View General Privacy Notice View Japan Privacy Notice View South Korean Privacy Notice

INTRODUCTION

Hi. We’re Square Enix. You probably know us from all the SQUARE ENIX, branded entertainment content we develop, publish, distribute and license, including: FINAL FANTASY, DRAGON QUEST and SPACE INVADERS.

Please take the time to read this Privacy Notice, as it explains how we collect, use and protect your Personal information (PI).

Square Enix is a valid licensee, and participating member, of the Entertainment Software Rating Board's Privacy Certified Program (“ESRB Privacy Certified”). To protect your privacy, we have voluntarily undertaken this privacy initiative, and all of our Services where this Privacy Notice is posted and an ESRB Privacy Certified seal is shown have been reviewed and certified by ESRB Privacy Certified to meet established online information collection, use, and disclosure practices. As a licensee of this privacy program, we are subject to audits of our Services and other enforcement and accountability mechanisms administered independently by ESRB Privacy Certified.

HOW & WHEN WE COLLECT YOUR PERSONAL INFORMATION

From the moment you start interacting with us, we begin collecting your PI. Sometimes you give us this PI, and sometimes we collect it automatically.

You give us PI when you:

• Create or update a Square Enix account.
• Use our paid services.
• Play our games.
• Enter our tournaments.
• Apply for a job with us.
• Attend an interview or assessment.
• Sign up for our marketing messages.
• Subscribe to our mailing lists.
• Contact us by phone, email, or live chat.
• Make a purchase.
• Enter our prize draws or competitions.
• Answer our surveys.
• Fill in a form.
• Search or post content on our website.
• Interact with other users on our online services.
• Register for our events.
• Attend our events.
• Follow, like, post to, or interact with our social media accounts.
• Apply to be a Square Enix “influencer” on our website.

We collect your PI automatically when you:

• Visit our website.
• Interact with other users on our online services.
• Open an email from us.
• Log in to your Square Enix account.
• Play our games online.
• Live chat with us.
• Message us or other users in-game.
• Make a purchase.

TYPES OF PERSONAL INFORMATION WE COLLECT

Depending on how you interact with us, we collect different types of PI:

Contact details:

• Name.
• Address.
• Phone number.
• Email address.

Account profile data:

• Name.
• Email address.
• Birth date.
• Gender.
• Username.
• Password.

Financial information:

• Bank account number.
• Payment card details.
• Billing address.

Information that identifies you:

• Birth date.
• IP address.
• Login information.
• Social media usernames.
• Browser type and version.
• Time zone.
• Browser plug-ins.
• Location.
• Operating system and version.
• Cookies.
• Google advertising ID, Apple IDFA, and other unique device IDs.

Website usage:

• How you use our sites.
• Products/services you view or buy.
• Page response times.
• Download errors.
• Time spent on pages.
• Actions on pages.

Game and service usage:

• Gaming platform.
• Game version.
• Device identifiers.
• Crash reports.
• Language options.
• Game scores.
• Achievements.
• Rankings.
• Play time.
• Feature usage.
• Player performance.
• Purchases.
• Time zone.
• Session duration.
• Challenges or gifts sent to other players.
• Number of friends on the platform.

Survey information:

• Any information you provide in our surveys.

Employment information (if you apply for a job with us):

• Name.
• Email address.
• Job history.
• References.
• Education.
• Pre-employment screening results.
• Relevant experience.
• Achievements.
• Skills.
• Qualifications.
• Interview or test outcomes.

Live events:

• Photos and videos of you at our events.

Information provided to us by third parties:

Game Platforms:

• Nickname.
• Username.
• User ID.
• Friends list.
• Email address.
• Location.
• Language.
• Preferences.
• Birth date.
• The games you play.

Mobile Platforms and App Stores:

• Username.
• Device ID.
• Purchase history.
• Location.

When you log in with your social media account:

• Account ID.
• Email address.
• Friends who play the same game.

When you link a Square Enix account to a Game Platform Account:

• Account ID.
• Nickname.
• User ID.
• Email address.
• Our games that you play.

What about sensitive data?

