)
  • Privacy Policy: www.google.com/policies/privacy
  • End-user opt-out: Follow instructions provided via the notice in our mobile application. 

• Cloud services
  
  

  Our cloud services require you to login.  In addition to providing you with entry to our systems, we monitor the general access and use of our applications and cloud services; for example, in order to:

  • provide you with access to features and activities on our websites and applications
  • confirm your entitlement to use specific features and services
  • provide customized content and resources based on your activity
  • improve our sites and applications to better serve you on whatever device you are using
  • conduct research and analysis to address the performance of our sites and applications
  • help maintain a secure system, detect fraud and protect you

  Depending on the specific service or features of that service, we may track usage for billing or other reporting purposes (learn more). 

Our websites and servers, your use of browsers

When you communicate with us, access our websites and servers through a browser, application, or other client, our servers automatically collect and record information. 

For example, your browser or device may tell us:

• your browser type
• language preference
• the Internet Protocol (IP) address (which may tell us generally where you are located)
• the type of device or system you used

Your browser may also tell us information such as:

• the time and date of your request
• the page that led you to our website
• the search terms you typed into a search engine that led you to our website, if applicable.

Advertising on our websites and in applications

Our websites and applications may feature ads for other companies’ products and services, as well as ads for our own applications.  We collect information about ad views for reporting purposes using tools like pixels tags (for example, to see how many total unique views of an ad there are).

Please note that if you choose to click on an ad or participate in promotions of any third-party advertisers via an ad that appears in our website or application, this is solely between you and the advertiser and your participation is subject to the terms and conditions associated with that ad or promotion. 

Learn more about how we do (and don’t) share information with third parties.

Advertising networks

We may work with one or more advertising networks (each an Ad Partner) who use cookies, pixels tags, or other technologies to collect information in order to serve you ads and help us track results. 

Examples of this information may include, but are not limited to:

• websites you visit
• mobile apps you use
• preferences you may provide us as the application provider (such as language preferences)
• your IP address (for purposes of determining your general location)
• device ID, MAC address, and browser information

This information helps:

• ensure that appropriate advertising is shown in the application or on the website
• calculate and control the number of unique and repeat views of a given ad
• deliver ads that relate to your interests
• measure the effectiveness of ad campaigns

Some technology enables advertising to be temporarily uploaded onto your mobile device and then be replaced while you are online. 

Our Ad Partners deliver ads for us and may combine the information collected or obtained from us with other information they have independently collected from other websites and/or other online or mobile products and services relating to your browser's activities across their network of websites.

You may opt out of the use of your information by Ad Partners by using the Network Advertising Initiative tool.  If you delete all cookies, use a different browser, or use a different computer, you will need to use the tool to renew your opt out choice.

Get more information about online advertising from the National Advertising Initiative

Get information about online advertising from the Interactive Advertising Bureau

Learn more about how we do (and don’t) share information with third parties.

“Do not track” and similar mechanisms

Some web browsers may transmit "do-not-track" signals to websites with which the browser communicates.  Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they are even aware of them.
Participants in the leading Internet standards-setting organization that is addressing this issue are in the process of determining what, if anything, websites should do when they receive such signals. Autodesk currently does not take action in response to these signals. If and when a final standard is established and accepted, we will reassess how to respond to these signals.
For information about cookies, web beacons and similar technologies, please read our Cookie Policy.

Social networking pages

We have pages on many social networking platforms where you can visit and communicate with us.  We may collect information when you visit our social networking pages, for example if you follow or “like” us. 

Be sure to review the privacy and data usage policies of any social networking platform you use to learn more about its personal information practices and your options.

Social networking widgets and third party tools

Our websites and applications may include buttons, tools, or content that links to another company’s services (for example, a Facebook "Like" button on a webpage or a Google Maps feature in an application).  We may collect information about your use of these features through our application usage metrics and analytics programs.

In addition, when you see or interact with these buttons, tools, or content, or view our webpage or application containing them, some information from your browser may automatically be sent to the other company. Please read that company’s privacy policy for more information.

