Needle Engine & Needle Cloud Legal Information

This page contains legal information regarding the use of Needle Engine and Needle Cloud products and services. Please review these documents carefully before using our products.

Choose the right license

Needle Engine and Needle Cloud are free for certain use cases. Most use cases require a commercial license.

Needle Engine and Needle Cloud can be used for free in the following cases.

• For evaluation purposes up to 7 days, or for your own education.
• Non-commercial projects, for example non-commercial artistic expressions.
• For qualified Educational Institutions and educational use, please apply for an Education license.
• You must keep the default Needle branding or watermark visible and unmodified in your project.

For agencies, teams, and for individuals that work commercially, we offer a Pro License.
If you're doing any kind of commercial work, you need a Pro License. Feel free to reach out to us if you're not sure if your work is considered commercial or not.

Typical cases of commercial work are:

• You get paid for the work or product.
• The company you work for gets paid for the work.
• You create something that you sell or intend to sell.
• You create something that someone else sells or intends to sell.
• You create something that is used in a commercial product or service.
• Working as an educator is an exception that we currently make – you can apply for an Education license.

For Enterprise Licensing, custom SLAs, dedicated support, or contract development, please contact us: [email protected]. If your company has 5 or more seats, yearly revenue of EUR 5.000.000 or more, or other specific licensing requirements, we recommend Enterprise Licensing.

Software Terms of Use

These terms of use apply to the use of software applications and services from 

Needle Tools GmbH, Adolf von Harnack Straße 7, 06114 Halle (Saale), Germany (“NEEDLE”), 

by user ("User"), 

(NEEDLE and User collectively "Parties" and individually "Party").

1. Subject Matter

1. What this Agreement covers. The subject matter of these terms of use (the “Agreement”) is the provision of downloadable software components ("the Software") and related online services ("the Service") described in Appendix 1 for use by the User during the Term.
2. Definitions. The Software refers to the downloadable components provided by NEEDLE. The Service refers to the online platform and hosting services provided by NEEDLE.
3. Our obligations. NEEDLE shall be responsible to provide the Software and Service in accordance with the Agreement during the Term. Alterations, improvements or developments of the Software or Service or of any hardware or software components used are not part of NEEDLE’s obligations.
4. Your responsibilities. NEEDLE provides the User the possibility to download the Software and access the Service. The User’s internet access, and hardware to deploy the Software are not part of the subject matter of the Agreement. In particular, the User bears sole responsibility for the functionality of his internet access, including any transmission paths and systems used by the User to download and deploy the Software, including hardware and software components and for compliance with the Minimum Requirements (cf. Appendix 1).
5. No conflicting terms. General terms and conditions of the User shall not apply unless to the extent that NEEDLE has agreed to their applicability in writing.

2. General Terms for the Provision of the Service

1. Service scope and support. NEEDLE will provide the contractually agreed Software and Service in the contractually agreed quality and availability. User is not entitled to any support or maintenance rights under this Agreement, and any technical support may be offered by NEEDLE at its sole discretion. NEEDLE has no obligation under this Agreement to provide updates or upgrades, and may choose to do so at its sole discretion.
2. Updates and changes. If NEEDLE modifies the Software or Service during the Term, whether through patches, updates, upgrades or other changes (collectively "Updates"), the provisions of this Agreement apply accordingly to these Updates.
3. Place of performance. Place of performance for all services rendered by NEEDLE and all obligations by the User under this Agreement is the headquarters of NEEDLE in Halle (Saale).
4. Suspension of Access. NEEDLE may suspend the User's or any Authorized User's access to the Service or Software, and may remove, block, or disable access to any User Content, project, or deployment, if it believes there is a security risk, non-payment, material breach of this Agreement, violation of written policies (including the Acceptable Use Policy), or other serious issue. NEEDLE may take such action immediately and without prior notice where reasonably necessary to prevent harm, abuse, or unlawful activity, and will provide notice afterward when practicable. Access may be restored at NEEDLE's discretion once the issue is resolved.

3. License Grant and User Access

1. License scope and seats. NEEDLE grants the User the right to install and use the Software, and access and use the Service, for a specific number of Authorized Users that may use the Software and Service. The User will only disclose or set up the Software and Service to the number of persons authorized by the User to use the Software and Service (“Authorized Users”). “Use” shall mean any installation or deployment of the Software on any device by the User, or any access or utilization of the Service. Any user within the User’s organization who gains assigned access to the Software or Service for development or contribution shall be deemed an additional Authorized User being subject to the Service Fee. Any sublicensing beyond the User’s organization is expressly forbidden and requires a separate agreement with NEEDLE.
2. Access control. The User ensures that only Authorized Users have access to the Software and Service.
3. Flow-down obligations. The User shall put every Authorized User under the obligation to comply with the usage rights and restrictions in accordance with Section 6.
4. Incident notice. Upon becoming aware of unauthorized access to the Software or Service, the User will immediately inform NEEDLE.
5. Redistribution of Runtime. Subject to compliance with this Agreement and applicable license tier, the User is granted a non‑exclusive, non‑transferable right to redistribute the Needle Engine runtime as part of the User’s own applications delivered to end‑users, solely in object/bundled form and solely for enabling execution of the User’s application. Stand‑alone redistribution of the runtime is prohibited. The User must not remove or obscure any proprietary notices. Open‑source components included with the runtime remain subject to their respective licenses.

