What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This notice engages GDPR (with Riot Games Ltd. acting as EU/EEA data controller), CCPA/CPRA for California residents, COPPA for users under 13 in the US, LGPD for Brazilian users, and PDPA for relevant Asian markets. The FTC has jurisdiction over US consumer data practices. The notice's use of behavioral data for advertising profiling and the recording of voice communications may require evaluation under GDPR's legitimate interests balancing test and, where consent is the …

How does Riot Games's Riot Games Privacy Notice affect users?

Riot Games' data practices establish that voice communications, gameplay behavior logs, hardware identifiers, and location data are collected and processed during account use and gameplay. The notice specifies that certain collected data categories are shared with third-party advertising partners. For Valorant users, kernel-level anti-cheat monitoring through Vanguard software collects system-level information during and outside active gameplay sessions. Users in specified jurisdictions may sub…

How often is Riot Games's Riot Games Privacy Notice updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Riot Games updates this document?

Yes. Watcher subscribers ($9.99/month) can add Riot Games to their watchlist and receive same-day email alerts whenever this document or any other Riot Games document changes.

CA-D-000310

Riot Games Privacy Notice

Riot Games

Last change detected May 6, 2026 Privacy policy

SHA-256: d1eadebcfb5952a54b0… 4 versions captured 3 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Riot Games ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

10 Total

3 High severity

6 Medium severity

1 Low severity

Summary

This privacy notice establishes Riot Games' data collection and processing practices across its game and service portfolio, including League of Legends, Valorant, and related products. The notice authorizes collection of voice communications, in-game behavioral data, hardware identifiers, and approximate location information, with specified sharing of certain data categories to advertising partners for targeted marketing purposes. The document establishes data subject rights for EU, UK, and California residents, including access, deletion, and opt-out requests administered through Riot's privacy request portal.

Technical / Legal Breakdown

This document is Riot Games' global Privacy Notice, governing the collection, use, storage, and sharing of personal data across all Riot Games products and services, with stated legal bases including contractual necessity, legitimate interests, consent, and legal obligation depending on jurisdiction. The notice states that Riot collects a broad range of data categories including account information, payment data, device and hardware identifiers, gameplay and behavioral data, voice and text communications, and location information, and the terms authorize sharing this data with affiliates, service providers, advertising partners, and in connection with business transactions such as mergers or acquisitions. Notable provisions include the collection and potential recording of voice and text chat content for safety and moderation purposes, the use of anti-cheat software (Vanguard) that operates at a kernel level and collects hardware and software information, and the use of behavioral and gameplay data for targeted advertising, which together represent a meaningful scope of data collection that users may not fully anticipate. The notice engages GDPR for EU/EEA users (with Riot Games Ltd. identified as the data controller for those users), CCPA/CPRA for California residents, COPPA and equivalent frameworks for minors, and references compliance with LGPD for Brazilian users and PDPA for relevant Asian jurisdictions; the enforceability and scope of certain data practices may vary significantly by jurisdiction, particularly regarding children's data, advertising profiling, and communications monitoring.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

3 important changes detected

4 versions captured · Last updated: May 2026

May 6, 2026

low

What changed Riot Games updated its privacy notice on May 6, 2026 to clarify that its U.S. entity is now called 'Riot Games U.S.' instead of 'Riot Games, Inc.' throughout the document. This is a naming clarification change that affects references to which company entity handles your data under the EU-U.S. Data Privacy Framework and related international data transfer rules. The substantive data protection commitments remain the same; this is primarily a corporate structure clarification.

Why this matters The updated privacy notice clarifies that Riot Games U.S. (formerly referred to as Riot Games, Inc.) is the entity responsible for handling your personal data under international data privacy frameworks, including the EU-U.S. Data Privacy Framework. This is a naming and entity clarification rather than a substantive change to data protection practices. The commitments to comply with Data Privacy Framework Principles and FTC regulatory oversight remain unchanged.

View full change record →

April 19, 2026

low

What changed Riot Games restructured its Privacy Notice on April 19, 2026, reorganizing how it describes data collection, use, and retention. The notice now consolidates sections, changes cross-references from section letters and numbers to a new numbering system, and clarifies that California residents can find both the categories of personal information collected and the purposes for their collection and use in a single location rather than across multiple sections. The core privacy practices do not appear to have fundamentally changed, but the organizational restructuring means consumers may need to navigate the updated layout to find specific information.

Why this matters Riot Games restructured how its Privacy Notice is organized, consolidating sections and updating internal cross-references. For California residents, the notice now explicitly states that both the categories of personal information collected and the purposes for collection and use can be found in a single section, improving clarity. The practical impact on what data Riot Games collects, uses, or retains does not appear to have changed; this is primarily an organizational and navigational update to the existing privacy disclosure.

View full change record →

April 14, 2026 medium

Riot Games reorganized and updated their privacy notice on April 14, 2026, consolidating sections and clarifying how personal information is collected and used. The main structural change combines collection and …

View change record →

High — 3 provisions

Voice and Text Chat Recording

Riot can record and store what you say and type in in-game voice and chat channels, and use that content to enforce rules and investigate misconduct.

Added May 10, 2026 Rare
Kernel-Level Anti-Cheat (Vanguard) Data Collection Compare →

Riot's Vanguard anti-cheat software installs at the deepest level of your computer's operating system and may collect data about your hardware and other software running on your PC, including when you are not playing.

Added May 7, 2026 Standard Seen across 251 platforms
Children's Data and Age Restrictions Compare →

Riot's services are not intended for users under 16 (or 13 in the US), and if Riot discovers it has collected data from a child below the threshold without parental consent, it says it will delete that data.

Added May 10, 2026 Standard Seen across 262 platforms

Medium — 6 provisions

Behavioral Data Used for Targeted Advertising Compare →

Riot uses your gameplay habits, preferences, and device data to serve you personalized ads, and shares relevant data with third-party advertising companies to do this.

Added May 10, 2026 Standard Seen across 189 platforms
International Data Transfers Compare →

Riot transfers your personal data to other countries, including the US, and uses Standard Contractual Clauses (SCCs) as the legal mechanism to authorize transfers out of the EU.

Added April 3, 2026 Standard Seen across 246 platforms
Data Sharing with Third-Party Service Providers and Partners Compare →

Riot shares your data with a wide range of outside companies including analytics providers, customer support vendors, advertising partners, and potentially acquirers in a business transaction.

Added May 10, 2026 Standard Seen across 246 platforms
Data Retention Compare →

Riot keeps your data for as long as needed to run its services, meet legal requirements, or resolve disputes, but does not commit to specific timeframes for most data categories.

Added May 7, 2026 Standard Seen across 223 platforms
Cookies and Tracking Technologies Compare →

Riot and its partners use cookies and similar tracking tools on its websites and services to collect usage data for analytics and advertising purposes, and you can adjust preferences through a cookie consent tool.

Added May 10, 2026 Standard Seen across 251 platforms
Changes to the Privacy Notice Compare →

Riot can change this privacy policy at any time and treats your continued use of its services as acceptance of the new terms, though it says it will notify you of material changes.

Added May 10, 2026 Standard Seen across 262 platforms

Low — 1 provision

User Privacy Rights and Request Process Compare →

Depending on your location, you have rights to access, correct, delete, or move your data, and you can exercise those rights by submitting a request through Riot's online privacy portal.

Added May 10, 2026 Standard Seen across 262 platforms

Monitoring

Riot Games has updated this document before.

Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

Professional Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Professional free trial

Cross-platform context

See how other platforms handle Children's and Minors' Data and similar clauses.

Compare across platforms →