Information and content that you disclose

Some of our websites and applications allow you to post “likes,” comments, profile information (including profile images), videos, photographs, images, design files, and other content that may include or be associated with personal information for others to see. 

Please keep the following in mind:

Be thoughtful about what you post

We urge you to be careful and thoughtful when deciding to disclose personal information on our applications and websites.  If you are posting information you do not want to be disclosed publicly, make sure you are using a website or application that allows you to control who sees information you have posted.

Information you post may be disclosed to others

In some cases you can limit who can view or access information and content you post.  In other cases, the information and content might be available to registered members of the application or website, or even to the general public.  For example, information posted on Area, Instructables, or Socialcam will be public by default and posted under your user name. 

Your personal information may be disclosed to others

Your name, user name, profile image, or email address (particularly if this is your user name) may be posted along with any message or other content you post through some of our applications and websites. 

If you choose to share personal information in a public post or in a direct communication to another user through our application platform, the access limitations, security protocols and other commitments in this privacy statement will not apply to the information shared. 

If you close your account after you make public posts on a forum, the posts may remain up after your account closure.  In addition, copies may remain viewable in cached or archived pages of our websites, or if other end users have copied or saved the information.

Please see our section on sharing information with companies, organizations or institutions with which you are affiliated.

Profile information

We want to be sure the personal information we maintain is accurate, complete and up to date.  You may have the right under applicable data protection laws to access the personal information that we keep for you, on request to us, except in certain limited circumstances (for example, where an applicable law requires us to deny such access). 
You can update, correct or delete your profile information by following the instructions below.  Also, note that we need to retain certain records for legal or internal business reasons, and some of your information may remain on backup systems, in compliance with applicable law.

• Autodesk ID.  Login and make edits to your profile and information by following the instructions.  A sign in help page is available if you have any problems. 
• Contact ID.  Users from Japan with a Contact ID, please use the Japan login page.
• For websites that do not use Autodesk ID.  Login to the applicable website or application and make changes to your profile and information by following the instructions.
• For applications directed to children. Please see our Children’s Privacy Policy.
• For help please contact us.
  • Please tell us the specific website or application you need help with, along with your specific request. 
  • Please note that if you contact us to assist you, for your safety and ours we may need to authenticate your identity before fulfilling your request. 

Removing content you have posted 

To remove content you have shared on our websites and applications, please use the same website or application feature you used to share the content and follow the instructions.  An option to remove content may not always be available, for example on forums.
Where someone has invited you to comment on, or view or edit content through our websites or applications, you may be able to edit or delete your contributions or the user who has invited your participation may have control over these options.
Please also see our section on storage, retention and deletion of personal information.

APIs

For some websites or applications, we may allow access to certain content that you have shared, including personal information, through an application programming interface (API). 

Learn more about APIs.

Customer controlled services

Autodesk customers may invite you to participate in a customer-specific site of an application, such as the Autodesk PLM360, Buzzsaw, or Constructware services.  The customer site administrator manages these invitations, and requests to change or update information you provided when registering should be directed to that site administrator.   AUTODESK ACTS ONLY AS A SERVICE PROVIDER TO OUR CUSTOMERS IN CONNECTION TO THESE APPLICATIONS, AND IS NOT RESPONSIBLE OR LIABLE FOR THE USE AND/OR DISCLOSURE OF PERSONAL INFORMATION ABOUT YOU BY SUCH CUSTOMERS.

Storage, retention and deletion of personal information

Where we store personal information

We store personal information and data files associated with you on Autodesk servers and servers of companies we hire to provide services to us. 

This information may be stored in the United States and in other countries where Autodesk operates, and in countries where our service providers operate. 

Please see the sharing with third parties section for more information about our practices and requirements we place on service providers.

If you are in the European Union, Switzerland, or other regions with laws governing data collection and use

If you are in the European Union, Switzerland, or other regions with laws governing data collection and use, you agree to the transfer to, processing and storage of your personal information in the United States and other countries, the privacy laws of which may be considered less strict than those of your region.  This consent applies in addition to other legal grounds for transfer, processing and storage of your personal information, such as for contract fulfillment purposes.