4. License Compliance and Project-Based Licensing

1. Per-User Requirement. As stated in Section 3.1, a paid license ("Seat") is required for each Authorized User involved in a Commercial Use project. The User agrees that adding new team members or seats through the Needle Cloud interface constitutes a purchase of additional licenses, and authorizes NEEDLE to adjust the Service Fee accordingly for the current and subsequent billing periods.
2. Definition of a Project. For the purpose of license compliance, a "Project" is defined as any collection of assets, code, and resources developed with the Software that serves a single, unified commercial purpose, client, or end-product. Spreading a single Project's contributors across multiple accounts or teams does not negate the requirement for each individual contributor to be licensed.
3. Prohibition of License Pooling. The User is expressly prohibited from using multiple accounts, free teams, or a combination of free and paid licenses to allow multiple individuals to contribute to the same Project while paying for fewer licenses than the total number of contributors. All individuals contributing to a single commercial Project must be covered by a paid license.
4. Compliance Verification. User acknowledges that NEEDLE may verify license compliance using technical and organizational measures as described in this Agreement and the Privacy Policy. Such verification is limited to ensuring service integrity and fair use and is not used for advertising or unrelated profiling.
5. Enforcement. If NEEDLE identifies non-compliance with the per-user licensing requirement for a Project, NEEDLE will notify the User in writing. The User will have thirty (30) days to remedy the non-compliance by one of the following methods: a) Purchasing the required number of Pro Licenses to cover all contributors to the Project. b) Upgrading to an Enterprise License that covers the entire team or Project, thereby removing the need for per-seat tracking. If the User fails to remedy the non-compliance within this period, NEEDLE reserves the right to suspend access to the Service for all involved accounts until the issue is resolved.
6. Audit and self-certification. Upon reasonable notice, User will provide accurate information (e.g., project identifiers, contributor lists) to verify compliance. NEEDLE may request a written self-certification once per year (or more often if there is a reasonable suspicion of non-compliance). Any information obtained will be treated as Confidential Information.
7. Retroactive fees. Where under-licensing is confirmed, NEEDLE may invoice retroactive fees for the period of non-compliance in addition to prospective adjustments.
8. Enterprise license exception. The per-seat monitoring and verification described in this section may not apply to Users with an active Enterprise License, as such agreements may provide for broader, organization-wide usage rights as defined in their specific contract.

5. Quality and Availability

1. Technical requirements. The quality of the Software and the Service and the technical requirements for the systems used by the User for the proper use of the Software (“Minimum Requirements”) are agreed in Appendix 1.
2. Your responsibility for requirements. The User is aware and agrees that the User's fulfillment of the Minimum Requirements is indispensable for the use of the Software in accordance with the Agreement.
3. Changes to the Software. NEEDLE may modify the Software during the Term, in particular to implement additional or altered security features or to adapt to technical developments, if the essential functions of the Software are still available to the User after the modifications are made, and the modification is not otherwise unreasonable for the User.
4. Availability disclaimer. NEEDLE will use commercially reasonable efforts to make the Service available, but does not guarantee specific uptime percentages unless otherwise agreed in a separate Service Level Agreement (SLA). Availability may be affected by maintenance, updates, or factors beyond NEEDLE's reasonable control. User acknowledges the disclaimers in the 'Disclaimers and Limitations on Liability' section apply to both the Software and the Service.
5. Beta and Experimental Features. From time to time, NEEDLE may offer beta, preview, or experimental features solely for evaluation. Such features may be changed or discontinued at any time and are provided “as is” without warranties and may be subject to additional terms disclosed when enabled.

6. Rights and Limitations of Use

1. Permitted use. NEEDLE permits the User to use the Software during the Term through Authorized Users in accordance with the Agreement. The User shall be entitled under the conditions of §69d (1) German Copyright Act (UrhG) to copy the program as well as the documentation if and to the extent this is necessary for the intended use.
2. Backup copies. The User shall be entitled to make copies of the Software insofar as these are necessary to secure future use of the Software and for purposes of data backup and archiving in accordance with the User's operational requirements. Backup copies on movable data carriers shall be marked as such and provided with the copyright notice of the original data carrier.
3. Reporting copies. The User shall be obligated to inform NEEDLE upon request about the number, storage medium and storage location of the copies made.
4. No other copies. Other reproductions are not permitted.
5. Modifications. The User may not make any modifications to the Software unless these are necessary for the intended use. Reworking is permissible if it is necessary for the elimination of a defect and NEEDLE is in default with the elimination of the defect, NEEDLE refuses the elimination of the defect without justification or is unable to eliminate the defect immediately for other reasons attributable to its area of responsibility. Reworking is also permissible if it is necessary to remedy compatibility problems in the interaction of the Software with other Software required by the User and NEEDLE is not willing or able to remedy such problems in return for an appropriate remuneration customary in the market.
6. Decompilation limits. The User shall only be entitled to decompile the Software within the limits of § 69 e UrhG and only if NEEDLE has not provided the necessary data and/or information to establish interoperability with other hardware and software after a written request within a reasonable period of time.
7. No overuse. The User is not permitted to use the Software or let it be used beyond the provisions set out in Section 6.1.
8. Additional restrictions. Complementary restrictions on use, in particular in accordance with Appendix 1, apply in addition to the above mentioned regulations.
9. Mandatory rights unchanged. Mandatory statutory rights to which the User may legally be entitled to remain unaffected.
10. Suitability disclaimer. Due to the large variety of potential applications for the Software, NEEDLE makes no representations that the Software has been designed or tested for any specific uses, and it is User’s responsibility to determine whether the use of the Software is appropriate for the respective purposes. User’s responsibilities include determining appropriate uses for the Software. User acknowledges that the Software may not achieve the results you desire within your design, analysis, testing and other constraints.
11. Service limits. Use of the Service may be subject to limitations on resources such as bandwidth, storage, compute, number of projects, or concurrent users, as specified in the applicable license tier, Appendix 1.
12. Acceptable Use. The User shall not: (a) attempt to gain unauthorized access to the Service or related systems; (b) interfere with or disrupt the integrity or performance of the Service; (c) use the Service to store, host, promote, or transmit malicious code or to operate malware, command-and-control infrastructure, botnets, or to conduct denial-of-service attacks; (d) reverse engineer, decompile, or disassemble the Service except to the extent expressly permitted by law; (e) use the Service to infringe intellectual property or privacy rights, or to publish Prohibited User Content as defined herein; (f) misrepresent seat counts or otherwise evade licensing restrictions; (g) use the Service to engage in or facilitate fraudulent, deceptive, or harmful activity, including phishing, impersonation, or scams; (h) send unsolicited or bulk communications (spam) using or through the Service, or abuse free tiers, quotas, or rate limits to degrade the Service for others; (i) attempt to bypass or undermine security or access controls, or test vulnerabilities without express written authorization from NEEDLE; (j) use the Service to mine cryptocurrency or run resource-intensive workloads unrelated to the intended use of the Software or Service; or (k) use the Service in violation of export control, sanctions, or other applicable laws.
13. Enforcement and Takedown. Without limiting Section 2.4, NEEDLE may investigate suspected violations, and may remove, block, or disable access to any User Content, project, or deployment; throttle or restrict features; and suspend or terminate access for accounts involved in violations. NEEDLE may take immediate action without prior notice where reasonably necessary to prevent harm, abuse, or unlawful activity, and will notify the User afterward when practicable.
14. Open‑Source and Third‑Party Components. The Software and Service may include or interoperate with open‑source or third‑party components subject to separate licenses. Those licenses govern the User’s use of such components to the extent of any conflict. Notices may be provided in documentation, about dialogs, or a NOTICE file.

