Autodesk’s information practices, as set forth in our Privacy Statement, Terms of Use, and other notices, comply with relevant global standards and privacy laws.
You should have choices regarding your data. Autodesk is committed to transparency about the data we collect and how it’s used, shared, and stored. We provide customer choice where feasible and where required.
We follow privacy by design principles that govern the treatment of personal data owned by, or under the control of, Autodesk. We apply the principles globally and incorporate them in development plans, business plans, and day-to-day operations.
We follow Autodesk’s six privacy principles and perform privacy impact assessments where personal data is collected or used. We also require general and role-specific privacy training to our workforce aligned to these principles.
Autodesk requires all employees, contingent workers, and subsidiaries to abide by our privacy statement and adhere to internal policies, standards, and guidelines regarding our overall data protection requirements and privacy principles:
Collecting data through Autodesk’s analytics programs helps us plan for product scale and improve usability, quality, and performance. All data collected is encrypted, and in certain cases, anonymized.
Simply sign in and follow the instructions to make edits to your profile information. For your safety and ours, we will authenticate your identity before fulfilling your request.
The Autodesk Privacy Statement explains how we handle personal data, how such data can be accessed and updated, and how we protect this data when interacting with third parties.
The Cookie Statement describes the way we use cookies, tags, and pixels in our applications. It links to a tool for users to set their cookie preferences.
The Children’s Privacy Statement addresses how we collect, process, store, and delete children’s personal data.
The Candidate Privacy Statement describes how we collect, process, store, and delete personal data about job applicants and prospective candidates.
Autodesk is committed to be your trusted partner in the privacy field. To assist you in complying with your privacy obligations, Autodesk offers a Data Processing Addendum (DPA), which sets forth Autodesk’s obligations where it is a processor for personal data.
To sign a DPA with Autodesk, simply download the file, sign it, and send it to autodesk.dpa@autodesk.com.
Relevant Autodesk entities are all bound by the same privacy principles. Autodesk has adopted Binding Corporate Rules (BCRs) for controller and processor data transfers. They enable companies to transfer personal data internationally to countries that do not provide an adequate level of protection for personal data as required under the GDPR. Autodesk’s BCRs have been approved by the Irish Data Protection Commission on May 2023, and since then they are annually reviewed and renewed.
You can check the latest version of Autodesk’s BCRs here:
Autodesk has self-certified and is officially part of the Data Privacy Framework (DPF). The EU-US DPF, UK Extension to the EU-US DPF, and Swiss-US DPF were respectively developed by the US Department of Commerce and the European Commission, UK government, and Swiss Federal Administration to provide US organizations with reliable mechanisms for personal data transfers to the United States from the European Union, United Kingdom, and Switzerland while ensuring data protection that is consistent with EU, UK, and Swiss law.
You can verify the status of Autodesk’s Data Privacy Framework certification by searching for Autodesk in the official DPF website.
We are a member of the BSA | The Software Alliance and support their work advocating for public policies that improve privacy protections.
We are committed to strong privacy and security protections for customer data that is entrusted to us.
Autodesk will continue to use Standard Contractual Clauses (SCCs), which remain valid under the recent Schrems II decision by the European Court of Justice, as a legal mechanism for transferring personal data of its customers from the EEA to the US or other applicable jurisdictions. We have recently revised our Data Processing Agreement (DPA) with the new EU Standard Contractual Clauses.
We also offer on request to customers "Supplementary Measures"–these are technical and operational measures (including encryption and review of government requests for access to data) to provide data protection controls for our data transfers from the EU.
Autodesk has compiled a white paper (Data Transfer Whitepaper) documenting how it complies with EU data transfer requirements.
Autodesk’s Transparency Report explains Autodesk’s policy on responding to requests for customer data by government agencies for law enforcement purposes. The report also provides statistics on the types of requests Autodesk receives and how Autodesk responds to these requests. Previous transparency reports are available below.
We provide a link to other important legal documents that may help you fully understand our services and rights, including our General Terms, Special Terms, Subscription Benefits, and Subscription Types.
Autodesk also offers a Data Processing Addendum (DPA), which sets forth Autodesk’s obligations where it is a processor for personal data under the GDPR.
We continue to meet our obligations when processing personal data, under the GDPR, which took full effect on May 25, 2018. Learn more about the measures we have taken to ensure our compliance with newer, stricter regulations.
Review our GDPR FAQs.
Select Middle East and Africa FAQs coming soon.
Several US states have enacted new or revised privacy laws including California and Virginia (as of January 1, 2023), Colorado and Connecticut (as of July 1, 2023), and Utah (as of December 31, 2023).
Review our North America FAQs.
Canada
Review our PIPEDA FAQs.
Review our Quebec Law 25 FAQs.
The LGPD, which came into effect on September 18, 2020, sets forth rules for processing data relating to individuals in Brazil. Learn more about the measures we are taking to comply with the LGPD.
Review our LGPD FAQs.
Selected other Latin America FAQs coming soon.
China’s Personal Information Protection Law (PIPL) came into effect on November 1, 2021. The PIPL creates new rules for processing information relating to individuals in China. Learn more about the measures we are taking to comply with the PIPL.
Review our PIPL FAQs.
Review our Australia’s Privacy Act and Australian Privacy Principles FAQs.
Review our Indonesia’s Data Protection Regulations (IDPR) FAQs.
Review our India’s Digital Personal Data Protection Act (DPDPA) FAQs.
Review our Korea’s Personal Information Protection Act (PIPA) FAQs.
Report suspicious activity, malware, a data concern, or other security incident regarding an Autodesk product or service.
Reduce your risks of malware exposure and software failure by using genuine Autodesk software built by Autodesk.
Are you experiencing an outage with an Autodesk product or service? Check the real-time status of your cloud services.
Help us improve product security by reporting remote code execution, authentication bypass, or other vulnerabilities.
