Last updated Wednesday, November 17, 2021
Amongst other legislation, this policy addresses the requirements of:
- The UK-GDPR (General Data Protection Regulation) and amended Data Protection Act 2018
- The Children’s Code (or Age Appropriate Design Code) – UK
- The European Union General Data Protection Regulation (GDPR) 2016/679
- The California Consumer Privacy Act (CCPA) (Scirra does not meet the revenue threshold for CCPA to apply to the company but we never the less believe that we meet the requirements of the Act)
- The Nevada Privacy Law (SB-220)
- The New York Education Law 2-D (Part 121) (This policy constitutes a Data Security and Privacy Plan to protect Personally Identifiable Information (PII) associated with the sale of Scirra products)
- The Children’s Online Privacy and Protection Act (“COPPA”) regulations
Please note that in order to use our apps and websites, you authorize Scirra to transfer your personal information across national borders and to other countries where Scirra and its data processing partners operate, including the United States. The privacy protections and rights of authorities to access your information in these countries may not be equivalent to those in your country. We will only transfer your personal information to these countries where permitted to do so by law and we will take steps intended to ensure that your personal information continues to receive appropriate protections.
Note that we DO NOT SELL any personal or non-personal information we hold.
If the content or information that you store on Scirra apps or websites contains personal information of other individuals, you must be legally permitted to share the personal information with Scirra.
Summary of Key Points
Where your consent is required, we will obtain your permission before (i) sending you news and
promotional material about Scirra; (ii) accessing information stored on your device relating to your
use of, and engagement with, websites and apps and bug reports; and (iii) using automated systems
to analyze your content. You can withdraw your consent to such activities at any time.
This policy explains when we process personal information for our legitimate interests. You can ask
us to stop processing this information.
We use your personal information to enable you to register with Scirra and to provide you with our
websites and apps.
There are several places within our websites and apps that allow you to post comments, upload
pictures, or submit content which will be publicly available where you choose to participate in these
activities. We also share information with third parties we engage to process information on our
behalf or when such sharing is required by law, or in certain other situations.
We transfer your personal information to the USA as a number of our servers and the servers of our
data processors are based there.
- Scirra websites, specifically www.construct.net and www.scirra.com
- Desktop apps and mobile apps (both referred to as "apps") that include a reference to this policy; and
- Scirra’s marketing, sales, and advertising practices.
Please also see the Scirra Terms and Conditions and End User License agreement that may apply to the app or website you are using.
What information does Scirra collect about me?
Scirra registration, purchase and customer support
If you use the Construct 3 Editor through Access Codes (https://www.construct.net/en/make-games/education/licensing) then we do not collect any personally identifiable information (PII).
In order to take advantage of certain features of the Website, you may also choose to provide us with other personal information, such as your picture or other personal details, but your decision to utilize these features and provide such data will always be voluntary.
If you choose to make purchases from us some additional personal information such as your name, delivery email address, Full name, Full address, Phone number and VAT data may be mandatory to complete the purchase. We use third party credit card processor Stripe and Paypal to process credit card payments. We do not hold the full credit card numbers.
- Authenticating and identifying you on our websites so we can provide you the services you requested
- Keeping track of information you have provided to us
- Providing you the Scirra websites that you use
- Remembering your preferences or where you left off in your use of a website
- Measuring your use of our websites so that we can improve them, tailor our websites to your likely interests, and conduct market research
Scirra apps and website
We collect anonymous data from every visitor of the Website to monitor traffic and fix bugs. For example, we collect information like web requests, the data sent in response to such requests, the Internet Protocol address, the browser type, the browser language, and a timestamp for the request.
We may contact you, by email or other means. For example, we may send you promotional emails relating to Construct.net, or other third parties we feel you would be interested in, or communicate with you about your use of the Construct.net website. We may also use technology to alert us via a confirmation email when you open an email from us. You can modify your email notification preferences by clicking the appropriate link included in the footer of email notifications. If you do not want to receive email from Construct.net, please opt out of receiving emails at the bottom of any Construct.net emails or by editing your profile preferences.
Buttons, tools and content from other companies
We also use social buttons provided by services like Twitter, Google+, LinkedIn and Facebook. Your use of these third party services is entirely optional. We are not responsible for the privacy policies and/or practices of these third party services, and you are responsible for reading and understanding those third party services’ privacy policies.
requirements of the Children’s Online Privacy and Protection Act (“COPPA”) and the UK Children’s Code requirements. Please see our Addendum to
of The Children’s Code.
