View General Privacy Notice View Japan Privacy Notice
Hi. We’re Square Enix, Inc. You probably know us from all the SQUARE ENIX®, and TAITO® branded entertainment content we develop, publish, distribute, and license, including: FINAL FANTASY®, DRAGON QUEST®, and SPACE INVADERS®.
This Privacy Notice describes how Square Enix, Inc. and our affiliates (collectively “Square Enix,” “Company,” or “we,” “our,” or “us”) collect, use, and share information about you when you use our various products and services (collectively, the “Services”). This Privacy Notice applies if you are a customer or subscriber of Square Enix, Inc. or if you are visiting a website where this Privacy Notice is posted. This Privacy Notice does not apply to information collected by third parties that may interact with our Services (e.g., a social media plug-in such as a Facebook like button), or to our data collection activities outside of our Services (e.g., through websites that support specific products, which may have different privacy policies). It also does not apply to information collected through the Services if you are located outside of the United States. If you are located in Japan, please see our Japan Privacy Notice. For all other locations outside of the U.S. please see our General Privacy Notice.
In addition, please review the Square Enix, Inc. Terms of Service (“SEA Terms of Service”), which govern your use of the Services. By using our Services, you consent to this Privacy Notice and SEA Terms of Service and our collection, storage, sharing and use of your information and data, and other activities, as described. If you do not agree to this Privacy Notice, do not access the Services, and in the case of mobile applications, uninstall the mobile applications immediately.
Square Enix is a valid licensee, and participating member, of the Entertainment Software Rating Board's Privacy Certified Program (“ESRB Privacy Certified”). To protect your privacy, we have voluntarily undertaken this privacy initiative, and all of our Services where this Privacy Notice is posted and an ESRB Privacy Certified seal is shown have been reviewed and certified by ESRB Privacy Certified to meet established online information collection, use, and disclosure practices. As a licensee of this privacy program, we are subject to audits of our Services and other enforcement and accountability mechanisms administered independently by ESRB Privacy Certified.
For personal data transferred from the United Kingdom, the European Union, and Switzerland, we will provide appropriate safeguards, such as through use of standard contractual clauses.
Depending on the specific Services you use and how you interact with us, we may collect various types of information. This information includes information that can be used to identify you personally.
Sometimes you choose to provide this information to us and other times we collect it from you automatically. For example, you choose to provide us certain information when you register or update a Square Enix Members account or Square Enix Account, use our paid-for Services, apply for a job with us, subscribe to our mailing lists or agree to receive marketing messages from us, call us, email us, live chat with us online or in-game, make a purchase from us, enter one of our competitions or sweepstakes, respond to one of our surveys, post in our forums, conduct a search or post content on our websites, chat or interact with other users on the Services, register to attend our events, or “follow,” “like,” post to, or otherwise interact with our social media accounts. And we collect your information automatically when you browse or use our websites, chat or interact with other users on the Services, receive an email from us, login to your Square Enix Members or Square Enix Account, play one of our games, live chat with us online or in-game, or make a purchase from us.
Here are some examples of the types of information we may collect from you when you use the Services, including in the past 12 months.
Information You Disclose Publicly: The Services may permit you to submit content on various public channels like blogs and message boards, as well as through gameplay. We or others may store, display, publish, or otherwise use this content in perpetuity, and may or may not attribute it to you. Please note that we do not control who will have access to information you choose to make public, and cannot ensure that parties who have access to such publicly available information will respect your privacy or keep it secure. Please think carefully before sharing any information on the Services.
Information Third Parties Provide about You: We may, from time to time, supplement the information we collect directly from you on our Services with outside records from third parties for various purposes, including to enhance our ability to serve you, to tailor content and ads to you, and to offer you opportunities that may be of interest to you.
Third-Party Logins: The Services may include the option to register or log in to an account using Facebook, Google, Steam, or another third-party service. By doing so, you may provide us with access to certain information from your social media profile, such as your name, email address, photo, gender, birthday, location, friends, people you follow/who follow you, content you post, or posts you like. Please be aware that these third parties are not subject to this Privacy Notice, and we are not responsible for their practices. You should review the applicable third parties’ privacy policies before using their tools to interact with the Services.
Health Apps: Some of our mobile games have the ability to make use of your device‘s ‘health app’ (Apple HealthKit for Apple devices, Google Fit for Android devices, or its equivalent) in order to process your fitness activity in the game.
Where you have chosen to connect your device’s health app to one of our games, we use the data obtained from your device's health app only for the purpose of providing health management, movement, or exercise services in connection with the specific game. We do not use data collected through your device's health app for marketing or advertising purposes and our use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
We will only collect the health data you give us permission to collect and you will always be in control of this data collection; we cannot use your device's health app without your specific consent and you can withdraw consent to this data collection at any time in your device’s health app settings.