See the self-regulatory frameworks section for information about our EU/US and Swiss/US Safe Harbor certification.

Data retention

We will keep personal information about you only as long as we need it:

• to honor your choices
• to fulfill the purposes described in this privacy statement
• as required or permitted by applicable laws and regulations.  (For example, some laws and regulations may require us to retain certain transactional data.)  

We try to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, please note that when you delete information, we may not immediately delete residual copies from our active servers and may also retain information in our backup systems.

Destruction of information

We take reasonable measures to destroy or permanently de-identify personal information in a secure manner when it is no longer required.  (For example, when the information is printed on paper, we take reasonable measures to delete or destroy it by shredding or incineration; where the information is stored electronically; we use technical means to render the information unusable.) 

You may also want to review the security and integrity of personal information section.

How we use personal information

We strive to use personal information about you in useful ways, including:

• For website, application and service related purposes

  • verifying eligibility to access our websites and applications
  • delivering services, support or information you have requested
  • for any related purpose that you would reasonably expect, such as general administrative functions

• For communications

  • sending necessary business communications, such as
    • application service packs
    • notices about upcoming events like an account or subscription expiration date
    • reminders that you need to take an action such as complete a payment
  • sending platform communications, such as
    • alerts someone has commented on or “liked” a post you have made
    • someone you follow has made a post
    • someone invites you to join their group or view their content
  • sending communications with information about us, including
    • newsletters
    • voluntary surveys
    • new applications
    • special offers or promotions
    • information about events

  We may personalize or refine communications content for you based on the products or services you use, subject to your communications choices.  For example, we may send you “tips and tricks” communications designed to help you use our products or services more efficiently. 

• Your communications choices

  • You can subscribe to or unsubscribe from Autodesk commercial communications, using our webform, or follow the unsubscribe instructions in communications you receive.
  • For websites and applications where you have a user profile or dashboard, login to your account and change your communications preferences, or follow the unsubscribe instructions in communications you receive.
  • If you need help please contact us.  Remember, we may need to contact you for business reasons so and unsubscribe or opt-out from commercial communications will not affect these business communications.

• To facilitate introductions or connections

  Sometimes a company or organization (including ones with which we have a business relationship) may ask us to make a business introduction to one or more users of 123dapp.com, Socialcam, Instructables, Pixlr, and similar websites and applications.  We may contact you with details to ask if you are interested. We will not share your contact information without your permission.

  You can say no to a specific introduction, and you can also ask not to receive requests for introductions in the future.

• For measurement, improvement and personalization

  • measuring and better understanding how our websites and applications are used, so we can improve them
  • tailoring your overall experience with us, including our websites, applications and marketing

• For licensing, safety and security purposes

  • reducing software piracy and fraud
  • ensuring our applications and websites are used in compliance with applicable terms of the law, protecting our customers and end users

• To help you make informed choices

  • to ask you for a permission in context (such as a marketing permission, or permission to access certain information on your mobile device)
  • as explained in any supplemental privacy or data collection notice for a website or application

• For sharing

  • we share information within our family of companies, with third parties and with your company, organization or educational institution as described below  

Sharing information inside the Autodesk family of companies

We may share your personal information within Autodesk or any of our subsidiary companies worldwide for purposes of:

• data processing or storage
• providing you with access to our websites and applications
• guiding decisions about websites, applications and communications
• for other purposes described in this privacy statement

Autodesk, Inc. is the party responsible for the management of the jointly-used personal information, and we and our subsidiaries agree to follow data privacy principles and procedures that help protect your personal information.

Sharing information with third parties

• When you agree to the sharing

  We do not share personal information about consumers with third parties for their own direct marketing purposes unless the consumer agreed to that sharing. 

• Service providers

  We may share information about you with companies, contractors and agents that help us to run our business.  (If you are in Europe, you may know these types of companies as “data processors.”)  These companies, contractors and agents provide services to us like

  • fulfilling orders
  • sending emails to you on our behalf
  • delivering customer support
  • storage and analytics services
  • processing payments

  We require these companies, contractors and agents to agree to use reasonable safeguards to protect information about you.  They will have access to some of your information, limited to what they need to provide services to us.  They are not allowed to use personal information they receive from us for their own purposes. 

