Updated Nov 5, 2018
This policy applies to all Figma’s operating divisions, subsidiaries, affiliates, and branches and any additional subsidiary, affiliate, or branch of Figma that we may later form.
Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your account, if you are an account holder), and to enable you to enjoy and easily navigate our Services. The types of Personal Information we may collect (directly from you or from Third-Party sources) and our privacy practices depend on the nature of the relationship you have with Figma and the requirements of applicable law. Some of the ways that Figma may collect Personal Information include:
We endeavor to collect only that information which is relevant for the purposes of Processing.
Figma collects certain Personal Information about its current, prospective and former clients, customers, users, visitors, guests and employees (collectively “you” or “Individuals”).
When you use the Services or engage in certain activities such as creating an Account with Figma, we may ask you to provide some or all of the following types of information:
When you create an Account we’ll collect certain information that can be used to identify you, such as your name, email address, personal website, and picture (“Personally Identiﬁable Information” or “Personal Information”). We may also collect certain information that is not Personal Information because it cannot be used by itself to identify you.
Information Collected Using Cookies
Information Related to Use of the Services
Our servers automatically record certain information about how a person uses our Services (we refer to this information as “Log Data”), including both Account holders and non-Account holders (either, a “User”). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Services, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on and other statistics. We use this information to administer the Services and we analyze (and may engage third parties to analyze) this information to improve and enhance the Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. We may use a person’s IP address to ﬁght spam, malware and identity theft. We also use IP addresses to generate aggregate, non-identifying information about how our Services are used. We may, with your permission, collect information about your operating system’s installed fonts in connection with providing the Services to you. Combined with other system information, this information could be used to give your computer a unique ﬁngerprint/signature and enable us to track your usage of our Services after you log out.
In some cases we collect and store information about where you are located, such as by converting your IP address into a rough geolocation. We may use location information to improve and personalize our Services for you.
Meetups and/or Conferences
If you participate in conferences or meetup events, whether organized by Figma or a third-party, Figma may collect or obtain, and retain information you provide in connection with signing up and/or participating in that event.
When you use the Services, we share certain information about you with other Service users.
For collaboration: You can create content, which may contain information about you, and grant permission to others to see, share, edit, copy and download that content based on settings you or your administrator (if applicable) select. Some of the collaboration features of the Services display some or all of your profile information to other Service users when you share or interact with specific content. For example, when you comment, we display your profile picture and name next to your comments so that other users with access to the comment understand who made it. Similarly, when you join a team, your name, profile picture and contact information will be displayed in a list for other team members so they can find and interact with you. Please be aware that some content can be made publicly available, meaning any content posted, including information about you, can be publicly viewed and indexed by and returned in search results of search engines. You can check the settings at any time to confirm whether particular content is public or private.
Managed accounts and administrators: If you register or access the Services using an email address with a domain that is owned by your employer or organization, or associate that email address with your existing account and such organization wishes to establish a Figma services account, certain information about you including your name, profile picture, contact info, content, and account use may become accessible to that organization’s administrator and other Figma service users, as permitted by your administrator, to provide you additional products and services or to integrate with Figma or other products and services. For example, your organization may request that we provide extra security controls around your account to protect information about your organization or your organization may request that we link your Figma account with your organization’s account to enhance collaboration and functionality among tools you use. If you are the administrator of a team, organization or enterprise account within the Services, we may share your contact information with current or past Service users, for the purpose of facilitating Service-related requests.
We may receive information about you from other sources, including through Third-Party services and organizations to supplement information provided by you. For example, if you access our Services through a Third-Party application, such as an App Store or SNS, we may collect information about you from that Third-Party application that you have made public via your privacy settings. Information we collect through App Stores or SNS accounts may include your name, your SNS user identification number, your SNS user name, location, sex, birth date, email, profile picture, and your contacts on the SNS. This supplemental information allows us to verify information that you have provided to Figma and to enhance our ability to provide you with information about our business, products, and Services.
The Site may contain links to other websites and other websites may reference or link to our Site or other Services. These other domains and websites are not controlled by us, and Figma does not endorse or make any representations about Third-Party websites or social media platforms. We encourage our users to read the privacy policies of each and every website and application with which they interact. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
Figma’s Services may include publicly accessible blogs, community forums, or private messaging features. The Site and our other Services may also contain links and interactive features with various social media platforms (e.g., widgets). If you already use these platforms, their cookies may be set on your device when using our Site or other Services. You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible blog, chat room, social media platform or otherwise online, or that you share in an open forum may be viewed and used by others without any restrictions. We are unable to control such uses of your information when interacting with a social media platform, and by using such services you assume the risk that the Personal Information provided by you may be viewed and used by third parties for any number of purposes.
We use Third-Party software development kits (“SDKs”) as part of the functionality of our Services. Third-Party SDKs may allow Third Parties including advertisers to collect your personal information to provide content that is more relevant to you. You may opt out of tracking by following the instructions provided below.
We may sell services or merchandise through our Services. When you make purchases through the Services, we may process your payments through a Third-Party application, including the Apple App Store, Google Play App Store, Amazon App Store (together with any similar applications, “App Stores”), Social Networking Sites (“SNS”) such as Facebook, and/or payment processing services such as Stripe. The Third-Party application may collect certain financial information from you to process a payment on behalf of Figma, including your name, email address, address and other billing information.
