Effective as of: 24 May 2022

We are Niantic. We provide real-world augmented reality platforms, designed to enable you to interact in shared worlds, seamlessly blended with the real world. To do that, we need information about you. Protecting your privacy is really important to us. We only use your information where we have a legal basis to do so. This Privacy Policy will help you understand what information we collect, how we use it and what choices you have when you play any of our games or use any of our apps, use our websites, buy merchandise from us, or take part in live events and promotions (the “Services“).

Our Privacy Policy is designed to give you a comprehensive understanding of the steps that we take to protect the personal information that you share with us, and we would always recommend that you read it in full. Younger players, however, may wish to check out our ‘Privacy Explorers’ page for an overview of the key points in this policy.

You should also read our Terms of Service which set out the contract between you and Niantic when you use our Services.

Who decides how your information is used?

Niantic, Inc. (1 Ferry Building Suite 200, San Francisco, CA 94111) generally is the data controller responsible for making decisions about how we use your personal information . If however you are based in the United Kingdom (UK), Russia or the European Economic Area (EEA), your data controller is Niantic International Limited in the UK (11th Floor Whitefriars, Lewins Mead, Bristol, United Kingdom, BS1 2NT).

If you have any questions or comments on this policy, you can:

The information we collect about you and how we use it

This Privacy Policy covers our use of any information that can or could be used to identify you (“Personal Data“). It does not cover information which cannot be used to identify you (“Anonymous Data“).

We need to collect and use certain Personal Data to provide the Services to you and fulfil the promises we make to you in the Terms of Service:

In addition, we have and rely on a legitimate interest in using your Personal Data as follows:

We will only use your Personal Data to do the following if we have your consent:

We also rely on your consent where we use cookies or similar technologies. Please see our Cookies Policy for more information about how we use them. Insofar as cookies collect Personal Data, we will process it only based on your explicit consent, in anonymized form, or under a pseudonym.

While you may disable the usage of cookies through your browser settings, Niantic currently does not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to the lack of industry standard on how to interpret that signal.

We will not share any Personal Data that we have collected from or regarding you except as described below:

Information Shared with Our Service Providers. We engage external service providers to work with us to administer and provide the Services. As part of that they will process your Personal Data on our behalf. These external service providers have access to your Personal Data only for the purpose of performing services on our behalf, in compliance with this Privacy Policy, and we make sure each one is contractually obliged not to disclose or use your Personal Data for any other purpose. The service providers we use help us to:

Some external service providers may also collect information directly from you (for example, a payment processor may request your billing and financial information) as a Third Party Service in accordance with their own privacy policy. Such external service provider does not share your financial information, like credit card number, with Niantic, but it may share limited information with us related to your purchase, like your zip or postal code.

Information Shared with Other Players. When you use the Services, and in particular when you play our games, use social features within those games (including cross-game features), or take part in live events, we will share certain Personal Data with other players. This Personal Data includes your in-game profile (such as your username, your avatar, your online status, and your team), your in-game actions and achievements, real-world locations associated with your gameplay, or with gameplay resources you interacted with when playing the game (for example PokéStops within Pokémon GO, Fortresses within Harry Potter: Wizards Unite, or Portals within Ingress), and your in-game messages and related content you share with other players. Additionally, certain games link to third-party sharing features on your device that you can use to disclose Personal Data to others outside the Services; Niantic does not control and is not responsible for the practices of these third-party sharing features.

Information Shared with Parents. If you use a Niantic Kids account to access our Services, we will share certain information with the parent or guardian who permitted you to create your account (such as information about which friends you make in certain games where your parent or guardian has enabled this feature).

Information Shared Publicly: When you use the Services, and in particular when you play our games, use competitive features, or participate in our forums, the following information about you may be shared on web pages accessible to the public and therefore become publicly available: your username, in-game profile, achievements and public messages.

Information Shared with Third Parties. We share Anonymous Data with third parties for industry and market analysis. We may share Personal Data with our third-party publishing partners for their direct marketing purposes only if we have your express permission. We do not share Personal Data with any other third parties for their direct marketing purposes.

Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We only share information about you to government or law enforcement officials or private parties when we reasonably believe necessary or appropriate: (a) to respond to claims, legal process (including subpoenas and warrants); (b) to protect our property, rights, and safety and the property, rights, and safety of a third party or the public in general; and (c) to investigate and stop any activity that we consider illegal, unethical, or legally actionable.