7. Remuneration and payment Terms

1. Fees and billing cycle. For each billing period during the Term, the User is obliged to pay the fees agreed in Appendix 2 (collectively the "Service Fee"). All prices are exclusive of the statutory value added tax. Unless otherwise agreed, the claim to payment of the Service Fee arises in advance of every billing period.
2. Payment terms. Claims of NEEDLE are due for payment on the day of issuing of the invoice to the User. NEEDLE will ensure that the invoice is sent to the User at least in electronic form on the same day. Claims due for payment are to be paid by the User to NEEDLE without deduction within fourteen (14) days from the due date in EURO.
3. Set-off/retention. The User may only offset undisputed or legally established claims arising from this Agreement against NEEDLE and only make use of a right of retention based on such claims.

8. User Cooperation Duties

1. Cooperation. As far as it is necessary or expedient for the execution of the Agreement, the User will provide any support reasonably requested by NEEDLE in the form of qualified employees, tools, information and/or infrastructure at the User’s own expense.
2. Testing obligations. The User will thoroughly test the Software and its features for functionality and usability as well as suitability for the User’s purposes before using the Software for operational purposes. Contractual and statutory notification duties of the User (Rügeobliegenheiten) remain unaffected.
3. Data loss mitigation. The User undertakes  to minimize the effects of potential data loss, i.e. due to incorrect operation or any error in the system. To this end, the User shall establish organizational measures that encourage Authorized Users to export important progress statuses as appropriate and to save them locally.
4. Defect reporting. The User is obliged to report any known defects together with a comprehensible description of the defect symptoms to NEEDLE immediately after their discovery in text form.
5. Keep details up to date. The User undertakes to inform NEEDLE without undue delay at least in text form about changes to his company name, his company address and other changes that are relevant for the execution of the Agreement.
6. Post-termination duties. After termination of the Agreement, User shall immediately cease all use of the Software and the Service, delete all copies of the Software from its systems, and acknowledges that NEEDLE may delete any User Content hosted via the Service associated with the User's account upon termination.
7. Your security responsibilities. The User is responsible for selecting appropriate configurations, applying updates, and maintaining its own security measures (e.g., access control, device security) to ensure safe use of the Software and Service.

9. User Content

1. What is User Content. As part of the Software, NEEDLE might provide the User with functions to upload, integrate, create, or host content (such as projects, 3D models, code, text, graphics, documents or other information) using the Software and/or the Service ("User Content").
2. Prohibited content. The User ensures that User Content does not contain any Prohibited User Content. "Prohibited User Content" is content that
1. violates the rights of third parties or violates statutory law;
2. is illegal, racist or pornographic, glorifies or trivializes violence, advertises terrorist organizations, incites criminal acts or contains defamatory statements;
3. contains or spreads software viruses or other malware or harmful files such as Trojan horses, worms or spyware;
4. facilitates, depicts, or solicits the exploitation of children or minors (including CSAM) or otherwise endangers child safety;
5. facilitates or is primarily intended to enable fraud, phishing, impersonation, scams, or other deceptive practices; or
6. is designed to operate or facilitate command-and-control infrastructure, botnets, or coordinated attacks against networks or services.
3. Moderation and Takedown. Notwithstanding Section 9.3 (No monitoring duty), NEEDLE may at any time review, block, remove, or disable access to User Content, projects, or deployments that NEEDLE reasonably believes violate this Agreement or applicable law, or pose a security, safety, or reputational risk. NEEDLE may take immediate action without prior notice where necessary to prevent harm or unlawful activity and will notify the User after the fact when practicable. NEEDLE may preserve and disclose information as required by law or to law enforcement subject to applicable legal process.
4. No monitoring duty. NEEDLE has no obligation to monitor whether User Content is Prohibited User Content.
5. Your rights and responsibilities. The User assures that the User has all the necessary rights to the User Content, in particular the necessary trademark and copyrights. The User accepts sole and unlimited liability towards those who claim a violation of rights in connection with User Content against NEEDLE.
6. Defense and cooperation. At the request of NEEDLE, the User will take on the extrajudicial and judicial defense against third party claims. The right of NEEDLE to (also) defend itself remains unaffected. The User may only carry out negotiations, a settlement of a dispute and procedural actions with effect for NEEDLE with NEEDLE’s prior consent. The User bears the costs of defense against asserted claims in connection with User Content, including reasonable costs of legal defense. All further rights and claims of NEEDLE remain unaffected.
7. Project tracking and captures. The User allows NEEDLE to track and monitor projects built using the Software that are made publicly accessible by the User. For projects used under a Free, Evaluation, or Education license, NEEDLE may create and use non-confidential captures (e.g., screenshots or short clips) to demonstrate the capabilities of the Software and Service. The User may opt out of such use by contacting support.
8. Feedback. The User may provide feedback, suggestions, or ideas regarding the Software or Service (“Feedback”). The User grants NEEDLE a worldwide, perpetual, irrevocable, sublicensable, royalty‑free license to use and incorporate such Feedback into the Software and Service without restriction. Feedback will not be treated as the User’s Confidential Information unless expressly agreed in writing.