We will not share any Personal Information that we have collected from you except as described below:
We may engage third party service providers to work with us to administer and provide the Services. These third-party services providers have access to your Personal Information for the purpose of performing services on our behalf. The types of service providers (processors) to whom we entrust Personal Information service providers for: (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; (iv) customer service activities; and (v) in connection with the provision of the Services. Figma has executed appropriate contracts with the service providers that prohibit them from using or sharing Personal Information except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements
We may share Personal Information with our business partners, and affiliates for our and our affiliates’ internal business purposes or to provide you with a product or service that you have requested. We may also provide Personal Information to business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you. In such cases, our business partner’s name will appear, along with Figma’s. Figma requires our affiliates and business partners to agree in writing to maintain the confidentiality and security of Personal Information they maintain on our behalf and not to use it for any purpose other than the purpose for which we provided them.
Through our Services, we may allow Third-Party advertising partners to set tracking tools (e.g., cookies) to collect information regarding your activities (e.g., your IP address, page(s) visited, time of day). We may also share such de-identified information as well as selected Personal Information (such as demographic information and past purchase history) we have collected with Third-Party advertising partners. These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit non-Figma related websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We may allow access to other data collected by the Site to facilitate transmittal of information that may be useful, relevant, valuable or otherwise of interest to you. If you prefer that we do not share your Personal Information with Third-Party advertising partners, you may opt out of such sharing at no cost by following the instructions below.
We may share aggregated information and non-identifying information with third parties for industry analysis, demographic proﬁling and other similar purposes.
It is our policy to protect you from having your privacy violated through abuse of the legal system, whether by individuals, entities or government, and to contest claims that we believe to be invalid under applicable law. However, it is also our policy to cooperate with government and law enforcement ofﬁcials and private parties. Accordingly, we reserve the right to disclose any information about you to government or law enforcement ofﬁcials or private parties as we, in our sole discretion, believe necessary: (i) to satisfy or comply with any applicable law, regulation or legal process or to respond to lawful requests, including subpoenas, warrants or court orders; (ii) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (iii) to prevent or stop activity we consider to be illegal or unethical.
In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies or Third Party service providers in order that they may identify users in connection with their investigation of the unauthorized activities or otherwise assist us with security related activities.
We will share your Personal Information with third-party sites or platforms if you have expressly consented or requested that we do so.
In connection with your Posting of User Content, we will share your picture, full legal name, user handle, and Twitter (or other social networking site) handle (to the extent you have provided us with this information). We are not responsible for privacy practices of the other users who may view and use the posted information.
By using the Site or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Site. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Site or sending an e-mail to you. You may have a legal right to receive this notice in writing.
Although we make good faith efforts to provide Individuals with access to their Personal Information, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary Personal Information. If we determine that access should be restricted in a particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Information.
You have the right to object to and opt out of certain uses and disclosures of your Personal Information. Where you have consented to Figma’s Processing of your Personal Information or Sensitive Personal Information, you may withdraw that consent at any time and opt out of further Processing by contacting firstname.lastname@example.org. Even if you opt out, we may still collect and use non-Personal Information regarding your activities on our Sites and/or information from the advertisements on Third-Party websites for non-interest based advertising purposes, such as to determine the effectiveness of the advertisements.
Email and telephone communications
We may occasionally send you push notifications through our mobile applications with notices that may be of interest to you. You may at any time opt out from receiving these types of communications by changing the settings on your mobile device. We may also collect location-based information if you use our mobile applications. You may opt out of this collection by changing the settings on your mobile device.
Human resources data
With regard to Personal Information that Figma receives in connection with the employment relationship, Figma will use such Personal Information only for employment-related purposes as more fully described above. If Figma intends to use this Personal Information for any other purpose, Figma will notify the Individual and provide an opportunity to opt out of such uses
“DO NOT TRACK”
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
Cookies and interest-based advertising
You agree that all Personal Information collected via or by Figma may be Personal Information transferred to, Processed, and stored anywhere in the world, including but not limited to, United States, the European Union, in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers. Your Personal Information may be accessible to law enforcement or other authorities pursuant to a lawful request. By providing information to Figma, you explicitly consent to the storage of your Personal Information in these locations.
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and to Processing of your data globally. By providing your Personal Information, you consent to any transfer and Processing in accordance with this Policy.
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
Our Services are not directed to children under 13, or other age as required by local law. We do not knowingly collect Personal Information from children under 13, or other age as required by local law. If you learn that your child has provided us with Personal Information without your consent, you may alert us at email@example.com. If we learn that we have collected any Personal Information from children under 13 (or other age as required by local law), we will promptly take steps to delete such information and terminate the child’s account.
New Uses of Personal Information
Additionally, before we use Personal Information for any new purpose not originally authorized by you, we will endeavor to provide information regarding the new purpose and give you the opportunity to opt out. Where consent of the Individual for the Processing of Personal Information is otherwise required by law or contract, Figma will endeavor to comply with the law or contract.
Figma is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance — free of charge to you. We ask that you first submit any such complaints directly to us via firstname.lastname@example.org. If you aren't satisfied with our response, please contact JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.
Within the scope of our authorization to do so, and in accordance with our commitments under the Privacy Shield, Figma will provide individuals access to personal data about them. Figma also will take reasonable steps to enable individuals to correct, amend, or delete personal data that is demonstrated to be inaccurate.
Figma is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Figma complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
The following capitalized terms shall have the meanings herein as set forth below.