Riot can change this privacy policy at any time and treats your continued use of its services as acceptance of the new terms, though it says it will notify you of material changes.
This analysis describes what Riot Games's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Acceptance of updated privacy terms by continued use rather than explicit re-consent means that changes to data practices take effect without requiring your affirmative agreement, which is significant if material changes expand data collection or sharing.
Interpretive note: The enforceability of deemed acceptance through continued use for material changes to data practices may be limited under GDPR where consent is the lawful basis for specific processing; applicable law in the user's jurisdiction determines whether this formulation is effective.
Riot Games has restructured how it presents information about data collection and use in its privacy notice. The company narrowed its third-party disclaimer by removing the phrase 'we don't own or co…
If Riot updates its privacy policy, continuing to use its services is treated as acceptance of the new terms. Users who want to stay informed should watch for policy update notifications and review changes before deciding whether to continue using Riot's services.
How other platforms handle this
Changes to this Privacy Notice
If you are a California resident, you may have certain rights under the California Consumer Privacy Act (CCPA). These rights may include: the right to know about personal information collected, disclosed, or sold; the right to delete personal information collected from you; the right to opt-out of t...
Depending on where you live, you may have certain rights with respect to your personal information. These rights may include: The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which we collected i...
Monitoring
Riot Games has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may update this Privacy Notice from time to time. If we make material changes, we will notify you by posting a notice on our website or by other means, such as email. Your continued use of our Services after we post an updated Privacy Notice constitutes your acceptance of the updated terms.— Excerpt from Riot Games's Riot Games Privacy Notice
REGULATORY LANDSCAPE: GDPR requires that where processing is based on consent, material changes to data practices require fresh consent rather than deemed acceptance through continued use. The 'continued use equals acceptance' formulation may not satisfy GDPR's consent standard for changes to consent-based processing. Under CCPA, material changes to privacy practices may require updated notices at or before the point of collection. The FTC has taken action against companies that materially changed data practices without adequate notice. GOVERNANCE EXPOSURE: Medium. The provision is standard industry language but creates tension with GDPR's requirements where consent is the lawful basis for certain processing. If Riot relies on legitimate interests rather than consent for most processing, the tension is reduced, but for processing that does require consent (e.g. certain advertising uses), material policy changes would require re-consent mechanisms rather than deemed acceptance. JURISDICTION FLAGS: EU/EEA users retain rights under GDPR regardless of deemed acceptance clauses; material changes to consent-based processing require fresh consent in the EU. California users must receive notice of material changes. UK GDPR mirrors the EU position. Where changes affect children's data processing, additional consent obligations may apply. CONTRACT AND VENDOR IMPLICATIONS: B2B customers relying on Riot's privacy commitments in vendor assessments should monitor for policy changes and assess whether material changes require contract amendments or new DPAs. Enterprise procurement policies may require notification of vendor privacy policy changes. COMPLIANCE CONSIDERATIONS: The company should confirm that its notification mechanism for material changes (email or website posting) is technically implemented and reaches all active users. For EU users, the mechanism for obtaining fresh consent for material changes to consent-based processing should be specified. A policy change log or version history should be maintained and accessible to users.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Acceptance of updated privacy terms by continued use rather than explicit re-consent means that changes to data practices take effect without requiring your affirmative agreement, which is significant if material changes expand data collection or sharing.
If Riot updates its privacy policy, continuing to use its services is treated as acceptance of the new terms. Users who want to stay informed should watch for policy update notifications and review changes before deciding whether to continue using Riot's services.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Riot Games.