PRIVACY STATEMENT

Privacy Statement

Children's Privacy Statement

Effective: January 1, 2024

This Children’s Privacy Statement supplements the Autodesk Privacy Statement by providing additional information about how we process children’s personal data in relation to Children’s applications. We also apply the protections for children described in this Children’s Privacy Statement to (1) users of Tinkercad regardless of age; and (2) student users of our products offered in a K-12 educational setting pursuant to a signed data privacy agreement with Education Providers, as described in the “Education and FERPA” section below. In the event of a conflict or inconsistency between the provisions of this Children’s Privacy Statement and a data privacy agreement with an Education Provider, the terms of the data privacy agreement will take precedence.  We consider an individual to be a child for the purposes of this Children’s Privacy Statement if applicable law limits the processing of the individual’s personal data because the individual is under a certain age (for example, under age 13 pursuant to the U.S. Children’s Online Privacy Protection Act).

Most Autodesk websites, products and services (“applications”) are primarily designed for adults. We refer to applications designed for adults as “general interest applications.” We do not knowingly collect personal data from children in connection with general interest applications. Certain Autodesk applications are appropriate for and are intended for use by children. We refer to these applications as “Children’s applications.” At this time, Tinkercad is Autodesk’s only Children’s application.

Education Providers, please see the section titled “Education and FERPA” for information about our processing of student data.

Where there is a conflict between this Children’s Privacy Statement and the Autodesk Privacy Statement, this Children’s Privacy Statement sets the standard for how we treat children’s personal data consistent with applicable law.

If we discover that we have processed a child’s personal data in a manner inconsistent with applicable law, we will promptly delete the data or bring that processing into compliance with applicable law, such as by obtaining appropriate permission for that processing.

U.S. visitors: For more information about the Children’s Online Privacy Protection Act and general tips about protecting children’s online privacy, please visit OnGuard Online.

This Children’s Privacy Statement contains the following information:

  1. kidSAFE Seal COPPA certification
  2. Data we collect from Children, how we use it, and how and when we communicate with parents and guardians
  3. Specific activities
  4. When data collected from Children is available to third parties
  5. Moderator choices and controls
  6. Education and FERPA
  7. Will this Privacy Statement change?
  8. How to contact us?

KidSAFE Seal COPPA certification

Tinkercad is certified as COPPA compliant by the kidSAFE Seal Program. kidSAFE is a popular safety certification service and seal-of-approval program designed exclusively for children-friendly websites, mobile apps, and connected technologies. kidSAFE is also a Federal Trade Commission-approved COPPA Safe Harbor provider. To learn more or verify Tinkercad’s certification by kidSAFE, click on the kidSAFE seal on Tinkercad webpages or visit https://www.kidsafeseal.com/certifiedproducts/tinkercad.html.

Data we collect from children, how we use it, and how and when we communicate with parents and guardians

Where we know that parent or guardian consent is required by applicable law for a child user of an application, we will:

  • ask for a parent or guardian email address before we collect personal data from the child;
  • offer an age-appropriate experience for the child as described below, which in particular does not require registration, consistent with applicable law; or
  • not allow access to those sections or features of the application directed to a general interest audience.

Registration

Children can register on Tinkercad to (among other things):

  • view and download content
  • take tutorials, create, edit, and import content
  • like others’ content
  • upload a photo
  • participate in contests
  • view in-application notifications

During the registration process, we will ask the child to provide certain personal data, including:

parent or guardian’s email address
child’s member or account username, and password
child’s birthdate to validate age.

 

Persistent identifiers

When children interact with us, certain personal data and non-personally identifiable data may be collected automatically, both to make our applications more interesting and useful to children and for various purposes related to our business.