You must be at least 16 to create an account on www.construct.net without consent from a parent
or guardian. We do not knowingly collect any data from any child under this age without consent of
a parent or guardian.
As described in an earlier section, there are two mechanisms by which the Construct 3 Editor may be
used. This is either through assignment of a license by the Subscription Administrator directly to a
Student user account or through use of Access Codes as detailed here:
In an education environment an Educator (the Subscription Administrator) may choose which
method to use. If Access Codes are used then we do not collect any personally identifiable
information (PII). If the Educator decides to assign licenses to accounts created by students then if
that student is under the age of 16, they must obtain their parent’s or guardian’s consent in order to
create an account. The only information that is then required to be provided is the email address of
Construct 3 enables students to share their projects with the Subscription Administrator in order to
simplify the teaching and assessment process. When this functionality is used, Scirra will store the
project file (.c3p file) on their servers for access by the Educator together with a user-provided file
name, and the student’s account name if they are not using Access Codes. We recommend that
educators do not request student names when entering file names in order to avoid storage of PII.
The stored Project file is automatically deleted after 72 hours and at no time do any Scirra company
personnel interact with that file, nor is it used for any purpose other than to make available to the
How does Scirra use the information it collects about me and what are the legal bases for these uses?
We use the information we collect about you for the following purposes:
To fulfill a contract, or take steps linked to a contract: this is relevant where you register to use a Scirra app or website (whether paid, or as a free trial). This includes:
- Providing you with the websites and apps for which you have registered,;
- Verifying your identity and country of origin;
- Taking payments;
- Sending you necessary communications (for example, related to payments or expiration of your subscription); and
- Providing customer service or support.
As required by us to conduct our business and pursue our legitimate interests, in particular:
- Providing you with the websites and apps for which you have registered and any other products and services you have requested;
- Analyzing your use and measuring effectiveness of our websites and apps to better understand how they are being used so we can improve them and engage and retain users;
- Sending you information about our products and services, special offers and similar information, and sharing some information with third parties for their own marketing purposes (where your consent is not required);
- Analyzing your use of our websites and apps, and interaction with our communications, to tailor and customize the website or app, and marketing communications;
- Sending you information about our products and services, special offers and similar information (where your consent is not required);
- Diagnosing problems in our apps and websites;
- Conducting surveys and market research about our customers, their interests, the effectiveness of our marketing campaigns, and customer satisfaction (unless we need consent to undertake such surveys, in which case we will only do this with your permission);
- Investigating and responding to any comments or complaints that you may send us;
- Checking the validity of the sort code, account number and card number you submit if you use a credit or debit card for payment, in order to prevent fraud (we use third parties for this – see “Does Scirra share my personal information?” below); and
- In connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of information in connection with legal process or litigation).
Where you give us your consent or otherwise consistent with your choices:
- Sending you information about our products and services, special offers and similar information, and sharing some information with third parties for their own marketing purposes (where your consent is required);
- Placing cookies and using similar technologies on our websites, on our apps and in email communications, in accordance with our Cookies Policy and the information provided to you when those technologies are used;
- Accessing information stored on your device relating to your use of, and engagement with, websites and apps and bug reports;
- On other occasions where we ask you for consent, we will use the information for the purposes which we explain at that time.
For legal reasons:
- Responding to requests by government or law enforcement authorities conducting an investigation.
- To detect, prevent, or otherwise address fraud, security or technical issues and software piracy (e.g., to confirm that software is genuine and properly licensed), helping to protect you as well as Scirra.
Does Scirra share my personal information?
Sharing with Data Processors
We will share personal information with companies, organizations or individuals outside of Scirra if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to detect, prevent, or otherwise address fraud, security or technical issues, as well as to protect against harm to the rights, property or safety of Scirra, our users, or the public as required or permitted by law.
Sharing with Data Processors
We will also share your personal information with companies that help us to run our business by processing personal information on our behalf for the purposes identified above. Such companies include providers of customer support services, payment processing services, fraud monitoring and prevention, email, social media, and other marketing platforms and service providers, and hosting services.
Aggregated, anonymised data is periodically transmitted to external services to help us improve the Construct.net Website and service.