• If you join an accessibility-related player research group, we might ask for medical data to help us improve game accessibility.
• Otherwise, we do not collect your sensitive data like race, religion, ethnicity, biometrics or sexual orientation.
• Please don't send us sensitive data or post it on our services.

What about young children’s data?

• You must be at least 13 years old to use most of our services or games.
• Where a game or service is directed to children under 13, we provide an age-appropriate experience and will only collect personal information from children under 13 with the direct and explicit consent from the parent or guardian.
• We do not knowingly collect, maintain, sell or share personal information or non-personally identifiable information from children under 13 without explicit consent from the parent or guardian, other than as permitted by law.
• If you think we've collected information from someone under 13 by mistake, please let us know by contacting dpo@eu.square-enix.com.

WHY & HOW WE USE YOUR PERSONAL INFORMATION

We only use your PI for specific reasons. The reasons depend on how you interact with us. Our reasons and lawful bases, as described below, depend on how you interact with us. For example, we only process payments if you make or try to make a purchase. If your PI is to be used for a new purpose that is materially different from the purpose(s) for which it was collected, as specified in this privacy notice, we will provide you with an opportunity to object to this use of your PI.

Registering your account: When you sign up for our services or create a Square Enix account, we use the details you provide us to process your registration and provide the services you agreed to receive.

Keeping our services running: Provide you our games and services online, access to our websites and keeping it all secure.

Optimising our services for you: Remembering your settings, analysing your use of our services and creating leaderboards.

Verifying your age: We use your information to verify your age and provide you an age-appropriate experience.

Communicating with other players: To enable you to communicate and interact with other users on our websites and online services.

Processing Orders: We use your information to process, accept, dispatch and deliver your orders.

Processing payments: We use your information to process payments for our goods and services. If your bank provides account update services, we may automatically update your payment card information when it changes.

Anti-cheat, anti-tampering and unauthorised activity prevention and detection: We use your information to enforce our rules and policies, protect our customers and business, and investigate and respond to unauthorised activity on or related to our games or services. We may also use your information for machine learning behavioural predictions to detect and prevent unauthorised activities on our games or services.

Fraud and unlawful activity detection, prevention and investigation: We use your information to investigate and respond to fraudulent or illegal activity on or related to our games and services. We may also use your information for machine learning behavioural predictions to detect and prevent fraudulent activities on our services.

Square Enix “Press Hub” registration: We use your information to process your application and send you press releases and assets.

Square Enix “influencer” registration and suitability monitoring: We use your information to process your application and to contact you about participation in the program.

Community and customer support: We use your information for handling enquiries or complaints, troubleshooting and solving technical issues over live chat, phone, email and in-game chat.

Social media: We use your information to communicate and interact with you on social media and to understand customer sentiment about our games and services.

Keeping our products and services up to date: We use your information to make necessary changes to our products and services and to monitor your participation in our forums and services.

Improving and developing our games, services and websites: We use your information collected through our games, services and websites for analytics, research and website traffic optimization.

Recruitment: We use the information you provide us during our recruitment process to evaluate your suitability for the role, verify your details, identify future employment opportunities and to optimise the recruitment process.

Contests and prize draws/sweepstakes: We use your information to process your entry, communicate with you and award and send you prizes either digitally or physically. Some contests and prize draws/sweepstakes will also involve publicly displaying your entry in leaderboards or media.

Tournament participation: We use your information to enable you to enter and participate in tournaments, communicate with you, and award and send you prizes either digitally or physically. Some tournaments will also involve publicly displaying and promoting your entry in leaderboards and in media.

Live Square Enix Events: We may photograph or record videos that include you at our live events.

Targeted advertising: Where you have consented to it, we use cookies and similar technologies to deliver relevant ads and offers to you and measure their effectiveness. Please also see our Cookie Notice.

Social media retargeting ads: We use your information to display ads to you on social media about our games and services that are of interest to you and players like you, and to analyse their effectiveness.

Digital marketing: We match your information collected from our websites, games, and services to profile your interests and behaviours and segment your information with other players who have similar interests for tailored marketing and analysis. We also use your information for machine learning and AI to predict the effectiveness of our marketing and ad campaigns for you and players like you, including through purchase history and game play behavioural analysis.