• Our channel partners

  If you are a professional business customer, we may share your personal information with our channel partners and sales partners for operational purposes, such as order fulfillment and to confirm information about what applications you have access to.

  Note that you may receive marketing communications from our channel partners based on your relationship with them.

• To comply with legal process, and address safety and security concerns

  We share personal information when:

  • we are required to provide information to comply with applicable laws, subpoenas, court orders or other legal processes
  • we have a good faith belief that the disclosure is necessary to prevent or respond to fraud, defend our websites or applications against attacks, or protect the rights, property and safety of Autodesk, our customers and users, or the public

• Sale of some or all of our business

  If we merge with another company or if we decide to sell or reorganize some part or all of our business, assets or stock (including if we file for bankruptcy or are part of a similar proceeding), we may share personal information.   You acknowledge that such transfers may occur, and that any acquirer of the part of our business, assets or stock affected may continue to use information about you as set forth in this privacy statement.

• Aggregated information

  We may share or publish aggregated information and other information that does not specifically identify you, such as statistics about the number of visitors to our websites or about how customers and end users use our applications.
  Please also review our Cookie Policy.

Application programming interfaces (APIs)

We may allow access by third parties to certain content, including personal information, posted through websites or applications through an application programming interface (API). 
API access will be mentioned in the applicable terms of service.  We place limitations on what third party developers can do with information.  You can find links to the applicable App Developer Agreement through the applicable terms of service.  For convenient reference, here is a non-exclusive list of the current agreements:

• Socialcam REST API Terms

Below is information about your choices.

Public information access by third-party applications

On some websites and applications, content you post is public and cannot be marked as non-public or private.  Check the posting controls for the specific application or website you are using.
Where there is an option to mark content as private or otherwise choose a non-public status, and you choose the non-public option, third party developers will not be able to access the following information through a public information access API:

• the content (including its title, and public comments you include with the content);
• the name (or pseudonym) associated with your account;
• the profile image associated with you;
• the profile URL (which may include user ID) for the account.

If your content is “public” but you do not want developers to have access to your real name or profile image (for example, if it is a picture of your face), use a pseudonym or “handle” and use a profile image that does not consist of a picture of you.

Authenticated access by applications

You may choose to use third party applications that manage your interactions with our websites or applications.  For example, third party applications may want to do the following types of activities:

• Manage relationships: to manage user relationships on your behalf, such as follow, unfollow, block, and unblock people, and to approve people who want to follow you on our website or application;
• Manage content: to post and remove content on your behalf;
• Manage likes: to manage likes and similar actions on your behalf; and
• Manage comments: to manage and post comments on your behalf.

We require the app developers to explain what actions they will take and also what information (including personal information) they need to access in order to take these actions, and to get your approval.  In addition, we require developers to provide a link to an explanation of their privacy practices.
It is your choice to approve or not approve access by these third party applications.

Limitations on access by third party applications

In both cases described above, third party application developers are not allowed to use your personal information for marketing or promotional purposes without your consent, and are otherwise restricted in their use of your information by the terms of the applicable App Developer Agreement.

Sharing information with companies, organizations or institutions with which you are affiliated

• Usage information/consumption reporting

  The company, organization or institution through which you have access to our websites and applications may have set up an agreement with us to receive usage information (for example, usage reporting for billing purposes), subject to privacy and employment laws.

  This usage information may be reported on in aggregated form, or it may be reported on in various ways, including to the level of individual usage depending on our agreement with you or the company, organization or institution through which you receive access, as applicable.
  You can get more information by reading the terms of service or software license agreement that applies to the websites or applications you are using, or by talking to your license or contract administrator.

• Collaboration tools and features

  Our applications may include collaboration tools that allow others within and outside of your company, organization or institution to view, share and comment on a project on which you have been working (including models, designs or other information).  If you have posted information or comments, for example, these will be associated with your user name.

