Riot Games updated its privacy notice on May 6, 2026 to clarify that its U.S. entity is now called 'Riot Games U.S.' instead of 'Riot Games, Inc.' throughout the document. This is a naming clarification change that affects references to which company entity handles your data under the EU-U.S. Data Privacy Framework and related international data transfer rules. The substantive data protection commitments remain the same; this is primarily a corporate structure clarification.
The updated privacy notice clarifies that Riot Games U.S. (formerly referred to as Riot Games, Inc.) is the entity responsible for handling your personal data under international data privacy frameworks, including the EU-U.S. Data Privacy Framework. This is a naming and entity clarification rather than a substantive change to data protection practices. The commitments to comply with Data Privacy Framework Principles and FTC regulatory oversight remain unchanged.
The updated privacy notice clarifies which legal entity (Riot Games U.S.) is responsible for your data under international data protection agreements and frameworks that regulate cross-border data transfers from Europe and Switzerland. Accurate entity identification is operationally important for exercising data subject rights (access, deletion, portability) under GDPR and similar laws, as it establishes which entity you may need to contact or pursue claims against if disputes arise.
Entity name updated from 'Riot Games, Inc.' to 'Riot Games U.S.' throughout all DPF certification and compliance language
U.S. operating entity now identified as 'Riot Games U.S.' in geographic responsibility disclosures
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Riot Games updated its privacy notice on May 6, 2026 to reflect a corporate entity naming change from 'Riot Games, Inc.' to 'Riot Games U.S.' throughout its Data Privacy Framework certification disclosures. The change affects references in sections covering EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF compliance. No substantive modifications to data handling commitments, transfer mechanisms, or Framework principles are evident. Organizations using Riot Games platforms should verify that their vendor management and data processing agreements reference the correct entity name (Riot Games U.S.) if they execute formal agreements or rely on DPA/SCC documentation.
GDPR (data transfers from EEA); UK GDPR extension (data transfers from UK); Swiss DPA (data transfers from Switzerland); EU-U.S. Data Privacy Framework; UK Extension to EU-U.S. DPF; Swiss-U.S. DPF; FTC Act Section 5 (enforceability of privacy commitments under DPF frameworks)
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-001773.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — WatcherRiot Games restructured its Privacy Notice on April 19, 2026, reorganizing how it describes data collection, use, and retention. The …
Riot Games reorganized and updated their privacy notice on April 14, 2026, consolidating sections and clarifying how personal information is …
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.