Manage User Data Portability & Erasure
Overview
AccelByte Gaming Services (AGS) GDPR service ensures your game is compliant with EU's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) of the state of California. These data privacy laws govern how you and your users can use and manage their personal information.
The two most basic rights users have to their data are the right to access that data and the right to delete it. The following sequence diagrams show how these requests are handled by our services.
While we can help you with the technical aspects of data protection and compliance, we cannot provide you with legal advice. We recommend that you consult a legal professional to ensure your compliance with specific legal regulations.
The GDPR service feature is not yet supported in AGS Shared Cloud.
Right of access
Users can request access to their personal data either through the user platform. A personal data request should be processed within 28 days.
Personal data retrieval
The following chart shows the different statuses a personal data request may move through, and for how long the request can be processed before it expires or is removed from the queue.
These are all the statuses that will happen when requesting the personal data request.
- Pending: The request is waiting to be processed.
- In-progress: The request process has been started.
- Retrying: If the request fails it will be automatically retried. The request will be retried a maximum of three times by default.
- Failed: The request will be marked as Failed if the third retry is not successful. Both the user and the admin will be notified of this failure, so that they can re-submit the request either from the user portal or admin portal.
- Expired: This status only occurs if there is a problem with the related services. If a request expires, the user or admin will have to make a new request.
- Removed from queue: Any remaining requests are automatically removed after 56 days to optimize the service.
Successful personal data request
Canceled personal data request
Failed personal data request
Right to erasure
You can request personal data deletion through the user platform, or manually. Most requests are processed within 28 days.
Personal data deletion
The following chart shows the different statuses a data deletion request may move through. It also shows for how long the request can be processed before failing.
The following are the request statuses during the deletion of personal data:
- Request: This indicates that the request has just been made, but the user's access token is not revoked yet.
- Pending: This indicates that the user's access token has already been revoked. It is still possible to cancel the deletion request until its expiration date.
- In Progress: This indicates that the scheduler has begun deleting the user's account after the request has expired.
- Failed: This indicates that the deletion process has failed. In such cases, the admin is notified via email. The admin can then resubmit the request to delete the account, thereby changing its status back to pending.
Successful data deletion by user
Canceled data deletion by user
Data deletion by admin on behalf of user
Deletion process after request expiration
Retry process for failed request
Manage GDPR in the Admin Portal
Personal data retrieval
An administrator can request a user's account data to troubleshoot problems with the account system or to keep track of changes made to the account. Player Portal or Launcher users can request access to their personal data.
The super admin feature in the Admin Portal lets you request personal data about other users. The admin can only retrieve it on behalf of the user who requested it. An email is sent to the user regarding the status of the personal data request.
The following functionality is only available in the publisher namespace.
On the Admin Portal sidebar, go to Lookup Users.
Search for the player whose data you want to retrieve using the credential of that player you have on hand.
The results of your search will appear. Browse the list to find the account you're looking for and click View in the Action column of the account listing to open it.
In the Details window of the Overview tab, click the Send Request button next to Personal Data Request.
A pop-up will appear and you need to confirm the personal data request by clicking the Send Request button.
Once the request is sent, the approval process can take up to 28 days, based on how many requests have occurred at the same time.
As an admin, you can check the status of a personal data request. On the Admin Portal sidebar, go to Admin Task > GDPR > Personal Data Requests.
Here you can see all the lists of personal data requests that are happening. This all happens when the user or admin requests the personal data request. You can also filter when the request personal data occurs by clicking the filtering system on the top of the list.
Connect Custom Services to GDPR using the server SDKs
SDK initialization
Before using the GDPR service from the SDK, you will need to initialize your server-side SDK to ensure that you are authorized and able to perform create, read, update, and delete actions.
- Golang
- Python
- .NET (C#)
- Java
Create your IAM Client.
Log in as a Client using the SDK.