Examples include:

type of computer operating system
child’s IP address or mobile device identifier
web browser used
frequency with which the child visits various parts of our applications
data regarding the online or mobile service provider

This data is collected using technologies such as cookies, pixel tags, web beacons, and similar technologies (“Cookies”). This data may be collected by Autodesk or by a third party. For a list of third parties that use Cookies on our Children’s applications and links to their privacy policies, please visit the Children’s Privacy Statement - Analytics List. Please visit our Cookie Statement for more information about our Cookie practices and a list of third parties that use Cookies on our general interest applications.

Data minimization

We will not require a child to provide more data than is reasonably necessary to use Children’s applications. If a child chooses not to share certain personal data (such as a parent or guardian’s email for purposes of gathering consent if needed) with us, we may limit their access to the Children’s application or disable certain features, such as the ability to publish content publicly.

Purpose of collection

We only collect and use children’s data to fulfill our duties and provide the Children’s applications. Children’s data will be used:

  • for security purposes,
  • to send notices and gather parental or legal guardian consent,
  • to provide the services,
  • to allow parents to have access to their child's account.

Data retention

We store your personal data and content on our servers and the servers of our service providers. Because we and our service providers maintain servers in global locations, your personal data may be transferred across national borders and stored on the servers outside of your country or region. We will retain your personal data for as long as reasonably necessary or permitted and proportionate to the purpose for which it was collected, for example, to provide you with the offerings that you are using or have requested, for the establishment, exercise or defense of legal claims, and as needed to comply with our legal obligations. Data may persist in copies made for backup and business continuity purposes for additional time. There may be occasions where we are unable to fully delete, anonymize or de-identify your information due to technical, legal, regulatory compliance or other operational reasons.

Consent Processes

Our Children’s applications sometimes collect personal data from children or allow children to create, share and publicly post content. Before allowing children to use certain features and functionality that collect personal data from them, we seek parental or guardian consent, if required by applicable law:by requiring a signed consent form to be submitted by mail or email attachment.

We may also require parents or guardians to open their own accounts so that they can view and moderate their child’s account. For further details, please see “Moderator choices and controls” below.

If we do not receive parental consent within reasonable time, we will delete the parental contact information provided by the child, along with any other data associated with the child.

For more information on parental rights in the United States with respect to a child’s educational record under the U.S. Family Educational Rights and Privacy Act (FERPA), please see “Education and FERPA” below.

Specific activities

Content generated by a Child and ability to delete Child-generated content

Our Children’s applications might include activities that allow users to create or manipulate content and save it. Such content may be accessible by the public depending on the child’s settings when they posted the content.

We honor requests to delete any content that they post on our Children’s applications unless we are required by law to retain it.

Child’s public posts and communications

Certain Children’s applications allow users to communicate directly with other users by means of user forums or comments sections. Depending on the child’s settings, which that child’s moderator can control, a child may be able to post messages and other communications accessible by the public.

We strongly encourage children who use these interactive features on our websites and in our applications never to provide personal data about themselves or any third party, and not to attempt to circumvent any moderation features.

Contests

In all of our contests for children, we will require only the data necessary to enter the contest. For prize-fulfillment purposes if the child wins the contest, we will ask the child to have their parent or guardian sign a winner's declaration form, which may also request more personalized data (e.g., the address to which to send the prize). We only contact the parent or guardian for more personalized data for prize-fulfillment purposes if the child wins the contest.

Augmented Reality

Our Children’s applications may access device cameras to offer augmented reality functions, such as overlaying 3D models developed in the Children’s application over the image available through the camera. Autodesk does not collect or receive any information captured from the device’s camera. Users can remove an application’s access to a device’s camera by changing the device’s settings.

Email contact with a Child

Some of our applications may collect online contact information, such as an email address, in order to communicate with a user who makes a specific request through customer service. For example, a user may email us to ask for help in understanding how to use a design tool that the child is having trouble with, or the user may want to sign up for a monthly newsletter.

If we know that we are communicating with a child using Autodesk Children’s Applications without parent or guardian consent and such consent is required by applicable law, we will respond once to the communication, delete their personal data, and will not participate in any ongoing communication.