10. Warranty

1. “As is” disclaimer. Except for the express warranty in Section 10.2, the Software and Service are provided "as is". To the maximum extent permitted by applicable law, NEEDLE disclaims all other warranties, express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. NEEDLE does not warrant that the Software or Service will meet User's requirements or that its operation will be uninterrupted.
2. Limited warranty. NEEDLE warrants that the Software has the agreed quality during the Term and is free from defects in material and defects in title. Upon notice by the User, NEEDLE will begin to remedy the reported defect without undue delay. Remedy may also be achieved by installation of an update.
3. Title defect remedies. As far as the contractual use of the Software is partially or completely withdrawn from the User by the right of a third party, NEEDLE can remedy this defect in title by 
1. providing the necessary rights for the contractual use of the Software; or
2. modifying the Software accordingly.
4. Defect liability scope. NEEDLE shall be liable for damages and expenses resulting from defects in the Software in accordance with Section 11.

11. Liability

1. Unlimited liability cases. NEEDLE bears unlimited liability for intent, gross negligence and culpable injury to life, body or health.
2. Essential obligations. In the case of slight negligence, NEEDLE is only liable in the event of a breach of essential contractual obligations, i.e. obligations the fulfillment of which enable the proper execution in the first place or the breach of which endangers the purpose of the contract, and on whose compliance the User can regularly rely on. In these cases, NEEDLE's liability is limited to contract-typical damage as it was foreseeable upon conclusion of the Agreement. The unlimited liability according to Section 11.1 remains unaffected.
3. Aggregate cap. Subject to the unlimited liability in Section 11.1 and the provisions of Section 11.2, in cases of slight negligence, NEEDLE's total aggregate liability arising out of or in connection with this Agreement shall be limited to the total fees paid by the User to NEEDLE under this Agreement in the twelve (12) months immediately preceding the event giving rise to the claim. This limitation shall not apply to breaches of essential contractual obligations.
4. No liability beyond. Beyond Sections 11.1 and 11.2, NEEDLE shall not be liable for slight negligence.
5. Statutory exceptions. The above mentioned limitations of liability shall not apply to liability under the Product Liability Act (ProdHaftG) or within the scope of guarantees given in writing.
6. Applies to affiliates/agents. Section 11 also applies to the liability of employees, representatives, organs, vicarious agents and subcontractors of NEEDLE.

12. Infringement of Third Party Rights

1. Notice of claims. In the event of a claim of third party rights infringement by the Software against the User, the User will immediately inform NEEDLE in writing.
2. Support obligations. NEEDLE will provide the User with appropriate support in defense and provide the User with relevant information. The obligation of NEEDLE to remedy defects in accordance with Section 9 remains unaffected.
3. Exclusion for User Content. This Section 12 does not apply if the third party asserts a violation of their rights by User Content.

13. Term and Termination

1. When term starts. The Agreement enters into effect upon the effective date ("Effective Date") and shall remain effective until terminated in accordance with the following provisions (the "Term"). The effective date is the date of the first download or installation of the Software or the first use of the Service.
2. Ordinary termination. Each party may terminate the Agreement with a notice period of three (3) full calendar months. The right to termination for good cause remains unaffected.
3. Good-cause limits. The User is not entitled to termination for good cause in accordance with §543 (2) No. 1 BGB, unless the restoration of the contractual use of the Software is deemed to have failed. Apart from the foregoing, §543 BGB remains unaffected.
4. Written notice required. The termination of the Agreement must be in writing to be effective.
5. Post-termination deletion. Upon termination of the Agreement, the User shall immediately stop using the Software and delete the Software from its systems.
6. Cancellation and Refunds. The User may cancel the Service at any time. However, there are no prorated refunds for any unused portion of the Service, and access to the Service and Software will cease immediately upon cancellation. NEEDLE will not be responsible for providing Services beyond the point of cancellation.
7. Plan Downgrades. If the User downgrades from a paid plan to a free plan, their account and data will be retained. However, if the User's usage exceeds the limits of the free plan, their account may be suspended and access to certain features or projects may be restricted until usage is brought within free plan limits. At no point during a downgrade will a User's data be deleted solely due to the downgrade.
8. Termination for Breach. NEEDLE reserves the right to terminate access to the Service and Software and close the User's account immediately in the event of any material breach of this Agreement or violation of any written policies. In such an event, no refunds will be provided and all data associated with the User's account will be deleted from NEEDLE's servers.
9. Data Deletion. When a User deletes their account or upon termination of the Service for breach, all project data and User Content associated with the User's account will be deleted from NEEDLE's servers within 30 days, except where retention is required by law.
10. Suspension. NEEDLE may suspend access as described in Section 2.4. Suspension does not relieve the User of payment obligations.