Initialize the OAuth 2.0 service using the following function:
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
input := &data_retrieval.SaveAdminEmailConfigurationParams{
Body: []string{"foo"},
Namespace: "<namespace>",
}
err := dataRetrievalService.SaveAdminEmailConfigurationShort(input)
if err != nil {
return err
}Once completed, you can use the Golang SDK to create, read, update, or delete the GDPR service from your serverless app.
Create your IAM Client and assign the necessary permissions to access the Matchmaking service.
Log in as a Client using the SDK.
Once completed, you can use the Python SDK to create, read, update, or delete the GDPR service from your serverless app.
Create your IAM Client and assign the necessary permissions to access the Matchmaking service.
Log in as a Client using the SDK.
Once completed, you can use the Python SDK to create, read, update, or delete the GDPR service from your serverless app.
Before using the GDPR service, you will need to set some permissions. Initialize the DataRetrieval wrapper from the GDPR service using the following code:
DataRetrieval wGdprRetrieval = new DataRetrieval(sdk);
Once completed, you can use the SDK to create, read, update, or delete GDPRs.
Create an Admin email configuration
To create an admin email configuration, use the following function.
- Golang
- Python
- CS
- Java
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
input := &data_retrieval.SaveAdminEmailConfigurationParams{
Body: []string{"foo"},
Namespace: "<namespace>",
}
err := dataRetrievalService.SaveAdminEmailConfigurationShort(input)
if err != nil {
return err
}
from accelbyte_py_sdk.api.gdpr import save_admin_email_configuration
result, error = save_admin_email_configuration(
body=[
"foo"
]
)
if error:
print(error)
DataRetrieval wGdprRetrieval = new DataRetrieval(sdk);
wGdprRetrieval.SaveAdminEmailConfiguration(
SaveAdminEmailConfiguration.Builder
.Build(new List<string>
{
"dummy@example.com"
}, sdk.Namespace));
List<string>? emails = wGdprRetrieval.GetAdminEmailConfiguration(
GetAdminEmailConfiguration.Builder
.Build(sdk.Namespace));
wGdprRetrieval.saveAdminEmailConfiguration(SaveAdminEmailConfiguration.builder()
.namespace(namespace)
.body(Arrays.asList(new String[] { emailToTest }))
.build());
Retrieve an Admin email configuration
To retrieve an admin email configuration, use the following function.
- Golang
- Python
- Java
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
input := &data_retrieval.GetAdminEmailConfigurationParams{
Namespace: "<namespace>",
}
// using the initiation, invoke the endpoint
ok, err := dataRetrievalService.GetAdminEmailConfigurationShort(input)
if err != nil {
return err
}
from accelbyte_py_sdk.api.gdpr import get_admin_email_configuration
result, error = get_admin_email_configuration()
if error:
print(error)
List<String> emails = wGdprRetrieval.getAdminEmailConfiguration(
GetAdminEmailConfiguration.builder()
.namespace(namespace)
.build());
Update an Admin email configuration
To update an admin email configuration, use the following function.
- Golang
- Python
- CS
- Java
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
input := &data_retrieval.UpdateAdminEmailConfigurationParams{
Body: []string{"foo"},
Namespace: "<namespace>",
}
err := dataRetrievalService.UpdateAdminEmailConfigurationShort(input)
if err != nil {
return err
}
from accelbyte_py_sdk.api.gdpr import update_admin_email_configuration
result, error = update_admin_email_configuration(
body=[
"foo"
]
)
if error:
print(error)
DataRetrieval wGdprRetrieval = new DataRetrieval(sdk);
wGdprRetrieval.UpdateAdminEmailConfiguration(
UpdateAdminEmailConfiguration.Builder
.Build(new List<string>() { "anotheremail@dummy.com" }, sdk.Namespace));
wGdprRetrieval.updateAdminEmailConfiguration(UpdateAdminEmailConfiguration.builder()
.namespace(namespace)
.body(Arrays.asList(new String[] { anotherEmailToTest }))
.build());
Delete an Admin email configuration
To delete an admin email configuration, use the following function.