Tracking Technologies: We use various technologies to collect information from you, including as follows:
For more information on analytics, advertising, related tracking technologies, and your choices, please visit the Ads and Analytics and Your Choices sections below.
We may collect and use your information for business and commercial purposes in accordance with the practices described in this Privacy Notice. The purposes for collecting and using your information, including in the past 12 months, include:
We may use information that does not identify you (including information that has been de-identified) without obligation to you except as prohibited by applicable law.
We share information we collect in accordance with the practices described in this Privacy Notice. The categories of parties with whom we share information, and have shared information in the past 12 months, include:
Service Providers. We use service providers to help support and operate the Services or to perform certain functions on our behalf. If we share your information with service providers, we will only provide them with information they reasonably need to perform their specific services for the purposes we specify in our contract with them, although we may permit them to use information that does not identify you for other purposes. If we stop using their services, we will require that any of your information that they hold be securely and permanently deleted or de-identified so that it does not identify you. In all cases, we will apply measures to help keep your data safe and your privacy protected.
Here are some examples of the types of service providers with which we may share your information:
Analytics and Advertising. We may share information with vendors and other parties for analytics and advertising related purposes. For example, we share information with analytics companies who help us analyze how you use the Services, and ad partners like Google and Facebook, so that they can show you products or services that might interest you. These parties may act as our service providers, or in certain contexts, independently decide how to process your information.
Business Partners. We may share your information with our business partners for various purposes. Here are some examples of the types of business partners with which we may share your information:
Third-Party Locations and Services: When you are on the Services, you may be directed to other sites or services that are operated by third parties outside of our control. For example, if you click on a link displayed on the Services you may be taken to a different site. We may share information at your request or direction. We are not responsible for the data collection and privacy practices employed by these third parties. We encourage you to pay attention when you leave our Services and to review the privacy policies of any third-party locations you go to.
Administrative and Legal Disclosures: We may disclose your information to third parties: (i) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (ii) to satisfy any applicable law, regulation, subpoena, or governmental requestor legal process, or any legal process in connection with a court proceeding or arbitration, if in our good faith opinion we are required or permitted to do so by law; (iii) to investigate potential violations of the Square Enix Terms of Service or other policies applicable to the Services; (iv) to protect the safety, rights, property or security of the Services, our staff, users, or any other third party; or (v) to detect, prevent, or otherwise address fraud or threats to security.
Business Transfers: We may share your information with our affiliate companies within and outside of the United States. In the event some or all of our company will be acquired by another party, we may share your information with the acquiring party.
Consent: We may share your information for other purposes if we have disclosed that purpose to you and you have consented to it.
De-identified Information: We may share aggregated information that does not identify you or de-identified information about you with third parties or affiliates for any purpose except as prohibited by applicable law.
The Services may use other parties such as network advertisers and ad exchanges to serve targeted advertisements based on your behavior on and off of the Services, and may use analytics, user research, or other similar parties to evaluate and provide us or other parties with information about your use of the Services and viewing of ads or content. Network advertisers are parties that display advertisements, which may be based on your visits to the Services or other locations you have visited.
Ad serving enables us and others to target advertisements to you or people like you for products and services in which you or people like you might be interested. For example, if you provide us with your email address we may share it with Facebook so that you can receive targeted ads from us when you use Facebook, and so that other users of Facebook who share similar interests to you can also receive targeted ads from us. Ad network providers, advertisers, sponsors, or traffic measurement services may themselves set and access their own cookies or other tracking technologies on your device and browser. These tracking technologies may be set to, among other things, help deliver relevant advertisements, prevent you from seeing the same advertisements too many times, or help understand the usefulness of certain advertisements to you. This Privacy Notice does not apply to the practices of other parties or their use of your information, so you should visit these parties’ websites for more information about their privacy practices.
Please note that we adhere to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising.
There are various ways in which you can exercise choice and control over the information you provide to us on the Services. Here are some examples:
Limit the Information You Provide to Us: You can stop all prospective collection of information on our Services by uninstalling and ceasing to interact with the Services. You can also decline to provide information we request from you, although doing so may prevent you from using certain parts of the Services (e.g., you will not be able to create an account with us if you do not provide your email address and other information we need to process your registration). With respect to our mobile applications, you may use the standard uninstall process supported by your device, the app, or the marketplace or software through which you acquired the app to stop all prospective information collection through the app.
Change Your Communications Preferences: You may cancel or modify the email communications you receive from us by following the instructions contained within our promotional emails or, where applicable, by logging into your account and adjusting your settings. This will not affect subsequent access to the Services. Please note that we reserve the right to send you certain communications relating to your account or use of our Services, such as administrative and service announcements, and you will continue to receive these transactional account messages even if you opt-out of receiving our promotional email communications.