Information Disclosed in Connection with Business Transactions. Information that we collect from our users, including Personal Data, is a business asset. If we are acquired by a third party as a result of a transaction such as a merger, acquisition, or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your Personal Data, will be disclosed or transferred to a third party acquirer in connection with the transaction.

How your Personal Data is transferred

Niantic operates its Services across the globe. Your Personal Data will likely be transferred and stored in a country outside of your home country, including in the USA, for the purposes outlined in this Privacy Policy to the extent permitted by applicable laws. The data protection laws in these countries may not be the same as in your home country.

If we transfer your Personal Data from the UK or the EEA to other countries, including the USA, we ensure that a similar degree of protection is provided to your Personal Data as within the UK or the EEA, as applicable, by ensuring that at least one of the following safeguards is implemented:

How we keep your Personal Data safe

We have appropriate legal, organizational and technical security measures in place to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, improperly altered or disclosed. We also limit access to your Personal Data to employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How long we will keep your Personal Data

We keep your Personal Data for as long as we need to provide the Services to you and fulfil the purposes set out in this Privacy Policy. This is also the case for anyone that we share your information with and who carry out services on our behalf.

When we no longer need to use your Personal Data and there is no need for us to keep it to comply with our legal or regulatory obligations, we will either remove it from our systems or anonymize it so that it can no longer be associated with you. When removing Personal Data, we will take commercially reasonable and technically feasible measures to make said Personal Data irrecoverable or irreproducible.

Your rights and choices

You have certain rights in relation to your Personal Data. This means you can:

The law provides exceptions to these rights in certain circumstances. Where you cannot exercise one of these rights due to such an exception, we will explain to you why.

We offer you choices regarding the collection, use, and sharing of your Personal Data and we’ll respect the choices you make. Please note that if you decide not to provide us with the Personal Data that we request, you may not be able to access all of the features of the Services.

After you contact us, you may receive an email in order to verify your request. We aim to provide the information or complete the outcome you request within 30 days, or such shorter time period as provided by laws of your jurisdiction

Children

Unless stated otherwise for a particular Service, children are not allowed to use the Services, and we do not knowingly collect Personal Data from them. We define “children” as follows:

Niantic Game and App Resources contains information on the age requirement for each of our Apps.

For Services that do permit Child participation, parents or legal guardians (“Parents”) must provide verified consent. Verifiable parental consent is required for the collection, use, or disclosure of a child’s Personal Data. Niantic will not collect, use, or disclose any Personal Data from a child if their parent or guardian does not provide such consent. We may ask a Child to provide a Parent’s email address in order to request this consent, and the Parent’s email address will be deleted if consent is not provided within a reasonable time.

Niantic Kids

External Single Sign On Services

Parents have the right to review their Child’s Personal Data; to have their Child’s Personal Data deleted; and to refuse further collection, use, and/or disclosure of their Child’s Personal Data by notifying us. As a parent, you understand that Niantic has a legitimate interest in providing your Child’s Personal Data collected via the Services to external providers for the sole purpose of administering or providing the Services, as described in Paragraph 3 of this Privacy Policy. For more information on Niantic Kids, visit our support website here. For more information on authorized third-party providers, please visit the provider’s website.

If we learn that we have collected Personal Data of a Child, and we do not have parental consent, we will take steps to delete such information from our files as soon as possible.

If you have questions about our privacy practices for Children, please contact us at [email protected] or write to us at the Niantic address listed above in paragraph 1.

Changes to this Privacy Policy

Any Personal Data that we collect is covered by the Privacy Policy in effect at the time such information is collected. We may make changes to this Privacy Policy from time to time. You will be given reasonable notice of any material change.

Third Parties

In using our Services you may access links to websites and services that are owned or operated by third parties (each, a “Third Party Service”). Any information that you provide on or to a Third Party Service or that is collected by a Third Party Service is provided directly to the owner or operator of the Third Party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy, or security practices and policies of any Third Party Service. To protect your information we recommend that you carefully review the privacy policies of all Third Party Service that you access.

Disclosures Specific to California Residents

California law requires that we make certain disclosures about your data. We do not sell your Personal Data. The information listed in Section 2 falls under the following California Consumer Privacy Act (CCPA) categories: identifiers, commercial information, Internet or other electronic network activity information, geolocation data, and visual information.