• Administrator tools

  • Automatic updates

    We collect information that may identify you to your system administrator in connection with the automatic update process, to help your administrator determine what updates you need. 
    Your system administrator can enable his/her ability to view identifying information.  The information collected and which might be shown includes:

    • Your corporate user login name
    • Your computer’s name or description (for example, “Liu’s Desktop”)
  • FERPA support

    We may provide access to information to an educational institution with which you are affiliated, or to your parent or legal guardian, in order to help the school comply with FERPA obligations.

  • COPPA compliance 

    Please see our Children’s Privacy Policy for information about parent/guardian access to children’s information.

Security and integrity of personal information

Changes to this privacy statement

We may update this privacy statement from time to time.  Check the “last updated” section at the top of this privacy statement to see the last time the privacy statement was changed. 
If we decide to make changes to our privacy statement on a forward going basis, we will tell you and other users by placing a notice on www.autodesk.com and/or by sending you a notice to the e-mail address (if any) we have on file for you. We may also give you notice through our applications and on our other websites. You should periodically check www.autodesk.com, our other websites and this privacy statement for updates.  Your continued use of our applications and websites constitutes your agreement to this privacy statement.
For changes to this privacy statement that may be materially less restrictive on our use or disclosure of personal information you have provided to us, we will obtain your consent before implementing the change.  Please contact us if you have questions.

Children’s Privacy Policy

Our Children’s Privacy Policy explains:

• our information collection practices
• how we might disclose personal information, and
• our parental consent practices

in accordance with the U.S. Children’s Online Privacy Protection Act (“COPPA”). 

COPPA applies to information provided online by children under the age of 13 (“child” or “children”).  For more information about COPPA and general tips about protecting children’s online privacy, please visit OnGuard Online.
Here are some quick links to help you find information:

• Information we collect from children, how we use it, and how and when we communicate with parents
  • Registration
  • Verifiable parental consent
  • Specific activities
• When information collected from children is available to third parties
• Parental Choices and Controls
• Certification

Information we collect from children, how we use it, and how and when we communicate with parents

Here are ways in which we collect personal information from children, as well as how and when we will provide parental notice and/or seek parental consent.  In the event we discover we have collected information from a child in a manner inconsistent with COPPA’s requirements, we will promptly either delete the information or seek the parent’s consent for that collection.

Consistent with what COPPA requires, where we have an age screen in place and we determine the user is age 12 or under, we will:

• ask for a parent or guardian email address before we collect personal information from the child
• offer an age-appropriate experience for the child, consistent with COPPA requirements, or
• not allow access to those sections or features the site or application directed to a general interest audience (those age 13 and over).

Registration

Where an application is age appropriate, children can register with our website or application to (among other things):

• view, interact with and download content
• take tutorials, create, edit, and import content
• like or follow other creators and their content
• comment on others’ content
• participate in contests
• view in application notifications
• create “wishlists” of items they are interested in (like robotics kits)

During the registration process, we may ask the child to provide certain personal information for security purposes and so we can send notices to parents, including:

• a parent or guardian’s email address
• the child’s first name
• the child’s member or account username, and password

We also may ask for birth dates from children to validate their ages.

A child’s username will be either:

• a random combination of words suggested by our systems, or
• a child can select their own username, and we advise children not to provide any personal information in their usernames

If a child chooses not to share their personal information with us, this limits their access to account creation and certain features.  

We will not require a child to provide more information than is reasonably necessary in order to participate in an online activity.

Also, we will keep the information consistent with our retention practices – that is:

• to honor your choices
• to fulfill the purposes described in this privacy statement; for example:
  • only so long as reasonably necessary to fulfill the activity request or allow the child to continue to participate in the activity
  • to help ensure the security of our users and our services
• as required or permitted by applicable laws and regulations

Verifiable parental consent

Depending on the website or application, we may seek different types of parental consent.  In each case, when we ask for consent we will provide notice about the specific activities available to a child through the website or application.

High level parental consent

We seek “high-level” consent from a parent as follows:

• by asking for a credit card or other payment method for verification (with a nominal charge involved), or
• by requiring a signed consent form by mail or email attachment.