Analytics: You may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout and downloading the Google Analytics Opt-out Browser Add-on.
Interest-Based Advertising Opt Outs: Some of the advertisers and parties that perform advertising-related services for us and our partners may participate in the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding interest-based advertising, visit http://www.aboutads.info/choices for website opt-out choices and http://www.aboutads.info/appchoices for mobile app opt-out choices. Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices. Please be aware that, even if you are able to opt out of certain kinds of interest-based advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain interest-based advertising to you, but does not mean you will no longer receive any targeted content or ads (e.g., from other ad networks). We are not responsible for the effectiveness of, or compliance with, any opt-out options or programs of any other parties or the accuracy of their statements regarding their programs.
Cookies: You may also be able to manage cookies by changing your browser settings. For certain websites that display a cookie banner at the bottom of the page, you may also have the option to control certain types of cookies by using this banner. Some features of the Services may not function properly if you choose to disable cookies, and some types of cookies may not be disabled using browsers. In some instances, especially with respect to mobile apps, we may require you to uninstall/not use the Services rather than have a poor experience from disabling cookies. Please review our Cookie Notice for more information.
Location Data: For our mobile apps, you can turn off our collection of precise location data through the settings on your device. You can stop collection of all location data through a particular app by uninstalling that app.
App Technologies: For our mobile apps, you can reset your mobile ad Id through your device settings, which is designed to allow you to limit the use of information collected about you. For information on how to do this on Apple devices, visit Apple.com or https://support.apple.com/en-us/HT202074. For information on how to do this on Android devices, visit www.google.com.
Do Not Track: Your browser settings may allow you to automatically transmit a "Do Not Track" signal to websites and online services you visit. There is no consensus among industry participants as to what "Do Not Track" means in this context. Like many websites and online services, unless and until the law is interpreted to require us to do so, we do not alter our practices when we receive a "Do Not Track" signal from a visitor's browser. To find out more about "Do Not Track," you may wish to visit http://www.allaboutdnt.com/.
Accounts and Forums:
You may review, correct, update, or request the erasure of account information you have provided to us by contacting us at RightsRequests [at] us.square-enix [dot] com. We may require additional information from you to allow us to confirm your identity and properly respond to your request. Nothing in this Privacy Notice is intended to limit any additional rights you may have under local law.
Please note that it is not always possible to completely remove or delete all of your account information from our databases and residual data may remain on backup media. Also, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
You may remove content you have posted on our forums by logging into your account, directly accessing your post, and using the editing tools in our forums (if available). Should you wish to edit or remove any content you have publicly posted, you may contact us with your specific removal request. Please note that we are not required to remove your posted content or information if it has been de-identified or if we are required by law to retain it.
Your Nevada Privacy Rights:
Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us as at RightsRequests [at] us.square-enix [dot] com.
This section describes the various rights California residents have over their personal information under the California Consumer Privacy Act of 2018 (“CCPA”) and how you can invoke these rights with us.
Notice of collection
In the past 12 months, we have collected the following categories of personal information enumerated in the CCPA:
For further details on information we collect, including the sources from which we receive information, review “The Types of Information We Collect from You and How We Collect It” above. We collect and use these categories of personal information for the business purposes described in “How We Use the Information We Collect from You” above.
We do not generally sell information as the term “sell” is traditionally understood. To the extent “sale” under the CCPA is interpreted to include the activities set out in this Privacy Notice, such as those disclosed in the “Ads and Analytics” section above, we will comply with applicable law as to such activity. We disclose the following categories of personal information for commercial purposes: identifiers, characteristics, commercial or transactions information, internet activity, geolocation data, and inferences drawn. Please review “How We Share Your Information” above for further details about the categories of parties with whom we share information.
Your right to know and delete
You have the right to know certain details about our data practices in the past 12 months. In particular, you have the right to request copies of the following from us:
You also have the right to request that we delete your personal information.
To exercise any of these rights, please submit a request through our Online Form, contact us at RightsRequests [at] us.square-enix [dot] com, or call our toll free number at 1-800-715-2450. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests.
Your right to opt-out
To the extent we sell your personal information as the term “sell” is defined under the CCPA, you have the right to opt-out of the sale of your personal information by us to third parties at any time. You can submit a request to opt-out by clicking here: Do Not Sell or Share, or calling our toll-free number at 1-800-715-2450.
Authorized agent
You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.
Your right to non-discrimination
You have the right not to be discriminated against in service or price if you exercise your privacy rights.
Shine the light
Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To submit a request, please write us at the email or postal address set out in “Questions or Complaints” below and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.
