This policy applies to all Figma’s operating divisions, subsidiaries, affiliates, and branches and any additional subsidiary, affiliate, or branch of Figma that we may later form.
Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your account, if you are an account holder), and to enable you to enjoy and easily navigate our Services. The types of Personal Information we may collect (directly from you or from Third-Party sources) and our privacy practices depend on the nature of the relationship you have with Figma and the requirements of applicable law. Some of the ways that Figma may collect Personal Information include:
We endeavor to collect only that information which is relevant for the purposes of Processing.
Figma collects certain Personal Information about its current, prospective and former clients, customers, users, visitors, guests and employees (collectively “you” or “Individuals”).
Information You Provide Directly to Us. When you use the Services or engage in certain activities such as creating an Account with Figma, we may ask you to provide some or all of the following types of information:
Sharing with other Service users. When you use the Services, we share certain information about you with other Service users.
Information From Other Sources. We may receive information about you from other sources, including through Third-Party services and organizations to supplement information provided by you. For example, if you access our Services through a Third-Party application, such as an App Store or SNS, we may collect information about you from that Third-Party application that you have made public via your privacy settings. Information we collect through App Stores or SNS accounts may include your name, your SNS user identification number, your SNS user name, location, sex, birth date, email, profile picture, and your contacts on the SNS. This supplemental information allows us to verify information that you have provided to Figma and to enhance our ability to provide you with information about our business, products, and Services.
The Site may contain links to other websites and other websites may reference or link to our Site or other Services. These other domains and websites are not controlled by us, and Figma does not endorse or make any representations about Third-Party websites or social media platforms. We encourage our users to read the privacy policies of each and every website and application with which they interact. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
Figma’s Services may include publicly accessible blogs, community forums, or private messaging features. The Site and our other Services may also contain links and interactive features with various social media platforms (e.g., widgets). If you already use these platforms, their cookies may be set on your device when using our Site or other Services. You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible blog, chat room, social media platform or otherwise online, or that you share in an open forum may be viewed and used by others without any restrictions. We are unable to control such uses of your information when interacting with a social media platform, and by using such services you assume the risk that the Personal Information provided by you may be viewed and used by third parties for any number of purposes.
We use Third-Party software development kits (“SDKs”) as part of the functionality of our Services. Third-Party SDKs may allow Third Parties including advertisers to collect your personal information to provide content that is more relevant to you. You may opt out of tracking by following the instructions provided below.
We may sell services or merchandise through our Services. When you make purchases through the Services, we may process your payments through a Third-Party application, including the Apple App Store, Google Play App Store, Amazon App Store (together with any similar applications, “App Stores”), Social Networking Sites (“SNS”) such as Facebook, and/or payment processing services such as Stripe. The Third-Party application may collect certain financial information from you to process a payment on behalf of Figma, including your name, email address, address and other billing information.
We will not share any Personal Information that we have collected from you except as described below:
Information Shared with Our Services Providers. We may engage third party service providers to work with us to administer and provide the Services. These third-party services providers have access to your Personal Information for the purpose of performing services on our behalf. The types of service providers (processors) to whom we entrust Personal Information service providers for: (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; (iv) customer service activities; and (v) in connection with the provision of the Services. Figma has executed appropriate contracts with the service providers that prohibit them from using or sharing Personal Information except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements
Information Shared with Business Partners. We may share Personal Information with our business partners, and affiliates for our and our affiliates’ internal business purposes or to provide you with a product or service that you have requested. We may also provide Personal Information to business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you. In such cases, our business partner’s name will appear, along with Figma’s. Figma requires our affiliates and business partners to agree in writing to maintain the confidentiality and security of Personal Information they maintain on our behalf and not to use it for any purpose other than the purpose for which we provided them.
Information Shared for Marketing. Through our Services, we may allow Third-Party advertising partners to set tracking tools (e.g., cookies) to collect information regarding your activities (e.g., your IP address, page(s) visited, time of day). We may also share such de-identified information as well as selected Personal Information (such as demographic information and past purchase history) we have collected with Third-Party advertising partners. These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit non-Figma related websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We may allow access to other data collected by the Site to facilitate transmittal of information that may be useful, relevant, valuable or otherwise of interest to you. If you prefer that we do not share your Personal Information with Third-Party advertising partners, you may opt out of such sharing at no cost by following the instructions below.