After providing high-level consent, we may offer parents the opportunity to use a pin or password in future communications as a way to confirm the parent’s identity.

Teacher consent in lieu of a parent

For school-based activities, COPPA allows teachers and school administrators to act in the place of parents to provide consent for the collection of personal information from children. Schools should always notify parents about these activities.

In some cases, in order that an account is not closed and so that a child can continue to use a website or application outside of the school context, we may ask schools to obtain consent directly from a parent instead of and/or in addition to providing consent in the place of a parent.

For more information on parental rights with respect to a child’s educational record under the U.S. Family Educational Rights and Privacy Act (FERPA), please see the FERPA section below.

Specific activities

Content Generated by a Child

Our websites and applications include activities that allow children to create or manipulate content and save it.  Some of these activities do not require children to provide any personal information and therefore may not result in notice to the parent or require parental consent.

If an activity potentially allows a child to insert personal information in their created content, we will seek verifiable parental consent.

Examples of child created content that may include personal information are

• open-text fields
• drawings that allow text or free-hand entry of information
• uploaded content that includes text, models or images

If, in addition to collecting content that includes personal information, we plan to post the content publicly or share it with a third party for the third party’s own use, we will obtain “high-level” parental consent.  An example of another party’s use of the information would be an online magazine using an application programming interface (API) to access and republish (as part of a “feed” or online display) one or more designs a child has posted publically.  This is similar to “Twitter feeds” or other social media feeds you might see in an online newspaper.

Forums and comments

Certain activities allow users to communicate directly with other users by means user forums or comments sections.  We first seek high level parental consent before allowing a child access to such features.

We strongly encourage children who use these interactive features on our websites and in our applications never to provide personal information about themselves or any third party, and not to attempt to circumvent any moderation features.

We also recommend that parents carefully supervise their children when the children participate in online activities.

Contests

For contests, we typically require only the information necessary for a child to participate, such as user name and parent email address (to notify the parent where required by law). We only contact the parent for more personalized information for prize-fulfillment purposes if the child wins the contest.

Email Contact with a Child

In some of our applications, we may collect online contact information, such as an email address, in order to communicate with a child who makes a specific request.  For example, a child may email us to ask for help in understanding how to use a design tool if she or he is having trouble with it, or the child may want to sign up for a monthly newsletter.  Here is how we would handle communication requests.

• One time communication

  After we respond to the child’s question or request, we will delete this information immediately after responding to the question or request.

• Communicating more than once

  Where there is an activity or service where we need to communicate with a child more than once:

  • If we collect the child’s contact information for ongoing communications (like for a newsletter), we will also require a parent’s email address (if we have not already obtained verifiable parental consent) so we can notify the parent about the collection and use, and to provide the parent with an opportunity to prevent further contact with the child.
    • If a child is engaged in more than one ongoing communication, the parent may need to opt-out of each communication separately.

Persistent Identifiers

When children interact with us, certain information may be collected automatically, both to make our sites and applications more interesting and useful to children and for various purposes related to our business.  
Examples include:

• the type of computer operating system
• the child’s IP address or mobile device identifier
• the web browser used
• the frequency with which the child visits various parts of our sites or applications
• information regarding the online or mobile service provider

This information is collected using technologies such as cookies, pixel tags, web beacons, and other unique identifiers.  This information may be collected by Autodesk or by a third party.  Please see our Cookie Policy for more details.
This data is used for internal purposes, in order to:

• provide children with access to features and activities on our websites and applications
• customize content and improve our sites and applications
• conduct research and analysis to address the performance of our sites and applications
• generate aggregated or de-identified reporting for use by Autodesk

In the event we collect (or allow others to collect) such information from children on our sites and applications for other purposes, we will notify parents and obtain consent prior to such collection.
The list of third-party operators who collect persistent identifiers on our websites and applications may be found at www.autodesk.com/privacy-appendix.

