Privacy policy clauses for Amazon GameSparks
Amazon GameSparks is a serverless backend platform designed to manage multiplayer game infrastructure, including player authentication, matchmaking, leaderboards, and virtual economy systems. Game developers use it to reduce backend complexity while maintaining scalability on AWS infrastructure.
Free scan · No signup · Results in 60 seconds
What data Amazon GameSparks collects
Your privacy policy must disclose each of the following data types when you use Amazon GameSparks.
When does Amazon GameSparks trigger privacy obligations?
Amazon GameSparks integration triggers privacy obligations the moment player authentication or game state data begins flowing through AWS infrastructure. The service collects player profiles (usernames, identifiers), authentication credentials, real-time game state, matchmaking data, leaderboard rankings, and virtual economy transactions—all processed by AWS as a data processor in the United States.
GDPR applies if your game has players in the EU/EEA, regardless of your company location. You must treat AWS as a processor under GDPR Article 28 and execute a Data Processing Agreement (DPA) covering GameSparks data flows. Article 13/14 requires you to disclose in privacy notices that player data is transferred to and processed in the US without adequacy decisions—triggering Standard Contractual Clauses (SCCs) or other transfer mechanisms post-Schrems II.
CCPA applies if you collect data from California residents and meet the $25M+ revenue threshold or collect data on 100,000+ California consumers/households. CCPA Section 1798.100 gives players rights to know, delete, and opt-out of sales; Section 1798.140(ac) defines "service providers" (AWS's role), requiring a service agreement restricting use to the stated business purpose.
