Privacy Rights #

To comply with privacy rights (GDPR, CCPA) Pragma Engine offers the following:

Account deletion #

You can delete a player’s Pragma account. The following Operator, Partner, and Service endpoints are available for account deletion:

  • AccountRpc.DeleteAccountOperatorV1Request
  • AccountRpc.DeleteAccountPartnerV1Request
  • AccountRpc.DeleteAccountServiceV1Request

These endpoints delete the player’s social identity, links to third party accounts, links to game identities, ban history, and all accompanying PII (personally identifiable information). In addition, calling these endpoints can be used to reset a Pragma account in a test environment.

This process is irreversible. All PII is permanently removed and can not be retrieved from the Pragma Engine database.

Delete an account in Operator Portal #

  1. From the Social Operator Portal, click Services, then click Accounts.
  2. Click on the relevant player name to view individual account information.
  3. Under the Delete Account section click Delete Account.
  4. Enter the account discriminator and click Delete Account.

Send players their personal data #

You can send a player a download link containing their data package. Pragma Engine’s Data Rights service enables Operators to start a personal data request for a player’s account in the Social Operator Portal. Operators can then monitor the status of the request as the data is compiled; this data includes linked identity providers, social and game identities, order history, ban history, friends list, game inventory, and accompanying PII (personally identifiable information). Once all the data is collected, a link will be generated that can be sent to the player by an Operator. The player can then download their data package using an encrypted token that has an expiration date.

The download link automatically expires after a configurable amount of time; the default expiration is set to 7 days.
  1. From the Social Pragma Portal, click Services, then click Accounts.
  2. Click on the relevant player name to view individual account information.
  3. Under the Data Rights section click on the active request when it has a status set to Ready.
  4. Click the Copy Link button to copy the download link.

Below is a table with the available Data Rights service endpoints:

CallDescription
DataRightsRpc.SubmitRequestV1RequestSubmits a data request for the player requesting.
DataRightsRpc.SubmitRequestOperatorV1Request, DataRightsRpc.SubmitRequestPartnerV1Request, DataRightsRpc.SubmitRequestServiceV1RequestSubmits a data request for a specific player account. This requires sending the desired player’s social ID.
DataRightsRpc.GetRequestsOperatorV1Request, DataRightsRpc.GetRequestsPartnerV1Request, DataRightsRpc.GetRequestsServiceV1RequestRetrieves all data requests for a specific player’s account.
DataRightsRpc.GetPersonalDataPackageOperatorV1Request, DataRightsRpc.GetPersonalDataPackagePartnerV1Request, DataRightsRpc.GetPersonalDataPackageServiceV1RequestStarts the process of compiling the player’s account data.
DataRightsRpc.GenerateDownloadUrlAndTokenOperatorV1Request, DataRightsRpc.GenerateDownloadUrlAndTokenPartnerV1Request, DataRightsRpc.GenerateDownloadUrlAndTokenServiceV1RequestGenerates a download link that contains the player’s data package.
Example: Data Rights service config
social:
  serviceConfigs:
    DataRightsServiceConfig: 
      waitingPeriodInDays:
        accountDeletion: 30 # default value
        personalData: 28 # default value
      downloadLinkLifespanInDays: 7 # default value
      downloadEndpoint: "http://localhost:11000/v1/datapackage"

View personal data request status #

Operators can view the status of a personal data request through the Social Operator Portal. The status of the personal data request (social and game data) is displayed on a player’s Account page under the Data Rights tab. For details on the individual statuses of the social and game data collected, click on a personal data request to open the right hand drawer.

Below are the possible status states of a request:

  • In Progress: as soon as a personal data request is initiated and the reports are still being generated
  • Ready: when the download link is ready to be sent to a player
  • Failed: when there is an error while the social or game data is being collected

Game data configuration #

By default, only social account data is collected. In this section, we’ll go through how to enable game data collection in the personal data package.

