Minecraft's own privacy policy is only part of the picture; Microsoft's main privacy policy also applies and contains additional details about how your data is handled.
This analysis describes what Minecraft's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy's reliance on a separate Microsoft document means users must review two distinct policies to understand the full scope of data collection, sharing, and rights applicable to their Minecraft account.
Interpretive note: The exact verbatim text of the cross-reference provision was not available in the truncated document; the characterization is based on the document's evident structure and standard Microsoft/Minecraft policy practice.
The terms state that the Microsoft Privacy Statement governs data practices in addition to this Minecraft-specific policy, meaning consumers cannot rely on this document alone to understand all applicable rights, obligations, and data flows affecting their account.
How other platforms handle this
If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA). These rights may include: the right to know about personal information collected, disclosed, or sold; the right to delete personal information collected from you; the right to opt-out of t...
Depending on where you live, you may have certain rights with respect to your personal information. These rights may include: The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which we collected i...
If you are located in the European Economic Area or the United Kingdom, you have certain rights under applicable data protection laws, including the right to access, correct, or delete your personal data, the right to object to or restrict processing, and the right to data portability. You may also ...
Monitoring
Minecraft has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"This privacy notice supplements the Microsoft Privacy Statement, which also applies to your use of Minecraft products and services. Please refer to the Microsoft Privacy Statement for additional information about our data practices.— Excerpt from Minecraft's Minecraft Privacy Statement
REGULATORY LANDSCAPE: GDPR Articles 13 and 14 require that privacy information be provided in a concise, transparent, intelligible, and easily accessible form. Cross-referencing a separate document to complete required disclosures may create tension with these transparency requirements, depending on how data protection authorities in relevant jurisdictions assess the adequacy of layered notice structures. The ICO in the UK and EU national DPAs have scrutinized layered privacy notice structures. GOVERNANCE EXPOSURE: Medium. Where material data processing terms are distributed across multiple documents, there is a risk that the combined disclosure does not meet the specificity required under GDPR or CCPA at the point of collection. This is particularly relevant for child users, where COPPA requires clear and direct notice to parents. JURISDICTION FLAGS: EU/EEA and UK jurisdictions create heightened exposure given GDPR and UK GDPR requirements for complete and accessible privacy information. COPPA requires that notice to parents be direct and complete, meaning cross-referencing a general corporate privacy statement may not satisfy the specificity requirement. CONTRACT AND VENDOR IMPLICATIONS: B2B partners or platform distributors integrating Minecraft services should confirm that the layered notice structure meets applicable requirements in each jurisdiction where their users are located, and should not assume that the Minecraft-specific policy alone satisfies their own downstream disclosure obligations. COMPLIANCE CONSIDERATIONS: Legal teams should evaluate whether the combined Minecraft policy plus Microsoft Privacy Statement structure satisfies GDPR layered notice requirements and COPPA direct notice obligations, and consider whether a consolidated disclosure or a more prominent cross-reference mechanism would reduce regulatory risk.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy's reliance on a separate Microsoft document means users must review two distinct policies to understand the full scope of data collection, sharing, and rights applicable to their Minecraft account.
The terms state that the Microsoft Privacy Statement governs data practices in addition to this Minecraft-specific policy, meaning consumers cannot rely on this document alone to understand all applicable rights, obligations, and data flows affecting their account.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Minecraft.