Information Shared with Third Parties. We may share aggregated information and non-identifying information with third parties for industry analysis, demographic proﬁling and other similar purposes.
Information Disclosed for Our Protection and the Protection of Others. It is our policy to protect you from having your privacy violated through abuse of the legal system, whether by individuals, entities or government, and to contest claims that we believe to be invalid under applicable law. However, it is also our policy to cooperate with government and law enforcement ofﬁcials and private parties. Accordingly, we reserve the right to disclose any information about you to government or law enforcement ofﬁcials or private parties as we, in our sole discretion, believe necessary: (i) to satisfy or comply with any applicable law, regulation or legal process or to respond to lawful requests, including subpoenas, warrants or court orders; (ii) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (iii) to prevent or stop activity we consider to be illegal or unethical.
In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies or Third Party service providers in order that they may identify users in connection with their investigation of the unauthorized activities or otherwise assist us with security related activities.
Information We Disclose With Your Consent or at Your Request. We will share your Personal Information with third-party sites or platforms if you have expressly consented or requested that we do so.
Information Displayed to Others Upon Posting of User Content. In connection with your Posting of User Content, we will share your picture, full legal name, user handle, and Twitter (or other social networking site) handle (to the extent you have provided us with this information). We are not responsible for privacy practices of the other users who may view and use the posted information.
By using the Site or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Site. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Site or sending an e-mail to you. You may have a legal right to receive this notice in writing.
Although we make good faith efforts to provide Individuals with access to their Personal Information, there may be circumstances in which we are unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary Personal Information. If we determine that access should be restricted in a particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, we will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Information.
You have the right to object to and opt out of certain uses and disclosures of your Personal Information. Where you have consented to Figma’s Processing of your Personal Information or Sensitive Personal Information, you may withdraw that consent at any time and opt out of further Processing by contacting firstname.lastname@example.org. Even if you opt out, we may still collect and use non-Personal Information regarding your activities on our Sites and/or information from the advertisements on Third-Party websites for non-interest based advertising purposes, such as to determine the effectiveness of the advertisements.
You agree that all Personal Information collected via or by Figma may be Personal Information transferred to, Processed, and stored anywhere in the world, including but not limited to, United States, the European Union, in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers. Your Personal Information may be accessible to law enforcement or other authorities pursuant to a lawful request. By providing information to Figma, you explicitly consent to the storage of your Personal Information in these locations.
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and to Processing of your data globally. By providing your Personal Information, you consent to any transfer and Processing in accordance with this Policy.
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
We retain your account information until you delete your account. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.
If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services. For example, we continue to display comments and other content you provided.
If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. For more information, see "Managed accounts and administrators" above.
If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
Our Services are not directed to children under 13, or other age as required by local law. We do not knowingly collect Personal Information from children under 13, or other age as required by local law. If you learn that your child has provided us with Personal Information without your consent, you may alert us at email@example.com. If we learn that we have collected any Personal Information from children under 13 (or other age as required by local law), we will promptly take steps to delete such information and terminate the child’s account.
Figma is subject to oversight by the U.S. Federal Trade Commission. JAMS is the US-based independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance — free of charge to you. We ask that you first submit any such complaints directly to us via firstname.lastname@example.org. If you aren't satisfied with our response, please contact JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. In the event your concern still isn't addressed by JAMS, you may be entitled to a binding arbitration under Privacy Shield and its principles.
Within the scope of our authorization to do so, and in accordance with our commitments under the Privacy Shield, Figma will provide individuals access to personal data about them. Figma also will take reasonable steps to enable individuals to correct, amend, or delete personal data that is demonstrated to be inaccurate.
Figma is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Figma complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
The following capitalized terms shall have the meanings herein as set forth below.
refers to any current, temporary, permanent, prospective or former employee, director, contractor, worker, or retiree of Figma or its subsidiaries worldwide.
is any information relating to an identified or identifiable natural person (“Individual”).
or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding EU residents that is classified as a “Special Category of Personal Data” under EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where Processed to uniquely identify a person; (6) health information; (7) sexual orientation or information about the Individual’s sex life; or (8) information relating to the commission of a criminal offense.
is any company, natural or legal person, public authority, agency, or body other than the Individual or Figma.