To set up game data collection, you’ll need to do the following:

  • Ensure the Social Backend Partner Client Config, under the game config, has bearerToken set to a valid partner token for the social backend. If your infrastructure is managed by Pragma this should already be set. For more information, see Generate Partner Tokens.
Example: Social Backend Partner Client Config
game:
  serviceConfigs:
    SocialBackendPartnerClientConfig: 
      bearerToken: "partner-token-for-social-backend"
  • In the Data Rights Polling Service config under the game config, set enabled to true. This config enables game report generation and request fulfillment. You will need to restart Pragma Engine for this value to be respected.
Example: Data Rights Polling Service Config
game:
  serviceConfigs:
    DataRightsPollingServiceConfig: 
      enabled: true
  • In the Data Rights Service config under the social config, set includeGameDataReports to true. This config enables submission of data rights game requests.
Example: Data Rights Service Config
social:
  serviceConfigs:
    DataRightsServiceConfig: 
      includeGameDataReports: true

Below is an optional config value for further customization:

ValueDescription
checkRequestsFrequencyInMinutesInt used to determine the frequency in minutes to check for new requests to be built or processed. This setting can be configured in the DataRightsPollingServiceConfig.

minimum value: 1
default value: 10
If checkRequestsFrequencyInMinutes is updated in a config file, the new value will not be properly respected until you restart your Pragma Engine.

Data rights plugins #

All personal data collection occurs in the data rights plugins. The following plugins can be used to define what information is sent to a player in their personal data package:

  • Data Rights Social Plugin: handles social data such as order history and friends list
  • Data Rights Game Plugin: handles game data such as player’s inventory

Both data rights plugins follow a similar interface and use the buildPersonalDataReport to define what data is sent to players in their data package.

MethodDescription
buildPersonalDataReportCalled to generate a report. This method allows you to customize the social or game data included in the player’s personal data package.

When the buildPersonalDataReport method returns a PersonalDataReport, the data defined is collected and stored for the user and the request is marked successful. If the method throws an exception, the request status is marked as failed and a new request must be made.

Example: Personal Data Report
{
  "sections": {
    "friends": {
      "items": {}
    },
    "account-data": {
      "items": {
        "social": {
          "data": {
            "pragmaSocialId": "3bc5e32b-39bd-56g0-c60e-f34529c35778",
            "pragmaDisplayName": "pragma-display-name",
            "pragmaDiscriminator": "0315"
          }
        },
        "personal": {
          "data": {
            "emailAddress": "email-address@pragma.gg",
            "emailVerified": "false",
            "createdTimestampMillis": "1706573678968",
            "lastLoginTimestampMillis": "1707261157388"
          }
        }
      }
    },
    "order-history": {
      "items": {}
    },
    "game-identities": {
      "items": {
        "00000000-0000-0000-0000-000000000001": {
          "data": {
            "gameShardId": "00000000-0000-0000-0000-000000000001",
            "gameShardName": "testGameShard",
            "gameTitleName": "testGame",
            "pragmaPlayerId": "ade12cc8-8e55-5ade-8c32-1c82c83bd3de"
          }
        }
      }
    },
    "account-metadata": {
      "items": {
        "tags": {
          "data": {
            "0": "testTagToAdd2",
            "1": "testTagToAdd3"
          }
        },
        "groups": {
          "data": {
            "0": "group A",
            "1": "group B"
          }
        }
      }
    },
    "identity-providers": {
      "items": {
        "UNSAFE": {
          "data": {
            "accountId": "test01",
            "idProvider": "DISCORD",
            "displayName": "test01",
            "discriminator": ""
          }
        }
      }
    }
  }
}

Data Rights Social Plugin #

The default Data Rights Social Plugin collects linked identity providers, social and game identifiers, order history, friends list, and accompanying PII (personally identifiable information).

To enable and configure your custom Data Rights Social Plugin, you’ll need to add the following to your social config:

social:
  pluginConfigs:
    DataRightsService.dataRightsSocialPlugin:
      class: "demo.datarights.DemoDataRightsSocialPlugin"

Data Rights Game Plugin #

The default Data Rights Game Plugin collects game data.

To enable and configure your custom Data Rights Game Plugin, you’ll need to add the following to your game config:

game:
  pluginConfigs:
    DataRightsService.dataRightsGamePlugin:
      class: "demo.datarights.DemoDataRightsGamePlugin"

To include player’s inventory, set enableLegacyInventoryDataCollection to true:

pluginConfigs:
  DataRightsPollingService.dataRightsGamePlugin:
    class: "pragma.datarights.DefaultDataRightsGamePlugin"
    config:
      enableLegacyInventoryDataCollection: true

If buildPersonalDataReport throws an exception, the Data Rights Polling service will report an error and set the personal data request status to failed.

suspend fun buildPersonalDataReport(
  playerId: PlayerId,
  requestId: UUID,
): PersonalDataReport