14. Confidentiality

1. Confidentiality duties. Confidential Information of a Party that become known to the other Party in the course of the execution of the Agreement must be
1. treated confidentially by the receiving Party and only used for the purpose for which they were disclosed;
2. not be disclosed or made accessible by the receiving Party to employees and third parties, unless this is necessary for the proper execution of the Agreement; and
3. protected by the receiving Party against access by unauthorized persons through appropriate and suitable measures (e.g. access control, encryption).
2. What is Confidential Information. “Confidential Information” of a Party are any business or trade secrets as well as information that contains competition-relevant know-how, is marked as confidential or otherwise recognizable as confidential according to objective criteria. Confidential Information also includes the existence, conditions and content of the Agreement.
3. Exceptions. Clause 14.1 does not apply to Confidential Information that
1. a Party has lawfully received or received from third parties, in particular without breaching a confidentiality obligation;
2. was already publicly known when the Agreement was concluded or subsequently became generally known without breaching the obligations contained in this Agreement;
3. was in possession of either Party before the business relationship was established and is not subject to any confidentiality obligation; or
4. was independently developed by a party.
4. Legal disclosure. Furthermore, either Party is entitled to disclose Confidential Information insofar as it is legally or officially obliged to do so. In this case, the disclosing Party will immediately inform the other Party in writing of the scope and basis of the disclosure.
5. Duration. Clause 14 applies for three (3) years beyond the fulfillment or termination of the Agreement.

15. Data Protection

1. Roles. NEEDLE acts as (a) an independent controller for account, billing, usage and communications data necessary to operate the Service and manage the customer relationship; and (b) a processor when processing personal data within User Content on behalf of the User through the Service.
2. DPA. Where NEEDLE acts as a processor, the parties agree to the Data Processing Addendum in Appendix 3 (Art. 28 GDPR), which forms part of this Agreement. If NEEDLE publishes an updated DPA at a dedicated URL or the Parties sign a separate DPA, that document will prevail over Appendix 3 in case of conflict.
3. Transparency. Details on lawful bases, categories of personal data, the current list of sub‑processors (including locations and safeguards), international transfers, security measures, data retention, and how to exercise your data subject rights are described in our Privacy Policy, which is incorporated by reference. See, in particular, the sections titled “Lawful Bases,” “Your Rights,” “Data Retention,” and “Sub‑processors.”
4. Telemetry. For service integrity and license compliance, NEEDLE may process minimal telemetry (e.g., team and project identifiers, seat counts, feature usage) under legitimate interests (Art. 6(1)(f) GDPR); see the Privacy Policy.
5. Deletion. Deletion and retention of User Content and personal data upon termination are governed by Section 13 (Term and Termination) and the Privacy Policy.
6. Data Residency. For Enterprise Users, data residency options may be available by agreement. Where offered, NEEDLE will store primary data in the agreed region; certain operational metadata and backups may be processed in other regions with appropriate safeguards.
7. Security. NEEDLE implements appropriate technical and organizational measures (e.g., encryption in transit, access controls, logging, and backups) and will provide additional security commitments as part of an Enterprise agreement if applicable.

16. Governing Law and Jurisdiction

1. Applicable law. The law of the Federal Republic of Germany applies to all claims, rights and obligations arising from or in connection with this Agreement. The United Nation Convention on Contracts for the International Sale of Goods (CISG) shall not apply.
2. Venue. The exclusive place of jurisdiction for all disputes between the Parties arising from or in connection with the Agreement shall be the place Halle (Saale), Germany.

17. Final Provisions

1. Severability. If single provisions of this Agreement are invalid or not feasible, the effectiveness of the remaining provisions remains unaffected. In such a case, the Parties shall contribute to the creation of valid provisions which achieve an economic result that comes as close as possible to the one of the ineffective regulation. The same applies to unintended loopholes.
2. Written form. Changes and amendments to this Agreement must be made in writing. This also applies to the waiver of this written form requirement. Unless expressly agreed otherwise, the written form within the meaning of this Agreement is only preserved by sending a signed declaration in original form by mail or email.
3. Export Control and Sanctions. The User represents that it is not located in, organized under the laws of, or ordinarily resident in, any country or territory subject to comprehensive sanctions or embargoes, and is not a restricted or denied party. The User shall comply with applicable export control and sanctions laws and shall not export, re‑export, or transfer the Software or Service contrary to such laws.
4. Public Sector and Regulated Use. For public sector or regulated industries, additional terms (including data residency, audit, and security requirements) may be agreed in an Enterprise License. In case of conflict, such Enterprise terms prevail as set out below.
5. Order of Precedence. In the event of conflict, the following order applies: (1) a signed Enterprise License (including any SLA/Security Annex), (2) a separately signed DPA or published DPA URL expressly incorporated by reference, (3) this Agreement including Appendices, (4) documentation and policies referenced herein.
6. Evaluation license. Free of charge is use of the Software and/or Service for evaluation purposes. “Evaluation Purposes” means purely internal use without any commercial utilization. Evaluation is limited to a maximum of 7 days since installation of the Software or start of use of the Service.
7. Pro license requirement. For commercial use of the Software and/or the Service, a license has to be purchased per Authorized User contributing to the project and using the Software and/or Service in any way. A "Pro License" can be purchased by teams and individuals and is required for any commercial use of Needle Engine or Needle Cloud.
8. Enterprise license. A custom licensing agreement ("Enterprise License") is recommended for Users intending to use the Software and/or Service under certain conditions. See Appendix 2. ContactNEEDLE to acquire an Enterprise license.
9. Updates to these terms. NEEDLE may update these terms from time to time. We will provide notice of material changes.

Appendix 1: Software, Service, Requirements, and Limits

This Appendix describes the Needle Software and Service, system needs, and usage limits mentioned in the main Terms of Use.

1. Software Description ("Needle Engine")

• What it is: Tools for creating and exporting interactive 3D web applications.
• Includes: Runtime library for browsers, Exporter/Integrations for tools like Unity/Blender, Command-line tools, and necessary support libraries.
• Purpose: Create and deploy 3D web experiences (scenes, assets, scripts, interactions, XR, etc.).

2. Service Description ("Needle Cloud")

• What it is: NEEDLE's online platform for hosting, optimizing and managing 3D assets and Needle Engine projects.
• Includes (may vary by license): Project hosting, deployment tools, global content delivery (CDN), team features.