When information collected from children is available to third parties

• we may share information with our service providers if necessary for them to perform a business, professional, or technology support function for us
• we may disclose personal information if permitted or required by law, for example, in response to a court order or a subpoena
• to the extent permitted by applicable law, we also may disclose personal information collected from children:
  • in response to a law enforcement or public agency’s (including schools or children services) request
  • if we believe disclosure may prevent the instigation of a crime, facilitate an investigation related to public safety or protect the safety of a child using our sites or applications
  • to protect the security or integrity of our sites, applications, and other technology, as well as the technology of our service providers
  • to enable us to take precautions against liability

Please see the Sharing with Third Parties section of our Privacy Statement.

Parental Choices and Controls

• refuse to permit us to collect further personal information from their children in association with a particular account
• request that we delete from our records the personal information we have collected in connection with that account

Please keep in mind that a request to delete records may lead to a termination of an account, membership, or other service and that any content saved in that account may no longer be accessible.
Where a child under 13 has registered for an account, we use two methods to allow parents to access, change, or delete the personally information that we have collected from their children:

• parents can request access to and delete their child’s personal information by logging into the parent’s moderator account
• parents can contact us to request access, a change, or delete their child’s personal information by sending an email to us at (remove the spaces):
  • For Tinkercad: tinkercad.parents @ autodesk.com
  • For 123D Circuits: 123DCircuits.parents @ autodesk.com
  • For Project Ignite: projectignite.parents @ autodesk.com

Any other inquiries can be directed to:

By email at (remove the spaces):

privacy.questions @ autodesk.com

By postal mail to:

Privacy Questions
Autodesk, Inc.
The Landmark @ One Market
Suite 500
San Francisco, CA 94105
U.S.A.

Regarding children’s privacy matters, by phone at: 1-415-547-2288

In any correspondence such as e-mail or mail, please include:

• the name of the website or application
• the child’s username
• the parent’s email address and telephone number

To protect children’s privacy and security, we will take reasonable steps to help verify a parent’s identity before granting access to any personal information.

Education and FERPA

If you are using our applications through a school program, your personal information may be subject to the Family Educational Rights and Privacy Act (FERPA).  We have included information here that is most relevant to our products and services when they are used by schools that are subject to FERPA.  You can look at the U.S. Department of Education website for more information. 

FERPA is a United States law that provides certain rights with respect to student education records and personal information associated with those records.  Parents exercise these rights on behalf of their children under 18.  These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school (12th grade) level, known as "eligible students."

FERPA gives parents and eligible students certain rights (subject to limitations), including:

• the right to inspect and review the student's education records maintained by the school
• the right to request that a school correct records which they believe to be inaccurate or misleading.

As a general rule, schools subject to FERPA must have written permission from the parent or eligible student in order to release any information from a student's education record.  However, under certain circumstances schools are allowed to disclose records without consent, including under the following conditions:

• to school officials with legitimate educational interest
  • this can include vendors providing services to schools
• to other schools to which a student is transferring
• directory information (subject to an opt-out)
• to appropriate officials in cases of health and safety emergencies.

Schools are required to notify parents and eligible students annually of their rights under FERPA.  Each school can choose how to provide notification (for example, sending a special letter or including the information in a student handbook).

We help schools comply with their obligations under FERPA in various ways, depending on the application being used.  This can include obtaining consent directly from a parent or eligible student and providing them with direct access to relevant information within our applications, or providing schools with the ability to manage parent or eligible student requests.

Cookie Policy

• What “cookies ” are
• Types of cookies
• Why cookies are useful
• Who sets cookies
• Your choices about cookies

What “cookies” are

A cookie is a small amount of data that is sent to a browser from a web server and gets saved on the hard drive of the computer that you are using (in the browser folders).  Cookies collect standard information from your browser such as

• browser type
• browser language
• the website address you came from when you visited our website.

They may also collect information about

• your Internet Protocol (IP) address
• your clickstream behavior – this might include
  • the pages you view
  • the links you click
  • the date and time of your visit or request

Cookies may uniquely identify your browser or your account, but they do not necessarily identify you personally.  Cookies can also be used to help store personal information, for example where you ask us to “remember” you or keep you logged in.
There are session cookies and persistent cookies. 

• Session cookies only last during your session on a website – when you close your browser to end a session, the cookies end as well.