Direct marketing: Where you have consented, we will use your information to send you communications about our services, products and features that you have agreed to receive directly via email.

Health Apps: Some of our mobile games have the ability to make use of your device‘s ‘health app’ (Apple HealthKit for Apple devices, Google Fit for Android devices, or its equivalent) in order to process your fitness activity in the game.

Where you have chosen to connect your device’s health app to one of our games, we use the data obtained from your device's health app only for the purpose of providing health management, movement, or exercise services in connection with the specific game. We do not use data collected through your device's health app for marketing or advertising purposes and our use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

We will only collect the health data you give us permission to collect and you will always be in control of this data collection; we cannot use your device's health app without your specific consent and you can withdraw consent to this data collection at any time in your device’s health app settings.

KEEPING YOUR PERSONAL INFORMATION SECURE

We treat your personal information with care and take steps to protect it, including the use of physical, technical and administrative safeguards to protect your personal information from unauthorised access, use or disclosure.

If you believe your personal information has been breached, please contact us immediately at DPO@eu.square-enix.com.

WHO WE DISCLOSE PERSONAL INFORMATION TO

We may share your information with third party companies that carry out work on our behalf. These companies only use your information for the services they provide for us, and they must delete it when they stop working for us. If your PI is to be disclosed to a type of third party not specified in this privacy notice, we will provide you with an opportunity to object to this disclosure of your PI.

The following are types of third party companies that we may share your information with:

• Third-party IT companies who support our websites, online services and other business systems, as well as payment services providers who process your payments.

• Fraud detection, investigation and prevention companies that help us detect, investigate and prevent cheating, abuse, fraud, tampering or other unauthorised use of or disclosure of non-public information about our current and future services.

• Direct marketing companies that assist us in managing our electronic communications with you.

• Selected third-party warehouses and distribution partners to deliver orders you have made with us.

• With your consent or based on our legitimate interests - Google, Facebook and other third-party advertising partners so they can show you our products and services that might be of interest to you.

  • For example, if you provide us with your email address, we may share it with Facebook so that you can receive tailored advertising from us when you use Facebook, and so that other users of Facebook who share similar interests to you can also receive tailored advertising from us.

Under very specific circumstances, we will disclose your PI with third parties (including law enforcement bodies) in order to respond to or investigate fraudulent, unauthorised or criminal (or potentially fraudulent, unauthorised or criminal) activity on or related to our systems, services, or events, including the unauthorized disclosure of non-public information related to current or future services.

We may also be required by law to disclose your PI to the police or to another law enforcement, regulatory or government body in your country of origin or elsewhere, including upon receiving a legally valid request to do so. We may also be required by law to disclose your PI to third parties in response to a court order, subpoena, or other compulsory process.

COOKIES

We use cookies and similar technologies for analytics, to allow our services to operate effectively, to enhance your experience when using our services and to bring you relevant advertising.

Please have a look at our Cookie Notice for more info.

YOUR CHOICES

There are various ways in which you can exercise choice and control over the information you provide to us. Below are some examples.

Limit the Information You Provide to Us
You can stop all prospective collection of information on our Services by uninstalling and ceasing to interact with the Services. You can also decline to provide information we request from you, although doing so may prevent you from using certain parts of the Services (e.g., you will not be able to create an account with us if you do not provide your email address and other information we need to process your registration). With respect to our mobile applications, you may use the standard uninstall process supported by your device, the app, or the marketplace or software through which you acquired the app to stop all prospective information collection through the app.

Change Your Communications Preferences
You may cancel or modify the email communications you receive from us by clicking on the “unsubscribe” link in our emails or, where applicable, by logging into your account and adjusting your settings. This will not affect subsequent access to the Services. Please note that we reserve the right to send you certain communications relating to your account or use of our Services, such as administrative and service announcements, and you will continue to receive these transactional account messages even if you opt-out of receiving our promotional email communications.

Website Analytics
You may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout and downloading the Google Analytics Opt-out Browser Add-on.