3. Minimum Requirements

• For Development (Using Exporter/Editor):
  • OS: Recent Windows or macOS (Win 10+, macOS 11+).
  • DCC Tools: Supported versions of Unity (Unity 2021.3 LTS+; LTS versions only) or Blender (4.2 LTS+).
  • RAM: 8 GB+ (16 GB recommended).
  • Storage: Space for tools and project files.
  • Internet: Needed for download, activation, and some of the features.
• For End-Users (Viewing Applications):
  • Browser: Latest Chrome, Firefox, Safari, Edge (Desktop & Mobile) – so-called evergreen browsers.
  • Hardware: WebGL 2.0 support.
  • Internet: Needed for loading apps and assets.
• For Service Access (Cloud Dashboard):
  • Browser: Latest Chrome, Firefox, Safari, Edge.
  • Internet: Stable connection needed.

4. Quality

• Software: Provided "as is". See Section 10 of the main terms for warranty details.
• Service: NEEDLE aims for good availability using reasonable efforts. Specific uptime guarantees require a separate agreement ("Enterprise License"). Availability can be affected by maintenance or external factors.

5. Usage Limits

• General: Use is limited to the number of licensed Authorized Users.
• Resource Monitoring: NEEDLE may monitor Service usage (bandwidth, storage) to ensure compliance with limits and fair use policies.
• Prohibited Content: User Content must comply with Section 9.2 (no illegal content, no infringement, etc.).

Appendix 2: Fees and Billing

This Appendix details the fees ("Service Fee") and billing for different license tiers, as mentioned in Section 7 of the main Terms of Use.

1. License Tiers and Fees

• Free License:

  Fee: €0.00
  Eligibility: Non-commercial use only. You must keep the default Needle branding or watermark, as initially displayed in the software's output, visible and unmodified in your project. You grant NEEDLE the right to use your or your company's name, logo, and trademarks in marketing materials for the sole purpose of identifying you or your company as a customer. This right may be revoked by sending a request to our support team.

• Evaluation License:

  Fee: €0.00
  Term: Max 7 days (per Section 17.3).
  Eligibility: Non-commercial evaluation only. You must keep the default Needle branding or watermark, as initially displayed in the software's output, visible and unmodified in your project.

• Education License:

  Fee: €0.00
  Eligibility: You need to apply for an Education license. Apply here.

• Pro License:

  Eligibility: Required for commercial use. Can be purchased by teams or individuals.
  Fee: See Pricing.
  Billing Period: Monthly or Annually, paid in advance.

• Enterprise License:

  Eligibility: Recommended for Users with yearly revenue (including funding) above EUR 5.000.000 per year or 5+ seats.
  Fee: Custom pricing negotiated with NEEDLE. Usually the cost of Pro plus monthly support and services. Please contact us for a quote.
  Billing Period: Typically Annual, paid in advance per agreement.

2. Billing and Payment

• Per User: Pro license fees are based on the number of Authorized Users using the Software/Service for a project.
• Billing Cycle: Paid in advance for the chosen period (Monthly/Annually). Auto-renews unless terminated per Section 13.
• Due Date: Payments due within 14 days of invoice date (per Section 7.2).
• Currency: EURO (€).
• Taxes: Prices exclude VAT and other applicable taxes, which are the User's responsibility.
• Payment Methods: Typically Credit Card; Bank Transfer or other payment mechanisms may be available.

3. What the Fee Covers

The Service Fee (for Pro/Enterprise) includes the Software license for the agreed users and access to the Needle Cloud Service within the limits set for that tier or agreement. Exceeding limits might incur extra costs or require an upgrade. The Service Fee does not include any additional services, support, or custom development unless specified in a separate agreement.

Appendix 3: Data Processing Addendum (GDPR Art. 28)

This Appendix forms part of the Agreement between the User (controller) and NEEDLE (processor) to the extent NEEDLE processes personal data on behalf of the User through the Service.

1. Subject matter & duration. The subject matter is the processing of personal data contained in User Content and related operational data strictly to provide the Service. Processing lasts for the Term and any return/deletion period under this Agreement.
2. Nature & purpose of processing. Hosting, storage, transmission, organization, display, backup, and other processing necessary to provide the Service; and, where requested by User, support and troubleshooting.
3. Types of personal data & data subjects. As determined by the User in its sole discretion and control. May include any categories of personal data about data subjects whose data the User uploads or otherwise makes available. The User will not intentionally include special categories of personal data unless the Parties agree appropriate safeguards in writing.
4. Instructions. NEEDLE shall process personal data only on documented instructions from the User, including with regard to international transfers, unless required to do so by Union or Member State law; in such case NEEDLE will inform the User unless prohibited by law.
5. Confidentiality. NEEDLE ensures that persons authorized to process personal data are bound by confidentiality obligations.
6. Security. NEEDLE implements appropriate technical and organizational measures as required by Art. 32 GDPR (including encryption in transit, access controls, backups, and logging) and will keep such measures under review.
7. Sub‑processors. The User authorizes NEEDLE to engage sub‑processors. NEEDLE will impose data protection obligations equivalent to this Appendix and will notify the User of material changes to sub‑processors, allowing the User to object on reasonable grounds. If the Parties cannot resolve an objection, the User may terminate the affected Service as its sole and exclusive remedy.
8. International transfers. Where personal data is transferred outside the EEA/UK to a country without an adequacy decision, NEEDLE will implement appropriate safeguards (e.g., EU Standard Contractual Clauses and UK International Data Transfer Addendum) and, where required, perform transfer impact assessments.
9. Assistance. Taking into account the nature of processing, NEEDLE will assist the User by appropriate technical and organizational measures, insofar as possible, to fulfill the User’s obligations to respond to requests for exercising data subjects’ rights and to ensure compliance with Articles 32 to 36 GDPR (security, breach notification, DPIAs, prior consultation).
10. Personal data breaches. NEEDLE will notify the User without undue delay after becoming aware of a personal data breach affecting User Content and will provide the information reasonably available to assist the User in meeting its obligations under Articles 33 and 34 GDPR.
11. Deletion/return. At the choice of the User, upon termination of the Service or upon written instruction, NEEDLE will delete or return all personal data and delete existing copies, unless Union or Member State law requires storage. Backups are overwritten in the ordinary course of business.
12. Audits. NEEDLE will make available to the User all information necessary to demonstrate compliance with this Appendix and will allow for and contribute to audits, including inspections, by the User or an independent auditor mandated by the User, on reasonable prior notice, during business hours, no more than once annually (except following a personal data breach or upon request of a supervisory authority). Audits shall not unreasonably interfere with operations and may be subject to reasonable fees where audits exceed standard information requests.
13. Records & cooperation. NEEDLE maintains records of processing and will cooperate with competent supervisory authorities upon request.
14. Precedence & liability. In the event of conflict between this Appendix and the rest of the Agreement regarding processing of personal data, this Appendix prevails. Liability remains subject to the limitations in the Agreement, except where forbidden by applicable law.
15. Governing law & jurisdiction. The governing law and jurisdiction are as set out in the Agreement.