Here is how we would handle communication requests:

  • One-time communication

After we respond to the child’s question or request, we or our service provider will delete this data immediately after responding to the question or request.

If a child initiates additional communication, submits additional tickets, or signs up for newsletters, we will delete the child’s personal data in each instance, and will not retain a record. The parent may need to opt-out of each communication separately.

  • Communicating more than once

Where there is an activity or service where we need to communicate with a child more than once and we have not already obtained parent or guardian consent where such consent is required by applicable law:

If we collect the child’s contact data for ongoing communications, we will also require a parent or guardian email address (if we have not already obtained verifiable parent or guardian consent) so we can notify the parent about the collection and use, and to provide the parent or guardian with an opportunity to prevent further contact with the child.

Persistent identifiers

When children interact with us, certain personal data and non-personally identifiable data may be collected automatically, both to make our applications more interesting and useful to children and for various purposes related to our business.

Examples include:

  • the type of computer operating system
  • the child’s IP address or mobile device identifier
  • the web browser used
  • the frequency with which the child visits various parts of our applications
  • data regarding the online or mobile service provider

This data is collected using technologies such as cookies, pixel tags, web beacons, and similar technologies (“Cookies”). This data may be collected by Autodesk or by a third party. For a list of third parties that use Cookies on our Children’s applications and links to their privacy policies, please visit the Children’s Privacy Statement - Analytics List. Please visit our Cookie Statement for more information about our Cookie practices and a list of third parties that use Cookies on our general interest applications.

When data collected from Children is available to third parties

In addition to those cases where a child’s personal data is posted publicly (after receiving parental or guardian consent), we also may share or disclose personal data collected from Children's Applications in a limited and clearly defined number of instances in accordance with the processes described in this Children's Privacy Statement. Please see the “How does Autodesk disclose your personal data?” section of the Autodesk Privacy Statement for the ways in which Autodesk generally discloses personal data. However, Autodesk and its third-party providers will not use children’s personal data for advertising purposes, to create a profile about a child and tie it to an application, to sell the personal data, or for any other purpose prohibited by law or outside the authorization provided by parental, guardian, or school, as may be applicable.

Moderator choices and controls

Children’s applications may enable parents and guardians to “moderate” a child’s account, giving the moderator the ability to review how the child is using the Children’s application and allowing them to make certain choices about how the child’s personal data is processed. Moderators can, at any time:

  • refuse to permit us to collect further personal data from the child in association with a particular account
  • request that we delete from our records the personal data we have collected in connection with that account

Please keep in mind that a request to delete records may lead to a termination of an account, membership, or other service and that any content saved in that account may no longer be accessible. Please note that Autodesk does not have control over third parties (e.g., other users) who may have copied or reposted publicly posted information.

Moderators can access, change, or delete the personal data that we have collected from a child in one of the following ways:

  • request access to or delete personal data by logging into their account (where available)
  • contact us to request access, a change, or delete personal data by sending an email to.

In any correspondence such as email or mail, please include:

  • the name of the application
  • the child’s username
  • the moderator’s email address and telephone number

To protect children’s privacy and security, we will take reasonable steps to verify a moderator’s identity before granting access to a child’s personal data. Please visit the “How does Autodesk protect your data” section in the Autodesk Privacy Statement for additional information.

Applications that we provide directly to Education Providers for use in educational settings may allow Education Providers to act as “moderators” with respect to student accounts. See the “Education and FERPA” section for more information.

You have the rights to access, correct, delete, object, restrict, or obtain a copy of your personal data as described in the Autodesk Privacy Statement.

Education and FERPA

This section describes Autodesk’s practices when our applications are provided directly to Education Providers for use in educational settings pursuant to a signed data privacy agreement with Education Providers. This section does not apply when students access Autodesk applications outside of an educational setting. Schools or school districts that would like to inquire about Autodesk’s student data privacy agreement may contact Autodesk at privacy.questions@autodesk.com.

