Autodesk Trust Center

Autodesk data protection and privacy

We build privacy controls and governance processes into our information systems and product workflows—all aligned with evolving regulations and customer expectations.

How we protect privacy

Autodesk’s information practices, as set forth in our Privacy Statement, Terms of Use, and other notices, comply with relevant global standards and privacy laws.

Commitment to our customers

You should have choices regarding your data. Autodesk is committed to transparency about the data we collect and how it’s used, shared, and stored. We provide customer choice where feasible and where required.

Privacy by design

We follow privacy by design principles that govern the treatment of personal data owned by, or under the control of, Autodesk. We apply the principles globally and incorporate them in development plans, business plans, and day-to-day operations.

Autodesk's privacy principles

We follow Autodesk’s six privacy principles and perform privacy impact assessments where personal data is collected or used. We also require general and role-specific privacy training to our workforce aligned to these principles.

Two high-rise developments in partial stages of construction are contrasted against a brilliant blue sky.

Autodesk's privacy principles

Autodesk requires all employees, contingent workers, and subsidiaries to abide by our privacy statement and adhere to internal policies, standards, and guidelines regarding our overall data protection requirements and privacy principles:

  • Be transparent about our actions and intent.
  • Present individuals with clear and actionable choices.
  • Practice purposeful collection, use, and retention of data.
  • Use data for the purposes for which it was collected.
  • Only share data with third parties in limited and approved ways.
  • Be accountable for enforcement of these privacy principles.
A smiling man sits with his arms crossed in front of several computer monitors.

Data collection through analytics

Collecting data through Autodesk’s analytics programs helps us plan for product scale and improve usability, quality, and performance. All data collected is encrypted, and in certain cases, anonymized.

A blue wireframe overlay appears over metal parts for a mechanical object.

Make changes to or delete your account

Simply sign in and follow the instructions to make edits to your profile information. For your safety and ours, we will authenticate your identity before fulfilling your request.

Learn more about how Autodesk protects your privacy

Privacy statements

The Autodesk Privacy Statement explains how we handle personal data, how such data can be accessed and updated, and how we protect this data when interacting with third parties. 

 

The Cookie Statement describes the way we use cookies, tags, and pixels in our applications. It links to a tool for users to set their cookie preferences.  

 

The Children’s Privacy Statement addresses how we collect, process, store, and delete children’s personal data. 

 

The Candidate Privacy Statement describes how we collect, process, store, and delete personal data about job applicants and prospective candidates. 

Autodesk as a trusted partner

Autodesk is committed to be your trusted partner in the privacy field. To assist you in complying with your privacy obligations, Autodesk offers a Data Processing Addendum (DPA), which sets forth Autodesk’s obligations where it is a processor for personal data.

 

To sign a DPA with Autodesk, simply download the file, sign it, and send it to autodesk.dpa@autodesk.com.

 

Relevant Autodesk entities are all bound by the same privacy principles. Autodesk has adopted Binding Corporate Rules (BCRs) for controller and processor data transfers. They enable companies to transfer personal data internationally to countries that do not provide an adequate level of protection for personal data as required under the GDPR. Autodesk’s BCRs have been approved by the Irish Data Protection Commission on May 2023, and since then they are annually reviewed and renewed.

 

You can check the latest version of Autodesk’s BCRs here:

 

Autodesk has self-certified and is officially part of the Data Privacy Framework (DPF). The EU-US DPF, UK Extension to the EU-US DPF, and Swiss-US DPF were respectively developed by the US Department of Commerce and the European Commission, UK government, and Swiss Federal Administration to provide US organizations with reliable mechanisms for personal data transfers to the United States from the European Union, United Kingdom, and Switzerland while ensuring data protection that is consistent with EU, UK, and Swiss law.

 

You can verify the status of Autodesk’s Data Privacy Framework certification by searching for Autodesk in the official DPF website.

Public policy

We are a member of the BSA | The Software Alliance and support their work advocating for public policies that improve privacy protections.

Onward data transfer

We are committed to strong privacy and security protections for customer data that is entrusted to us. 

 

Autodesk will continue to use Standard Contractual Clauses (SCCs), which remain valid under the recent Schrems II decision by the European Court of Justice, as a legal mechanism for transferring personal data of its customers from the EEA to the US or other applicable jurisdictions. We have recently revised our Data Processing Agreement (DPA) with the new EU Standard Contractual Clauses.

 

We also offer on request to customers "Supplementary Measures"–these are technical and operational measures (including encryption and review of government requests for access to data) to provide data protection controls for our data transfers from the EU. 

 

Autodesk has compiled a white paper (Data Transfer Whitepaper) documenting how it complies with EU data transfer requirements. 

Transparency report

Autodesk’s Transparency Report explains Autodesk’s policy on responding to requests for customer data by government agencies for law enforcement purposes. The report also provides statistics on the types of requests Autodesk receives and how Autodesk responds to these requests. Previous transparency reports are available below. 

 

January 2018 to December 2019

January 2020 to July 2020 

August 2020 to January 2021

February 2021 to January 2022 

February 2022 to January 2023

Legal terms

We provide a link to other important legal documents that may help you fully understand our services and rights, including our General Terms, Special Terms, Subscription Benefits, and Subscription Types

 

Autodesk also offers a Data Processing Addendum (DPA), which sets forth Autodesk’s obligations where it is a processor for personal data under the GDPR. 

Europe, Africa, and Middle East: privacy information

We continue to meet our obligations when processing personal data, under the GDPR, which took full effect on May 25, 2018. Learn more about the measures we have taken to ensure our compliance with newer, stricter regulations.

 

Review our GDPR FAQs.

 

Select Middle East and Africa FAQs coming soon.

North America: privacy information

Several US states have enacted new or revised privacy laws including California and Virginia (as of January 1, 2023), Colorado and Connecticut (as of July 1, 2023), and Utah (as of December 31, 2023).

 

Review our North America FAQs.

 

Canada

Review our PIPEDA FAQs.

 

Review our Quebec Law 25 FAQs.

Latin America: privacy information

The LGPD, which came into effect on September 18, 2020, sets forth rules for processing data relating to individuals in Brazil. Learn more about the measures we are taking to comply with the LGPD.

 

Review our LGPD FAQs.

 

Selected other Latin America FAQs coming soon.

Asia-Pacific: privacy information

China’s Personal Information Protection Law (PIPL) came into effect on November 1, 2021. The PIPL creates new rules for processing information relating to individuals in China. Learn more about the measures we are taking to comply with the PIPL.

 

Review our PIPL FAQs.

 

Review our Australia’s Privacy Act and Australian Privacy Principles FAQs.

 

Review our Indonesia’s Data Protection Regulations (IDPR) FAQs.

 

Review our India’s Digital Personal Data Protection Act (DPDPA) FAQs.

 

Review our Korea’s Personal Information Protection Act (PIPA) FAQs.

 

Review our Vietnam’s Personal Data Protection Decree FAQs.

See more privacy information

Take action

Report a security incident

Report suspicious activity, malware, a data concern, or other security incident regarding an Autodesk product or service.

Choose genuine software

Reduce your risks of malware exposure and software failure by using genuine Autodesk software built by Autodesk.

Visit the health dashboard

Are you experiencing an outage with an Autodesk product or service? Check the real-time status of your cloud services.

Report a vulnerability

Help us improve product security by reporting remote code execution, authentication bypass, or other vulnerabilities.