Privacy Policy for Needle Engine, Needle Cloud and other Needle Services

Last Updated: September 29, 2025

1. Introduction

Needle Tools GmbH ("Needle", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our downloadable software components ("Needle Engine", "Software") and related online services ("Needle Cloud", "Service").

This policy is designed to comply with the EU General Data Protection Regulation (GDPR) / Datenschutz-Grundverordnung (DSGVO).

When we process personal data on behalf of customers (as a processor) in our Software and Services, our processor obligations are governed by our Data Processing Addendum in the Terms of Use (Appendix 3).

Please read this Privacy Policy carefully. If you do not agree with the terms of this policy, please do not access or use the Software or Service.

2. Data Controller

The entity responsible for processing your personal data (Data Controller) is:

Needle Tools GmbH
Adolf von Harnack Straße 7
06114 Halle (Saale)
Germany
Email: [email protected]
Website: www.needle.tools

Data Protection Officer (DPO): Needle is not currently required to appoint a Data Protection Officer under Art. 37 GDPR. For privacy inquiries, please contact [email protected] or [email protected].

Representatives: As a company established in the EU (Germany), an EU representative is not required. Where required for the UK, we will designate a UK representative and publish the details in this policy or on our website.

2a. Scope and Roles by Product

• Needle Cloud (SaaS): We act as an independent controller for account, billing, operational and security data. We act as a processor for personal data contained in User Content that you upload to the Service; processing is governed by the Data Processing Addendum in the Terms of Use (Appendix 3).
• Needle Engine (web runtime): Applications built with the runtime primarily execute in end‑users’ browsers. For those end‑users, the project owner is typically the controller of data collected within the application experience. Needle may process minimal operational data as an independent controller (e.g., CDN, security logs) when the content is hosted with Needle Cloud.
• Integrations and Exporters (Unity/Blender/CLI): These tools run locally on your machine. No personal data leaves your device unless you sign in, use cloud features, perform an update check, or enable telemetry as described in this policy.

3. What Personal Data We Collect and Why

We collect different types of personal data for various purposes associated with providing and improving our Software and Service. The legal basis for processing depends on the specific context.

1. Information You Provide Directly:
   • Account Information: When you register for a Needle account, purchase a license (Pro, Enterprise), or apply for an Education license, we may collect your name, email address, company name (if applicable), billing address, and payment information.
     Purpose: To create and manage your account, provide access, process payments, communicate with you, and fulfill our contractual obligations.
     Legal Basis: GDPR Art. 6(1)(b) (Contractual Necessity); Art. 6(1)(c) (Legal Obligation - e.g., financial records).
   • Support and Communication: If you contact us (e.g., via [email protected]), we collect your contact details and the content of your communications.
     Purpose: To respond to inquiries, provide support, and improve services.
     Legal Basis: GDPR Art. 6(1)(b) (Contractual Necessity - if related to contract) or Art. 6(1)(f) (Legitimate Interest - effective support).
   • User Content: Content you upload or create using the Service ("User Content") is processed to provide the service features. This content might contain personal data depending on what you upload. You are responsible for User Content compliance.
     Purpose: To provide Needle Cloud hosting, deployment, and management features.
     Legal Basis: GDPR Art. 6(1)(b) (Contractual Necessity).
   • Marketing Communications (Optional): If you opt-in to receive newsletters or product updates, we process your name and email address to send these communications. You can withdraw consent at any time via the unsubscribe link or by contacting us.
     Purpose: To send newsletters and product/feature updates.
     Legal Basis: GDPR Art. 6(1)(a) (Consent). Transactional/service communications remain under Art. 6(1)(b).
2. Information Collected Automatically:
   • Software Updates Communication: The Software may check our servers for updates, transmitting technical identifiers. Updates are not installed automatically without notice/consent where required.
     Purpose: To facilitate updates for functionality and security.
     Legal Basis: GDPR Art. 6(1)(f) (Legitimate Interest - software integrity).
   • Service Usage Data (Operational): We collect technical data (IP addresses, access times, usage logs, bandwidth, storage) necessary for operation of our services and security.
     Purpose: To provide, maintain, secure the Service, monitor usage, prevent abuse.
     Legal Basis: GDPR Art. 6(1)(b) (Contractual Necessity) and Art. 6(1)(f) (Legitimate Interest - security/operations).
   • License Compliance Signals: We may process minimal technical and usage signals (e.g., project/team identifiers and seat counts) strictly to verify license compliance and protect service integrity. We do not use these signals for profiling or advertising. See our Terms of Use for licensing obligations.
     Purpose: To enforce license terms, detect abuse, and ensure fair use.
     Legal Basis: GDPR Art. 6(1)(f) (Legitimate Interest - service integrity and license compliance).
   • Error Reporting Data: The Software may send technical error reports (system info, software state, potentially related code snippets - minimized) to help fix bugs. We aim to anonymize/pseudonymize this. You can opt out where available in settings.
     Purpose: To diagnose and fix software errors.
     Legal Basis: GDPR Art. 6(1)(f) (Legitimate Interest - product improvement). Consent (Art. 6(1)(a)) might be needed if sensitive data included or no opt-out.
   • Usage Analytics Data (Improvement): We collect data about how you use the Software/Service features to improve them. We strive to aggregate/anonymize/pseudonymize this. We will ask for your explicit consent for detailed analytics beyond basic operational metrics, manageable via settings.
     Purpose: To understand usage patterns and improve user experience.
     Legal Basis: GDPR Art. 6(1)(a) (Consent) for detailed analytics. Basic, aggregated operational stats might fall under Art. 6(1)(f) (Legitimate Interest), with transparency/opt-out.
3. Data from Third Parties and Public Sources:
   • Payment/verification providers: Limited billing and fraud‑prevention information we receive from our payment processors.
   • Connected platforms (where supported): Identifiers and basic profile information where you connect such services for authentication or collaboration.
   Purpose: To process payments, authenticate users, prevent abuse, and meet legal obligations.
   Legal Basis: GDPR Art. 6(1)(b), 6(1)(c), and/or 6(1)(f), as applicable.
4. Specific Processing for Non-Commercial Licenses:
   • Public Project Monitoring & Marketing Captures: For Free/Evaluation/Education licenses, we may monitor publicly accessible projects and create non‑confidential captures (e.g., screenshots or short clips) to demonstrate the capabilities of the Software and Service. You can opt out at any time by contacting support ([email protected]).
     Purpose: To understand public use and to create marketing materials showcasing product capabilities.
     Legal Basis: GDPR Art. 6(1)(f) (Legitimate Interest). You have the right to object at any time (Art. 21 GDPR). For this processing, Needle acts as an independent controller.
     Data minimization: We avoid including personal data in captures and will blur or remove such elements upon request.

