Update to GDPR Right-to-be-Forgotten Messaging

Hi there,

We are excited to announce that the GDPR Right-to-be-forgotten message will include place IDs going forward. Instead of searching every of your games to determine if a user has played it or not, you can just use the place IDs in the message to determine which games to check. Then you can locate the data associated with that user based on your code logic and remove it. Hopefully this will simplify the process for you to comply with GDPR! Below is a sample message you should expect going forward (actual messages may change over time):

“Hi Dev,

We received a right-of-erasure-request for the following User ID(s): XXXX . Please delete this User ID immediately from all of your records (e.g. games, data stores, etc.) from the following Game(s): XXXX, XXXX as this is an obligation under data protection laws. If you would like more information about how to delete a User ID from a data store, please visit our Developer Hub at https://developer.roblox.com/articles/Data-store , https://developer.roblox.com/api-reference/class/GlobalDataStore and https://developer.roblox.com/en-us/articles/managing-personal-information.

Please note that you must delete the User ID from all of your records, and not just from your data stores. The pages linked above are provided for informational purposes and are not intended to provide a comprehensive method of deleting User IDs.

Regards,

The Roblox Team”

Happy building!
The Roblox Team

This topic was automatically opened after 16 minutes.

Awesome! I was really worried about this because I have two games with DataStores, and one uses some very unconventional methods of saving data. Now I don’t have to go through that headache if I don’t need to

What else would you delete UserIDs from?

Yeah this will be helpful for sure. Before, it was kinda hard to tell what they wanted to erase. For right-of-erasure, what laws specifically does it fall under? How can you send a right-of-erasure? Does this include non-roblox databases, like firebase, mongodb, or other off-site databases?

Happy fall break everyone.

This is a huge improvement for developers with multiple games, so thank you for providing this small update!

Going forward, will there be any way to automate GDPR messages, as it is still quite cumbersome to respond to the messages manually. Allowing some method of automation would greatly improve the workflow and allow for accurate deletion of data from DataStores where possible.

Additionally, using Roblox messages is a very secluded way of reaching developers, particularly those that get hundreds of messages, or those with trade requests enabled that get a message every time a trade is sent.

Is there plans to open another form of media to reach developers? Even email would be better than Roblox messages. Another alternative would be a form of “developer messages” from Roblox under the create tab.

Hey Roblox!

Thanks for the update, while this is a great step forward. The lack of API to automate these inputs is a major setback for developers.

Using the player message API works but is not the easier step possible. Is Roblox looking to change this? Using an in game API? Web access? Maybe a part of an online datastore access?
Can we expect to see Data Protection options for support directly now?
What about other GDPR/CCPA/LGPD related rights?
Are we going to see data notifications placed in a new location which clearly identify these messages to avoid missing them?

Have you considered using the quote markdown rather than using italtics?

Hey you guys might of misspelled something.

Also this is gonna make a great update! Good to see something new is happening!

This change is nice to see, but this doesn’t address the pain point of what if developers don’t/can’t keep track of their inbox. Roblox already has the infrastructure to use emails as shown by the emails we get about premium payouts, so why not use that?

Additionally, there is still no reasonable way to automate this. I can’t just set up a script to automatically clear data, or if I did, without a major security risk or it just randomly breaking. Even with this change, it is still a manual process to now first check if the place id(s) are relevant, and then actually manually clear the data. If anything, more steps have been added if the game ids are checked by the developer, or nothing has changed if this is too must to check for.

What does this exactly mean? Delete the user from all of my games? I can’t really understand what this is saying. I’ve never heard of having to delete a user from a game. Will I get this message because a player of my game wants his progress to be deleted, or because of Roblox moderation seeing a problem in my game?

This will be very useful information going forward. At least we won’t have to go through our entire library of games trying to erasing data.

It means to delete their data, as they don’t want their existence or data to be stored

You must delete all the data connected to that user. Please look at the GDPR, CCPA and LGPD to fully understand.

For example: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-erasure/

There are also topics on the DevForums on this area.

CC: @Ty_IsHomeSchooled

I understand this, but where else would you store UserIDs is my question?

What do you mean by “all records”, aren’t datastores the only thing that gets stored in a game? Also, how much time do we have in order to delete their data and what will happen if we fail to do it on time?

Thanks for finally implementing this! This will save me like 90% of the time of addressing a GDPR request which is huge for old accounts with many active game slots that touch datastores.

I send analytics data to my website when players join games. If I ever get one of these notices, I’m expected to clear up the info in the analytics too.

I’m confused. What other records would there be besides those in DataStores?

ALL records? Doesn’t this mean if a malicious user gets banned, and they request for their data to be deleted under all records, including ban records, doesn’t this mean they get unbanned?

It means that if we store user data else where, we need to delete that

Any systems you contact via HttpService where you persist user data. (This likely doesn’t apply to your game, only a small portion of games do this.)

Yes, you have to comply with the request regardless. Privacy law doesn’t care whether you banned a user from your game or not.

They won’t be unbanned because their account is wiped. They can’t log into that account anymore.