Search Unity

  1. Unity 6 Preview is now available. To find out what's new, have a look at our Unity 6 Preview blog post.
    Dismiss Notice
  2. Unity is excited to announce that we will be collaborating with TheXPlace for a summer game jam from June 13 - June 19. Learn more.
    Dismiss Notice
  3. Dismiss Notice

GDPR and GameTune

Discussion in 'GameTune' started by Egil-Sandfeld, Oct 4, 2019.

  1. Egil-Sandfeld


    Oct 8, 2012
    In the GT documentation you state:

    1. Why do we need to contact you? Could there be a guide for this publicly instead?
    2. Is it sufficient to link to own Privacy Policy in the app, at the moment of consent, which has a link to the Unity PP?
    3. Reading up on the Unity Analytics Privacy Policy and GDPR, it seems the current Unity Analytics structure is to opt-out, while GDPR afaik is based on that explicit consent must be given. There's a difference here, and I'm not sure what to follow. Do I present a GDPR consent dialog at the start of the app like this plugin which then sets the options.SetGdprConsent(consent)? Or should I try to fetch the existing UnityEngine.Analytics.Analytics.playerOptedOut and use this for the consent?
    4. Can you elaborate on what ML features are restricted, should the user NOT give consent? Does the ML system work at all without GDPR consent?

    I'm really eager to properly implement GT, so I hope we can sort these things out :)
    M_R likes this.
  2. jennyhissa


    Unity Technologies

    Aug 1, 2019
    Hi Egil-Sandfeld! Apologies for keeping you waiting – let me answer your questions:

    1. You are right and we are currently working on putting together better guidelines on how to work with GDPR. We suggest using Unity consent found in Unity Ads SDK, where users have the option to opt-in or opt-out of personally identifiable information collection. Unity Ads SDK provides a built-in GDPR compliant solution for handling end-user consent to GameTune. For more information about GDPR and the Unity Ads SDK, see Unity Ads Knowledge Base: GDPR Compliance. However, if you collect personally identifiable information data on your own, you are responsible for protecting and managing that data. If you wish to implement a custom consent or use a different legal theory, you will need to work with your attorney to determine GDPR compliance.

    2. To remain transparent for your users, you should notify them about personalized gameplay. The best practice is to list Unity as a third-party which collects data in your Privacy Policy, and include a link to Unity's Privacy Policy within your Privacy Policy.

    3. While we think that personalized ads and experiences require opt-in consent, GDPR allows for different legal theories that can be used for different services. In regards to Unity Analytics specifically, Unity has a legitimate interest (legal theory) in collecting analytics data for better crash reporting and fraud protection to better serve our users and that’s why the Privacy Plug-in for Analytics is opt-out.
      Unity Analytics and the Privacy Plug-in aren’t applicable to GameTune. Additionally, see the response re. Unity Consent and GameTune above.

    4. For users who have opted-out from data collection will have their data deleted and the answer they receive from GameTune will always be the control alternative.
      It does work without GDPR consent, but if you haven’t asked for the user’s consent, you should not call SetGdprConsent at all. GameTune will behave as if users in GDPR restricted countries had opted-out and users elsewhere opted-in.
    Egil-Sandfeld likes this.
  3. amjaliks


    Jul 11, 2015
    Hi @jennyhissa,

    How can a GDPR consent from Unity Ads be used for GameTune?

    This doesn't seem to happen automatically. At least both my devices fall in a GDPR treatment group even if have allowed a personalized experience in Unity Ads.
    And I don't see how I can get a consent status from Unity Ads SDK.