4. Cookies and Similar Technologies

Our website and service may use cookies and similar technologies (e.g., local storage). We distinguish between strictly necessary cookies (required to operate the site/service) and non-essential cookies (e.g., analytics, preferences, marketing).

We provide specific information and obtain/manage consent for non-essential cookies via a cookie banner/ policy and a “Cookie Settings” control, where available. You can change or withdraw your consent at any time through Cookie Settings. Browser controls can also be used to block cookies, but some features may not function properly without necessary cookies.

5. How We Share Your Personal Data

We do not sell your personal data. We may share data with:

• Third-Party Service Providers: Trusted companies performing services for us (e.g., payment processing, hosting) under contractual obligations (DPAs where required).
• Legal Requirements: If required by law or to protect rights, safety, or investigate fraud.
• Business Transfers: In case of merger, acquisition, or asset sale (with notification).
• With Your Consent: For other purposes disclosed to you, with your explicit consent.

We maintain information about our core sub‑processors and provide it upon request. We will provide notice of material changes to sub‑processors where required.

6. International Data Transfers

We primarily process data within the EEA. If data is transferred outside the EEA/UK (e.g., via service providers), we ensure appropriate safeguards are in place (e.g., EU Standard Contractual Clauses and UK International Data Transfer Addendum) and, where required, conduct transfer impact assessments.

7. Data Retention

We keep personal data only as long as necessary for the purposes collected, for service provision, or as required by law (e.g., tax records) or dispute resolution. Account data is kept while active plus a reasonable period; logs are kept for shorter periods; User Content is retained per EULA/account status. Data is securely deleted or anonymized when no longer needed.

• Account and Billing Records: Typically retained for up to 10 years to comply with statutory retention (e.g., German AO/HGB).
• Support Communications: Typically retained for up to 3 years (general limitation period) unless needed longer for dispute resolution.
• Operational Logs: Typically retained 30–180 days for security/operations unless legally required longer.
• Backups: Overwritten in the ordinary course of business (typically within ~90 days).
• User Content: Retained per EULA/account status and deleted within 30 days of account deletion/termination, unless legal retention applies.

Deletion upon account closure: When you delete your account, we delete associated project data within 30 days, except where we must retain certain information to comply with legal obligations (e.g., tax records). During temporary suspensions, data is retained but access may be restricted.

8. Your Data Protection Rights (GDPR)

You have the following rights regarding your personal data under GDPR:

• Right of Access: Request copies of your data.
• Right to Rectification: Request correction of inaccurate/incomplete data.
• Right to Erasure ('Right to be Forgotten'): Request deletion of your data under certain conditions.
• Right to Restriction of Processing: Request processing restriction under certain conditions.
• Right to Data Portability: Receive your data in a usable format and transmit it elsewhere, under certain conditions.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Withdraw previously given consent at any time.
• Right to Lodge a Complaint: Complain to a supervisory authority (e.g., in Saxony-Anhalt).

To exercise these rights, please contact us at: [email protected]. We will respond according to GDPR requirements, usually within one month, potentially after verifying your identity.

No automated decision-making: We do not engage in automated decision-making, including profiling, that produces legal or similarly significant effects (Art. 22 GDPR).

9. Data Security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit, access controls, least‑privilege access, regular backups, logging and monitoring, and vulnerability management. We regularly review and improve these measures. No method of transmission or storage is 100% secure.

10. Enterprise Options

For Enterprise customers, we offer additional options such as bespoke Data Processing terms, heightened security commitments, sub‑processor change notifications, and data residency choices (subject to availability). These are set out in individual Enterprise agreements and take precedence over this policy where expressly stated.

11. Children's Privacy

Our Software and Service are not intended for children under 16. We do not knowingly collect data from children. If we become aware of such collection without parental consent, we will delete the information.

12. Changes to This Privacy Policy

We may update this policy. Changes will be posted on our website with an updated "Last Updated" date. Significant changes may be communicated via email or service notice. Please review periodically.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

Needle Tools GmbH
Adolf von Harnack Straße 7
06114 Halle (Saale)
Germany
Email: [email protected]