Other Information Sharing
We may also share your personal information:
- When you agree to the sharing;
- When we are required to provide information in response to a subpoena, court order, or other applicable law or legal process;
- When we have a good faith belief that the disclosure is necessary to prevent or respond to fraud, defend our apps or websites against attacks, or protect the property and safety of Scirra, our customers and users, or the public;
- If we merge with or are acquired by another company, sell a Scirra website, or app, or if all or a substantial portion of our assets are acquired by another company, your information will likely be disclosed to our advisers and any prospective purchaser's advisers and will be one of the assets that is transferred to the new owner.
Is my personal information displayed anywhere within Scirra’s apps or websites?
There are several places within our websites and apps that allow you to post comments, upload pictures, or submit content for others to see. You must assume that what you share in these areas (for example, our Forums) can be seen by the general public or other users of the app or website. Please be careful when you share your personal information. Do not share anything you wouldn’t want publicly known. Anything you do post in these areas is done under the Creative Commons license and is consequently freely available to be used by others. Please note that when you post messages on certain user forums on our websites and app, your email address or name and/or profile photo may be included and displayed with your message.
To remove content you have shared on our websites and apps, please use the same app or website feature you used to share the content. If you have questions or concerns about this, please contact us.
Is my personal information secure?
We employ industry standard techniques to protect against unauthorized access of data about you that we store, including personal information.
Where does Scirra store my personal information?
How does Scirra use Google Drive user data?
Our app Construct 3 allows users to sign in to Google Drive to allow conveniently saving and opening project files in the cloud. If you use this feature, Construct 3 will show a screen requesting permission to access your Google Drive account. Permitting access allows Construct 3 to access your Google Drive account in order to facilitate saving and loading your work as you instruct it to. Your project files remain private and Scirra does not access your files in any way or use your files for any other purpose whatsoever than solely to access the files you specifically select. The data accessed on Google Drive is transmitted directly between your browser and Google servers and will not be accessed or processed by Scirra servers or any other third party servers.
Other Personal Information
Your personal information and files are stored on Scirra’s servers and the servers of companies we hire to provide services to us.
Does Scirra transfer my personal information across national borders?
We may transfer your personal information across national borders to other countries in compliance with applicable laws. At present this is limited to transfer to the USA where our servers and the servers of our hosting service provider (Microsoft Azure) are sited.
What rights do I have in respect of my personal information and how can I exercise these?
Under the law of some countries and states, you may have the right to ask us for a copy of your personal information; to correct, delete or restrict (stop any active) processing of your personal information; and to obtain the personal information you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this information to another controller.
In addition, you can object to the processing of your personal information in some circumstances (in particular, where we don’t have to process the information to meet a contractual or other legal requirement, or where we are using the information for direct marketing).
These rights may be limited, for example, if fulfilling your request would reveal personal information about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping (such as fraud prevention purposes).
To exercise any of these rights (including deactivating your Scirra account), you can get in touch with us – or our data protection officer – using the details set out below. Additionally, our websites and apps allow you to edit your personal information by accessing the "my account," "my profile," or a similar feature of the app or website you are using. Likewise, you can delete files or photos you have stored in our websites and apps by logging in and using the deletion functions that are available.
If you have unresolved concerns, you have the right to report them to the data protection authority where you live, work or where you believe a potential violation may have occurred.
To create a Scirra or Construct.net account, and to use some Scirra websites, apps, products or services, the provision of some information is mandatory: if relevant information is not provided, then we will not be able to administer a Scirra account to you, or provide you with the websites, apps, products or services requested. All other provision of your information is optional.
Withdrawing consent or otherwise objecting to direct marketing
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your information for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time by:
- updating your preferences in your specific website or app accounts;
- clicking the unsubscribe link at the bottom of our marketing emails; or
How long does Scirra retain my information?
When you register for a Scirra or Construct.net account, we process and keep most personal information we have about you for as long as you are an active user of our products, services or apps. When you close your account, after 60 days we begin deleting certain personal information that we no longer have a business reason to retain, such as social media profiles, name, website reference etc. . However, we typically retain personal information related to our contract and business transactions with you for seven years after your last interaction with us.
Where we process personal information for marketing purposes or with your consent, we process the information until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a permanent record of the fact that you have asked us not to send you direct marketing or to process your information so that we can respect your request in future.
Who can I contact with questions or concerns?
If you have a privacy question, concern, or request, please email Scirra's Data Protection Officer at email@example.com.