- Golang
- Python
- CS
- Java
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
input := &data_retrieval.DeleteAdminEmailConfigurationParams{
Emails: []string{"foo"},
Namespace: "<namespace>",
}
err := dataRetrievalService.DeleteAdminEmailConfigurationShort(input)
if err != nil {
return err
}
from accelbyte_py_sdk.api.gdpr import delete_admin_email_configuration
result, error = delete_admin_email_configuration(
emails=[
"email@email.foo"
]
)
if error:
print(error)
DataRetrieval wGdprRetrieval = new DataRetrieval(sdk);
wGdprRetrieval.DeleteAdminEmailConfiguration(Api.Gdpr.Operation.DeleteAdminEmailConfiguration.Builder
.Build(sdk.Namespace, new List<string>() { "anotheremail@dummy.com" }));
wGdprRetrieval.deleteAdminEmailConfiguration(DeleteAdminEmailConfiguration.builder()
.namespace(namespace)
.emails(Arrays.asList(new String[] { anotherEmailToTest }))
.build());
Request for a user's account deletion
To submit a request for a user's account deletion, use the following function.
- Golang
- Python
- CS
- Java
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
input := &data_deletion.AdminSubmitUserAccountDeletionRequestParams{
Namespace: "<namespace>",
UserID: "<user-id>",
}
// using the initiation, invoke the endpoint
ok, err := dataDeletionService.AdminSubmitUserAccountDeletionRequestShort(input)
if err != nil {
return err
}
from accelbyte_py_sdk.api.gdpr import admin_submit_user_account_deletion_request
result, error = admin_submit_user_account_deletion_request(
user_id="<user-id>"
)
if error:
print(error)
DataDeletion wGdprDeletion = new DataDeletion(_Sdk);
ModelsRequestDeleteResponse? delResp = wGdprDeletion.AdminSubmitUserAccountDeletionRequest(
AdminSubmitUserAccountDeletionRequest.Builder
.Build(sdk.Namespace, "<user_id>"));
DataDeletion dataDeletionWrapper = new DataDeletion(sdk);
ModelsRequestDeleteResponse deleteResponse = dataDeletionWrapper.adminSubmitUserAccountDeletionRequest(
AdminSubmitUserAccountDeletionRequest.builder()
.userId("<user_id>")
.namespace("<namespace>")
.build());
Retrieve the user's personal data request
To retrieve the user's personal data request, use the following function.
- Golang
- Python
- CS
- Java
import (
...
"github.com/AccelByte/accelbyte-go-sdk/gdpr-sdk/pkg/gdprclient/data_retrieval"
)
limit := int64(10)
offset := int64(0)
input := &data_retrieval.AdminGetUserPersonalDataRequestsParams{
Namespace: "<namespace>",
UserID: "<user-id>",
Limit: &limit,
Offset: &offset,
}
// using the initiation, invoke the endpoint
ok, err := dataRetrievalService.AdminGetUserPersonalDataRequestsShort(input)
if err != nil {
return err
}
from accelbyte_py_sdk.api.gdpr import admin_get_user_personal_data_requests
result, error = admin_get_user_personal_data_requests(
user_id="<user-id>"
)
if error:
print(error)
DataRetrieval wGdprRetrieval = new DataRetrieval(sdk);
ModelsUserPersonalDataResponse? reqResp = wGdprRetrieval.AdminGetUserPersonalDataRequests(
AdminGetUserPersonalDataRequests.Builder
.SetLimit(10)
.SetOffset(0)
.Build(_Sdk.Namespace, "<user_id>"));
DataRetrieval dataRetrievalWrapper = new DataRetrieval(sdk);
ModelsUserPersonalDataResponse deleteResponse = dataRetrievalWrapper.adminGetUserPersonalDataRequests(
AdminGetUserPersonalDataRequests.builder()
.limit(10)
.offset(0)
.userId("<user_id>")
.namespace("<namespace>")
.build());