• Persistent cookies last longer, and are used to remember things over time, such as your language preference or that you are a unique user who is returning to a website.

To learn more about cookies and other automatic data collection tools, please visit www.allaboutcookies.org.

Types of cookies

We use what you can think of as three different types of cookies:

When you request a service or action through our websites or applications, these cookies are strictly necessary to:

• enable services (for example by letting you stay logged in)
• provide information that you requested
• allow you to use essential features

Here are some examples – cookies that:

• make an online shopping cart work
• support customer support chat functions
• improve security or prevent fraud

 If you disable these types of cookies, we may not be able to fulfill your request.

You make choices that make your experience with our websites and applications better for you and allow us to understand how our end users move around, use and interact with our websites and applications.
Functional and performance cookies help us remember your choices, and can improve your overall experience and enhance our services by giving us non-personal, statistical information about the effectiveness of our operations and promotional campaigns.
Here are some examples of when we would use this type of cookie:

• to remember your language or country preference
• in marketing emails, so we can see whether you open them or click on links in them
• on websites or in online services to understand how many new and returning users are using them

If you disable or opt-out of these cookies or other technologies, it may prevent you from using certain parts of our websites and applications, and it may reduce the support or information that we can provide you.

We use these types of cookies to collect information about your browsing or shopping history in order to tailor relevant marketing according to how you use our websites and applications.
We may share this information with third parties to help create and deliver advertising personalized to you and your interests.
If you disable or opt-out of these cookies, it may prevent you from using certain parts of our websites and applications, and it may prevent us from offering you some of our services.

Why cookies are useful

Cookies help us remember information that makes your experience faster and more useful to you … even if we don’t know exactly who you are. 

Here are a few examples of how cookies can make your experience better.  The application or website you use:

• remembers your language choice
• keeps stuff in your shopping cart
• shows you content that will be more likely to be useful and interesting to you
• makes the “remember me” option work
• helps you log in

Cookies are useful for us, too. They can let us know things like:

• how many unique visitors visit our websites
• whether someone is a new or repeat visitor
• which area or content on a particular website was most viewed or downloaded

Who sets cookies

We and our service providers (acting on our behalf) set cookies.

Third parties may also set cookies that we do not control.  For example, when you make purchases, our ecommerce vendors may use cookies.  You can review our ecommerce vendor’s privacy policy and terms of sale at checkout to understand their practices and your choices.

In addition, we may work with one or more advertising networks (each an Ad Partner) who use cookies to facilitate interest-based advertising on third party websites.  This interest-based advertising may include the remarketing of our products and services that you have viewed on our websites through ads on third party websites.

As a reminder, this privacy statement (including this cookie policy) does not apply to third party practices.

Your choices about cookies

You can modify your browser settings to control whether your computer or other device accepts or declines cookies. If you choose to decline cookies, as noted above, you may not be able to use certain interactive features of our websites or applications.

You can delete cookies from your browser; however, that means that any settings or preferences managed by those cookies will also be deleted and you may need to recreate them.  Depending on your mobile device, you may not be able to control tracking technologies through settings.

When we send you emails, they might include a web beacon or similar technology that lets us know if you received or opened the email and whether you clicked on any of the links in the email.   You can opt-out of marketing emails that may use web beacons.

You can also opt-out of certain functional and performance cookies that we use on our websites and applications.  You will have to opt-out for each browser that you use.
You can view a non-exclusive list of opt-out options at:

www.autodesk.com/privacy-appendix

Here are some specific examples for ease of reference.  We have included links here for your reference, but please check the companies’ respective sites for the latest information:

Google (including Google Analytics):

• privacy
• opt out (browser plug in)
• Google Ads Preferences Manager

Adobe (analytics tools):
Follow the opt-out instructions in:

• Adobe Privacy Center

Mixpanel

• privacy
• opt-out

You can also opt-out of receiving marketing advertisements from third party advertisers and ad networks who are members of the Network Advertising Initiative or who follow the Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising by visiting the opt-out pages on their websites.

We have included links here for your reference, but please check the organizations’ respective sites for the latest information:

www.networkadvertising.org/choices
http://www.aboutads.info