Tell us which of our games to check when we receive a GDPR request

As a Roblox developer, it is currently too hard to determine which of our games a user making a GDPR complaint has played. This makes complying almost impossible for most developers.

If Roblox is able to address this issue, it would improve my game / my development experience because I would be able to actually comply with GDPR requests in a timely and reasonable fashion.

At the moment, it is practically impossible for a developer that has been using Roblox DataStores for years to comply with a GDPR requests. It could take hours to comply with a single request.

I’m sure that we would all prefer to be in compliance with the laws and regulations that apply to our games, but until we are receiving adequate information regarding the requests, that is hardly a feasible option for most developers.

Especially if failure to comply could result in legal action against us developers, I feel like Roblox has a responsibility to find a solution for this problem as quickly as possible.

Edit: Looks like this is a duplicate topic. @TheNexusAvenger already made a thread about this over a year ago. Which is pretty disappointing, because if we have a legal obligation to comply, Roblox is putting us at legal risk with the current behavior. Roblox should make protecting developers from this sort of legal pitfalls one of their highest priorities.


I completely agree that developers need more information on what game to remove the users data on. Developers shouldn’t be having to take hours out of their day, loosing valuable development time, to comply with a single request. To many developers every hour of development time is precious and loosing some of it impacts their ability to update their games in a timely manner.

I am yet to receive a GDPR request because I haven’t released any games but when I do I don’t want to be having to dig through multiple old games trying to find that single user. By just stating what games to remove the users data on will improve many developers lives. It will also reduce the amount of development time lost.


I made a thread about this over a year ago.

There is more than can be improved than just knowing the place. Using the same inbox that everyone spams developers with can nearly guarantee a popular developer will not comply with GDPR.


Not to mention that it might not be possible at all. Imagine the people who have multiple games with tens of millions of unique visitors. It’s entirely possible that the developer wouldn’t have enough time at all to handle all of the requests while they are taking so long to comply with.


Honestly, if we have a legal obligation to comply, it should probably be an e-mail sent to an inbox of our choosing. I don’t think I like the idea of legal documents bring delivered through an almost forgotten feature of the Roblox website.


I really wish Roblox did something about this. I personally have about 15 published games and it’s very time consuming to comply with these requests. Even though most of the my games are not played anymore, I still need to go through each one of them because of a slight chance that the requesting user has. 15 games, one by one, every GDPR wave.

It’s like Roblox put up this system in a hurry just so they can say they are complying with GDPR; shuffling the responsibility to us without any regard for practicality


Just got 15-20 times the exact same request:

Please tell us what games to delete user data for. This is impractical and it needs to be improved, otherwise you cannot expect that creators will actually follow through with this effort.