Please be aware that information we collect may be transferred, processed, stored, and used internationally, including in the United States, Canada, Japan, the United Kingdom, and the European Union. The data protection laws in these countries may differ from those of the country in which you are located, and your information may be subject to access requests from governments, courts, or law enforcement. By using the Services, or providing us with any information, you consent to the transfer to, and processing, usage, sharing, and storage of your information, including personal data, in other countries as set forth in this Privacy Notice.
For personal data transferred from the United Kingdom, the European Union, and Switzerland, we will provide appropriate safeguards, such as through use of standard contractual clauses.
Company participates in the E.U.-U.S. and Swiss-U.S Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the United Kingdom, the European Union and Switzerland. For the purpose of this Section 8, “Company” refers to the following legal entities only: Square Enix of America Holdings, Inc., Square Enix, Inc., and Square Enix LLC have certified that it adheres to the Privacy Shield’s Principles of notice; choice; accountability for onward transfer; security; data integrity and purpose limitation; access; and recourse, enforcement, and liability. In accordance with its obligations under the Privacy Shield, and subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, Company affirms its commitment to subject all personal data received from the United Kingdom, the European Union and Switzerland in reliance on the Privacy Shield to the Privacy Shield Principles. This means that, in addition to Company’s other obligations under the Privacy Shield Principles, Company shall be liable to you for any third-party agent to which we transfer your personal data in reliance on the Privacy Shield and who processes such personal data in a manner that violates the Privacy Shield Principles, unless Company can demonstrate that it is not responsible for the resulting damages.
You have the right to ask us not to process your personal data (or not to provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you.
Company is committed to resolving any complaints regarding your privacy and our collection and use of your personal data in reliance on the Privacy Shield. For inquiries or complaints regarding the processing of personal data transmitted to Company from the United Kingdom, the European Union or Switzerland, or to exercise your rights, please contact us at PrivacyNotice [at] us.square-enix [dot] com, or send a letter to:
Square Enix, Inc.
Attn: Legal Department
999 N. Pacific Coast Highway
3rd Floor, El Segundo
CA 90245
For any complaints regarding personal data transferred in reliance on the Privacy Shield that we are unable to resolve directly, you may submit your complaint at no cost to you to JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event there are residual complaints that have not been resolved by JAMS or any other means, you may seek a non-monetary remedy through binding arbitration to be provided to you in accordance with the Privacy Shield Principles.
To learn more about the Privacy Shield Framework, and to view Company’s certification, please visit https://www.privacyshield.gov/welcome. A list of companies certified under the Privacy Shield Framework is available at the following link: https://www.privacyshield.gov/list.
We do not knowingly collect or store any personal information as defined by the Children’s Online Privacy Protection Act (“COPPA”) from children under the age of 13 without verifiable parental consent, as required by COPPA. There may be instances, such as a sweepstakes, contest, or promotion, in which we collect personal information from a child in order to contact a parent and complete prize fulfillment in accordance with COPPA. We do not knowingly “sell,” as that term is defined under the CCPA, the personal information of minors under 16 years old who are California residents.
If you are a parent or guardian of a child under the age of 13 (or different age as may apply in your jurisdiction) and believe he or she has disclosed personal information to us without your consent, please contact us at:
Square Enix, Inc.
Attn: Legal Department
999 N. Pacific Coast Highway
3rd Floor, El Segundo
CA 90245
You can also contact us at PrivacyNotice [at] us.square-enix [dot] com. We will delete the child’s personal information from our records as soon as possible.
We understand how important data security is to you, and we have implemented various policies, processes, and technical measures to help protect and secure your information. That said, no data transmission is guaranteed to be 100% secure, and we cannot ensure the security of any information you transmit to us. Please take care when transmitting information online, including through the Services, and make sure to keep your passwords and account information secure at all times. In the event we become aware of a data breach involving unencrypted notice-triggering information in our possession, we will notify you as may be required by applicable law.
If you have any questions or wish to file a complaint, please contact us at PrivacyNotice [at] us.square-enix [dot] com.
As previously mentioned, we are a licensee of ESRB’s Privacy Certified Program. If you believe that we have not responded to your inquiry or your inquiry has not been satisfactorily addressed, please contact ESRB Privacy Certified at http://www.esrb.org/privacy/contact.aspx. You may also email them at privacy@esrb.org.
This Privacy Notice has been designed to be accessible to people with disabilities. If you experience any difficulties accessing the information here, please contact us at PrivacyNotice [at] us.square-enix [dot] com.
We reserve the right to change this Privacy Notice. Any changes to this Privacy Notice will be effective as soon as we post them. However, if you have registered an account with us we may ask you to opt-in upon sign-in if we make material changes.
To the extent any provision of this Privacy Notice is found by a competent tribunal to be invalid or unenforceable, such provision shall be severed to the extent necessary for the remainder to be valid and enforceable.