Interest-Based Advertising Opt Outs
Some of the advertisers and parties that perform advertising-related services for us and our partners may participate in the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding interest-based advertising, visit http://www.aboutads.info/choices for website opt-out choices and http://www.aboutads.info/appchoices for mobile app opt-out choices. Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices. Please be aware that, even if you are able to opt out of certain kinds of interest-based advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain interest-based advertising to you, but does not mean you will no longer receive any targeted content or ads (e.g., from other ad networks). We are not responsible for the effectiveness of, or compliance with, any opt-out options or programs of any other parties or the accuracy of their statements regarding their programs.

Do Not Track
Your browser settings may allow you to automatically transmit a "Do Not Track" signal to websites and online services you visit. There is no consensus among industry participants as to what "Do Not Track" means in this context. Like many websites and online services, unless and until the law is interpreted to require us to do so, we do not alter our practices when we receive a "Do Not Track" signal from a visitor's browser. To find out more about "Do Not Track," you may wish to visit http://www.allaboutdnt.com/.

WHERE YOUR PERSONAL INFORMATION IS PROCESSED

We are a global organisation. So we sometimes need to share your information with our other offices, or with third parties located in other countries.

When it is necessary for us to transfer your personal data out of your location, for example the EEA and/or the UK, we will do so only when the transfer is authorised under applicable law, including when the transfer is made to a country the EEA and/or UK has deemed to have adequate data protection laws, is governed by the Standard Contractual Clauses and/or the U.K. Addendum or is authorized by another recognized transfer mechanism recognized by the EEA, Swiss, or UK authorities, such as the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

Square Enix complies with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF as set forth by the U.S. Department of Commerce. Square Enix, Inc has certified to the U.S. Department of Commerce that it and its U.S. entities adhere to the EU-U.S. DPF Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Square Enix, Inc. has certified to the U.S. Department of Commerce that it and its U.S. entities adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Square Enix, Inc. is responsible for the processing of personal data it receives under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, and subsequently transfers to a third party acting as an agent on its behalf. Square Enix complies with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions. Square Enix shall remain liable if third parties process your data in a manner inconsistent with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, in accordance with the onward transfer liability provisions.

Square Enix, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC). The FTC has jurisdiction over Square Enix, Inc.’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, Square Enix may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Square Enix commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the U.S.-based third-party dispute resolution provider for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Under certain conditions, more fully described on the Data Privacy Framework website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework, Square Enix commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, Swiss, and United Kingdom individuals with DPF inquiries or complaints should first contact Square Enix, Attn: Privacy Team and DPO, Square Enix 240 Blackfriars Road SE1 8NW or by email at dpo@eu.square-enix.com.

HOW LONG WE HOLD YOUR DATA FOR

We will retain your PI for only as long as you are a customer or are using our services and for no longer than is necessary after that. We will securely destroy or irreversibly anonymize your personal information once it is no longer necessary for us to retain it.

YOUR CONTROL OVER YOUR PERSONAL INFORMATION

This section describes the various controls you have over your personal information, including your rights over your PI under U.S. state privacy laws, and how you can invoke these rights with us.

Your right of access
You have the right to request copies of your personal information. However, there are some exemptions, which means you may not always receive all the personal information you request.

Your right to correction
You have the right to request that we rectify information you think is inaccurate or complete information you think is incomplete.

Your right to data portability
You have the right to request that we transfer certain personal information to another organization, or that we provide a copy of it to you.

Your right to erasure
You have the right to request that we erase your personal information in certain circumstances.

Your right to opt-out
To the extent we sell or share your personal information as the term “sell” or “share” is defined under U.S. state privacy laws, you have the right to opt-out of the sale or sharing of your personal information by us to third parties at any time. You can submit a request to opt-out by clicking here: Do Not Sell or Share, or calling our toll-free number at 1-800-715-2450.

Notice of collection
In the past 12 months, we have collected the following categories of personal information enumerated in the California Consumer Protection Act (CCPA):

• Identifiers, including name, postal address, email address, and online identifiers (such as IP address).
• Customer records, including phone number, billing address, and credit or debit card information.
• Characteristics of protected classifications under California or federal law, including gender.
• Commercial or transactions information, including records of products or services purchased, obtained, or considered.
• Internet activity, including browsing history, search history, and interactions with a website, email, application, or advertisement.
• IP general geolocation data.
• Employment and education information.
• Inferences drawn from the above information about your predicted characteristics and preferences.

