Minecraft's own privacy policy is only part of the picture; Microsoft's main privacy policy also applies and contains additional details about how your data is handled.
This analysis describes what Minecraft's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy's reliance on a separate Microsoft document means users must review two distinct policies to understand the full scope of data collection, sharing, and rights applicable to their Minecraft account.
Interpretive note: The exact verbatim text of the cross-reference provision was not available in the truncated document; the characterization is based on the document's evident structure and standard Microsoft/Minecraft policy practice.
The removal of this cross-reference provision suggests the current version may provide more standalone coverage of privacy topics rather than deferring readers to the parent Microsoft Privacy Statement.
View full change record →Changed from stating incorporation into the Microsoft Privacy Statement to characterizing this notice as supplementary, and added explicit instruction to refer to Microsoft Privacy Statement for additional information.
View full change record →The terms state that the Microsoft Privacy Statement governs data practices in addition to this Minecraft-specific policy, meaning consumers cannot rely on this document alone to understand all applicable rights, obligations, and data flows affecting their account.
How other platforms handle this
enableGpcSdk: true, gpcSetting: { privacyPolicyLink: '/Privacy-Security-Policy-a-282.html' }
We process Global Privacy Control signals as opt-out requests for the sale or sharing of personal information.
The Service is intended for general audiences and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your cons...
Monitoring
Minecraft has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"This privacy notice supplements the Microsoft Privacy Statement, which also applies to your use of Minecraft products and services. Please refer to the Microsoft Privacy Statement for additional information about our data practices.— Excerpt from Minecraft's Minecraft Privacy Statement
REGULATORY LANDSCAPE: GDPR Articles 13 and 14 require that privacy information be provided in a concise, transparent, intelligible, and easily accessible form. Cross-referencing a separate document to complete required disclosures may create tension with these transparency requirements, depending on how data protection authorities in relevant jurisdictions assess the adequacy of layered notice structures. The ICO in the UK and EU national DPAs have scrutinized layered privacy notice structures. GOVERNANCE EXPOSURE: Medium. Where material data processing terms are distributed across multiple documents, there is a risk that the combined disclosure does not meet the specificity required under GDPR or CCPA at the point of collection. This is particularly relevant for child users, where COPPA requires clear and direct notice to parents. JURISDICTION FLAGS: EU/EEA and UK jurisdictions create heightened exposure given GDPR and UK GDPR requirements for complete and accessible privacy information. COPPA requires that notice to parents be direct and complete, meaning cross-referencing a general corporate privacy statement may not satisfy the specificity requirement. CONTRACT AND VENDOR IMPLICATIONS: B2B partners or platform distributors integrating Minecraft services should confirm that the layered notice structure meets applicable requirements in each jurisdiction where their users are located, and should not assume that the Minecraft-specific policy alone satisfies their own downstream disclosure obligations. COMPLIANCE CONSIDERATIONS: Legal teams should evaluate whether the combined Minecraft policy plus Microsoft Privacy Statement structure satisfies GDPR layered notice requirements and COPPA direct notice obligations, and consider whether a consolidated disclosure or a more prominent cross-reference mechanism would reduce regulatory risk.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy's reliance on a separate Microsoft document means users must review two distinct policies to understand the full scope of data collection, sharing, and rights applicable to their Minecraft account.
The terms state that the Microsoft Privacy Statement governs data practices in addition to this Minecraft-specific policy, meaning consumers cannot rely on this document alone to understand all applicable rights, obligations, and data flows affecting their account.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Minecraft.