Privacy Rights #
To comply with privacy rights (GDPR, CCPA) Pragma Engine offers the following:
- Account deletion
- Send players their personal data
- Data rights plugins to manage and customize what data is collected for the player’s personal data package
Account deletion #
You can delete a player’s Pragma account. The following Operator, Partner, and Service endpoints are available for account deletion:
AccountRpc.DeleteAccountOperatorV1Request
AccountRpc.DeleteAccountPartnerV1Request
AccountRpc.DeleteAccountServiceV1Request
These endpoints delete the player’s social identity, links to third party accounts, links to game identities, ban history, and all accompanying PII (personally identifiable information). In addition, calling these endpoints can be used to reset a Pragma account in a test environment.
This process is irreversible. All PII is permanently removed and can not be retrieved from the Pragma Engine database.
Delete an account in Operator Portal #
- From the Social Operator Portal, click Services, then click Accounts.
- Click on the relevant player name to view individual account information.
- Under the Delete Account section click Delete Account.
- Enter the account discriminator and click Delete Account.
Send players their personal data #
You can send a player a download link containing their data package. Pragma Engine’s Data Rights service enables Operators to start a personal data request for a player’s account in the Social Operator Portal. Operators can then monitor the status of the request as the data is compiled; this data includes linked identity providers, social and game identities, order history, ban history, friends list, game inventory, and accompanying PII (personally identifiable information). Once all the data is collected, a link will be generated that can be sent to the player by an Operator. The player can then download their data package using an encrypted token that has an expiration date.
The download link automatically expires after a configurable amount of time; the default expiration is set to 7 days.
- From the Social Pragma Portal, click Services, then click Accounts.
- Click on the relevant player name to view individual account information.
- Under the Data Rights section click on the active request when it has a status set to Ready.
- Click the Copy Link button to copy the download link.
Below is a table with the available Data Rights service endpoints:
Call | Description |
---|---|
DataRightsRpc.SubmitRequestV1Request | Submits a data request for the player requesting. |
DataRightsRpc.SubmitRequestOperatorV1Request , DataRightsRpc.SubmitRequestPartnerV1Request , DataRightsRpc.SubmitRequestServiceV1Request | Submits a data request for a specific player account. This requires sending the desired player’s social ID. |
DataRightsRpc.GetRequestsOperatorV1Request , DataRightsRpc.GetRequestsPartnerV1Request , DataRightsRpc.GetRequestsServiceV1Request | Retrieves all data requests for a specific player’s account. |
DataRightsRpc.GetPersonalDataPackageOperatorV1Request , DataRightsRpc.GetPersonalDataPackagePartnerV1Request , DataRightsRpc.GetPersonalDataPackageServiceV1Request | Starts the process of compiling the player’s account data. |
DataRightsRpc.GenerateDownloadUrlAndTokenOperatorV1Request , DataRightsRpc.GenerateDownloadUrlAndTokenPartnerV1Request , DataRightsRpc.GenerateDownloadUrlAndTokenServiceV1Request | Generates a download link that contains the player’s data package. |
View personal data request status #
Operators can view the status of a personal data request through the Social Operator Portal. The status of the personal data request (social and game data) is displayed on a player’s Account page under the Data Rights tab. For details on the individual statuses of the social and game data collected, click on a personal data request to open the right hand drawer.
Below are the possible status states of a request:
- In Progress: as soon as a personal data request is initiated and the reports are still being generated
- Ready: when the download link is ready to be sent to a player
- Failed: when there is an error while the social or game data is being collected
Game data configuration #
By default, only social account data is collected. In this section, we’ll go through how to enable game data collection in the personal data package.
To set up game data collection, you’ll need to do the following:
- Ensure the Social Backend Partner Client Config, under the
game
config, hasbearerToken
set to a valid partner token for the social backend. If your infrastructure is managed by Pragma this should already be set. For more information, see Generate Partner Tokens.
- In the Data Rights Polling Service config under the
game
config, setenabled
totrue
. This config enables game report generation and request fulfillment. You will need to restart Pragma Engine for this value to be respected.
- In the Data Rights Service config under the
social
config, setincludeGameDataReports
totrue
. This config enables submission of data rights game requests.
Below is an optional config value for further customization:
Value | Description |
---|---|
checkRequestsFrequencyInMinutes | Int used to determine the frequency in minutes to check for new requests to be built or processed. This setting can be configured in the DataRightsPollingServiceConfig .minimum value: 1 default value: 10 |
If checkRequestsFrequencyInMinutes
is updated in a config file, the new value will not be properly respected until you restart your Pragma Engine.
Data rights plugins #
All personal data collection occurs in the data rights plugins. The following plugins can be used to define what information is sent to a player in their personal data package:
- Data Rights Social Plugin: handles social data such as order history and friends list
- Data Rights Game Plugin: handles game data such as player’s inventory
Both data rights plugins follow a similar interface and use the buildPersonalDataReport
to define what data is sent to players in their data package.
Method | Description |
---|---|
buildPersonalDataReport | Called to generate a report. This method allows you to customize the social or game data included in the player’s personal data package. |
When the buildPersonalDataReport
method returns a PersonalDataReport
, the data defined is collected and stored for the user and the request is marked successful. If the method throws an exception, the request status is marked as failed and a new request must be made.
Data Rights Social Plugin #
The default Data Rights Social Plugin collects linked identity providers, social and game identifiers, order history, friends list, and accompanying PII (personally identifiable information).
To enable and configure your custom Data Rights Social Plugin, you’ll need to add the following to your social
config:
social:
pluginConfigs:
DataRightsService.dataRightsSocialPlugin:
class: "demo.datarights.DemoDataRightsSocialPlugin"
Data Rights Game Plugin #
The default Data Rights Game Plugin collects game data.
To enable and configure your custom Data Rights Game Plugin, you’ll need to add the following to your game
config:
game:
pluginConfigs:
DataRightsService.dataRightsGamePlugin:
class: "demo.datarights.DemoDataRightsGamePlugin"
To include player’s inventory, set enableLegacyInventoryDataCollection
to true
:
pluginConfigs:
DataRightsPollingService.dataRightsGamePlugin:
class: "pragma.datarights.DefaultDataRightsGamePlugin"
config:
enableLegacyInventoryDataCollection: true
If buildPersonalDataReport
throws an exception, the Data Rights Polling service will report an error and
set the personal data request status to failed.
suspend fun buildPersonalDataReport(
playerId: PlayerId,
requestId: UUID,
): PersonalDataReport