For further details on information we collect, including the sources from which we receive information, review “TYPES OF PERSONAL INFORMATION WE COLLECT” above. We collect and use these categories of personal information for the business purposes described in “WHY & HOW WE USE YOUR PERSONAL INFORMATION” above.

We do not generally sell information as the term “sell” is traditionally understood. To the extent “sale” or “share” under the CCPA or California Privacy Rights Act (CPRA) is interpreted to include the activities set out in this Privacy Notice, we will comply with applicable law as to such activity. We disclose the following categories of personal information for commercial purposes: identifiers, characteristics, commercial or transactions information, internet activity, IP general geolocation data, and inferences drawn. Please review “WHO WE SHARE PERSONAL INFORMATION WITH” above for further details about the categories of parties with whom we share information.

Right to know and delete
You have the right to know certain details about our data practices. In particular, you have the right to request copies of the following from us:

• The categories of personal information we collected about you;
• The categories of sources from which the personal information was collected;
• The categories of personal information we disclosed for a business purpose or sold or shared;
• The business or commercial purpose of our use, sale or sharing of your personal information;
• The categories of third parties with whom we share your personal information; and
• The specific pieces of personal information we have collected about you.

You also have the right to request that we delete your personal information.

Authorized agent
You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly, unless the request relates to your right to opt out of the sale or sharing of your personal information.

Your right to non-discrimination
You have the right not to be discriminated against in service or price if you exercise your privacy rights.

Shine the light
Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To submit a request, please write us at the email or postal address set out in “Questions or Complaints” below and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.

To exercise any of your privacy rights, please submit a request through our Online Form, contact us at RightsRequests [at] us.square-enix [dot] com, or call our toll free number at 1-800-715-2450. In the request, please specify which right you are seeking to exercise and the scope of the request. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests.

Global Privacy Control
We recognize the Global Privacy Control opt-out preference as a valid request to opt-out of the sale and sharing of the personal information processed through the browser you are using. This controls whether your browser sets third-party cookies on our websites that are used for targeted advertising. This is only based on browser settings and not your device settings. Please see the list of browsers that support GPC and instructions on how to enable it.

Colorado, Connecticut, and Virginia consumers right to appeal
Where your privacy rights request has been denied by us, you have the right to appeal that decision. Please contact us RightsRequests [at] us.square-enix [dot] com to appeal such a decision.

CHANGES AND UPDATES TO THIS PRIVACY NOTICE

As our services and products change from time to time, you should expect this Privacy Notice to change as well. We reserve the right to amend this Privacy Notice at any time, for any reason. We will make all reasonable endeavours to notify you of any changes. We may also email periodic reminders of this Privacy Notice, and will email customers who have a registered Square Enix Account or Square Enix Members account, of any material changes to this Privacy Notice. Nevertheless, you should check here regularly to see the current Privacy Notice that is in effect and any changes that may have been made to it.

COMPLAINTS

If you wish to file a complaint, please contact us at PrivacyNotice [at] us.square-enix [dot] com.

As previously mentioned, we are a licensee of ESRB’s Privacy Certified Program. If you believe that we have not responded to your inquiry or your inquiry has not been satisfactorily addressed, please contact ESRB Privacy Certified at http://www.esrb.org/privacy/contact.aspx. You may also email them at privacy@esrb.org.

This Privacy Notice has been designed to be accessible. If you experience any difficulties accessing the information here, please contact us at PrivacyNotice [at] us.square-enix [dot] com.

QUESTIONS

You made it to the end! We hope you enjoyed reading this Privacy Notice and we commend you on your dedication to understanding how we handle your personal information and your rights to control it. If this Privacy Notice hasn’t answered all your questions, or if you have any comments or ideas about how we can make this Privacy Notice even better, please don’t hesitate to contact us at PrivacyNotice [at] us.square-enix [dot] com.