PRIVACY | Why do I need a privacy policy? – Developer Portal - Support

You may not, but if your game collects, processes, or stores player data, then you do -- you are responsible for providing players with a clear privacy policy explaining how that data is handled.

A privacy policy helps players understand:

• what data your game collects
• why the data is collected
• how the data is used
• whether the data is shared with third parties

Providing this information is required by many privacy laws and is also a common requirement for games distributed on online platforms.

Under the Game License & Upload Agreement, developers are responsible for ensuring their games and related data practices comply with applicable privacy and data protection laws.

What kinds of data might require a privacy policy?

Many games collect some form of player data. Examples include:

• account or profile information
• gameplay analytics and telemetry
• device or technical information
• player communications or user-generated content
• information used for game functionality or support

If your game collects or processes this type of information, you should explain those practices in a privacy policy.

You can see Kongregate's Privacy Policy here: https://www.kongregate.com/privacy

What should a privacy policy include?

Privacy policies typically describe several key topics, including:

Data collected
Explain what types of information your game collects from players.

How the data is used
Describe why the data is collected (for example, gameplay functionality, analytics, or customer support).

Third-party services
If your game uses third-party services (such as analytics, payment providers, or cloud services), you should disclose that those services may process player data.

Player rights
Depending on applicable laws, players may have rights related to their personal data, such as requesting access or deletion.

Contact information
Provide a way for players to contact you with questions about privacy or data use.

Does the Data Processing Addendum (DPA) affect my privacy policy?

The Data Processing Addendum (DPA) is an addendum to the Game License & Upload Agreement that addresses how personal data may be processed in connection with the Kongregate platform.

If your game processes personal data, you should ensure that your privacy disclosures and practices are consistent with the obligations described in the DPA and applicable privacy laws.

Where should I publish my privacy policy?

Developers commonly make their privacy policies available by:

• linking to the policy in the game description on Kongregate
• including the policy on a developer website
• displaying a link to the policy within the game interface or settings menu

Providing easy access to your privacy policy helps players understand how their data is handled.

Do I need a lawyer to create a privacy policy?

Not necessarily. Many developers use online resources or privacy policy generators to create an initial privacy policy.

However, privacy laws vary by jurisdiction, and developers who collect or process personal data may wish to consult a qualified legal professional to ensure their privacy policy and data practices comply with applicable laws.

Suggested Reading: Privacy Policies and Data Protection

The following resources provide helpful guidance on creating and maintaining a privacy policy:

U.S. Federal Trade Commission – Protecting Consumer Privacy
https://www.ftc.gov/business-guidance/privacy-security

Information Commissioner’s Office (UK) – Privacy Notices
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/privacy-notices-transparency-and-control/

European Commission – Data Protection Rules for Businesses
https://commission.europa.eu/law/law-topic/data-protection_en

California Attorney General – Privacy Policy Guidance
https://oag.ca.gov/privacy

These resources explain common privacy policy requirements and provide guidance on transparency and responsible data practices.