Educational institution consent in lieu of a parent

Autodesk may provide Children’s applications directly to Education Providers for use in educational settings, in which case Education Providers may provide consent for the collection of personal data from students, where allowed by applicable law. Autodesk expects Education Providers to notify parents or guardians before providing consent to such collection. Autodesk provides information for teachers in the COPPA Direct Notice.

We may also ask Education Providers to obtain consent directly from a parent or guardian instead of, or in addition to, the school providing consent. In these cases, the Children’s application may allow for the parent or guardian to be added as a moderator of the student’s account. Parental or guardian consent would also allow a child to continue using a Children’s application outside of school.

Tinkercad Classrooms

A teacher may become a moderator for students using Tinkercad by creating a Classroom under their teacher account and having students join the Classroom using a Class code provided by the teacher. A student may join the Classroom using their preexisting account or without registering for a Tinkercad account and instead using a nickname provided by the teacher. Autodesk will not collect personal data from the student as a result of joining a Classroom, and the student will not be able to communicate or share personal data with Tinkercad members other than the teacher of the Classroom. All other data collection practices are consistent with those described in the Children’s Privacy Statement.

Prior to allowing a student with a pre-existing account to join a Classroom, a teacher is responsible for ensuring that the student’s parent or guardian has given any consent required by applicable law, either as described in this Children’s Privacy Statement or directly to the teacher or the teacher’s school or school district.

FERPA

This section applies to Education Providers subject to the U.S. Family Educational Rights and Privacy Act (“FERPA”) and to which Autodesk directly provides applications for use in educational settings.

This subsection uses the following definitions:

  • “Education Providers” means educational institutions and teachers, administrators, school district representatives and other individuals acting on behalf of the educational institution or a school district that provide Students with access to Products and/or work with Students in connection with Products.
  • “Products” means Autodesk software or Autodesk web or cloud-based services made available by Autodesk pursuant to the terms of the applicable software license agreement, terms of use or terms of service.
  • “Student” means an individual person enrolled as a student at an Education Provider.
  • “Student Data” means information maintained by Autodesk or any third party on Autodesk’s behalf relating to a Student, including any education records (as defined under FERPA) that are disclosed by Education Providers to Autodesk, except that Student Data does not include a record that has had personal data removed such that the Student’s identity is not uniquely identifiable from the record and there is no reasonable basis to believe that the remaining information can be used to identify an individual.

Per the terms located at Education Providers And The Family Educational Rights And Privacy Act (FERPA):

  • to the extent that Education Providers subject to FERPA provide Autodesk with Student Data, Autodesk will be considered a “school official” (as that term is used in FERPA and its implementing regulations);
  • Autodesk will comply, within a reasonable time frame, with Education Provider’s requests to review, modify, de-identify or delete any Student Data that Autodesk maintains about  Education Provider’s Student; and
  • Autodesk will not maintain, use, or disclose Student Data except as set forth herein and in the Autodesk Privacy Statement, as authorized by Education Providersor permitted or required by applicable law or a judicial order.

For more information about FERPA, please visit the FERPA site and the U.S. Department of Education website.

Will this Privacy Statement change?

If the way we treat children’s personal data changes, we will update this Children’s Privacy Statement. When we change it, we will make it clear at the top of the Children’s Privacy Statement by indicating when we last updated it. If we make material changes to this Children’s Privacy Statement, we will endeavor to provide Education Provider or the moderator with notice before such changes take effect, such as through prominent notice on our website or services or by email, and if applicable, we will seek consent from the parent, guardian, or Education Provider relevant to the changes.

How to contact us?

If you want to contact us, please use the following contact information. When you do so, please tell us the name of the application about which you are contacting us:

By email at: privacy.questions@autodesk.com

By phone: 415-507-5000

By postal mail to:

Privacy Questions
Autodesk, Inc.
The Landmark @ One Market
Suite 400
San Francisco, CA 94105
U.S.A.