What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: This policy engages COPPA (FTC enforcement) due to Roblox's known under-13 user population, requiring verifiable parental consent before collecting personal information from children; GDPR and UK GDPR apply to EU and UK residents and require a documented lawful basis for each processing activity, data subject rights fulfillment, and Data Protection Impact Assessments for high-risk processing; CCPA and CPRA apply to California residents and require opt-out rights for sa…

How does Roblox's Roblox Privacy and Cookie Policy affect users?

The document authorizes Roblox to collect and process behavioral, communications, and device data for advertising and analytics purposes. Users in applicable jurisdictions are granted rights to request access, correction, deletion, or processing restrictions on their personal data, and California residents are granted the right to opt out of data sales or sharing. Users may submit data rights requests or opt-out requests through the account settings portal at https://www.roblox.com/my/account#!…

How often is Roblox's Roblox Privacy and Cookie Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Roblox updates this document?

Yes. Watcher subscribers ($9.99/month) can add Roblox to their watchlist and receive same-day email alerts whenever this document or any other Roblox document changes.

CA-D-000073

Roblox Privacy and Cookie Policy

Roblox

Last change detected May 15, 2026 Privacy policy

SHA-256: 606290cc424bb1c1f25… 13 versions captured 13 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Roblox ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

9 Total

3 High severity

6 Medium severity

0 Low severity

Summary

This document establishes Roblox's policies governing collection, use, sharing, and protection of personal information from platform users. Roblox collects personal identifiers, device identifiers, location-related data, in-game behavioral data, chat content, and payment information, and authorizes sharing this data with advertising, analytics, and business partners. The policy establishes parental request procedures for users under 13 and specifies data rights available to users in applicable jurisdictions.

Technical / Legal Breakdown

This document is Roblox's Privacy and Cookie Policy, effective April 30, 2026, governing the collection, use, storage, and disclosure of personal information for users of the Roblox platform globally, with stated legal bases including consent, contractual necessity, legitimate interests, and legal obligation depending on jurisdiction. The policy states that Roblox collects identifiers, account credentials, device and hardware information, IP addresses, location-related data, in-game activity and behavioral data, communications content, payment information, biometric identifiers in certain jurisdictions, and inferences drawn from user activity; it authorizes sharing this data with service providers, advertising and analytics partners, business partners, and third parties in the context of corporate transactions. A notable provision authorizes the collection and use of data from users under 13 under a COPPA-compliant framework, restricting behavioral advertising for this group, while the policy also discloses the use of advertising technologies including pixels, SDKs, and cross-context behavioral advertising for users above the applicable age threshold; the policy asserts broad rights to process user-generated content and communications for safety and moderation purposes. The policy engages COPPA (enforced by the FTC) given Roblox's substantial under-13 user base, GDPR and UK GDPR for EU and UK residents respectively, CCPA and CPRA for California residents, and various other jurisdictional frameworks; compliance exposure is heightened given the platform's global reach, its mixed-age user population, and its in-platform economy involving virtual currency.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

13 important changes detected

13 versions captured · Last updated: May 2026

May 15, 2026

low

What changed Roblox restructured its Privacy and Cookie Policy on May 15, 2026, replacing a brief effective-date notice with an expanded table of contents and organizational framework. The updated policy now opens with a dedicated privacy policy header, navigation categories for specific data collection scenarios (account setup, purchases, content posting, developer information), and jurisdiction-specific sections. The operational change is primarily structural: the policy reorganizes how privacy disclosures are presented and navigated rather than substantively altering collection practices or user rights.

Why this matters The updated privacy policy reorganizes how information is presented and indexed, adding a structured table of contents with sections for account creation, purchases, content posting, developer activities, and jurisdiction-specific privacy rights. The change is primarily structural: it groups related disclosures into clearer sections rather than modifying the substantive policies governing data collection or use. Users now have more granular navigation to find information relevant to their specific activities on the platform.

View full change record →

May 14, 2026

low

What changed On May 14, 2026, Roblox added Hindi language support to its published privacy policy document listings. The policy documentation now includes a Hindi version (Roblox की प्राइवेसी और कुकी पॉलिसी 20260430.pdf, 1 MB) alongside the 16 other language versions previously available. The substantive privacy terms themselves remain unchanged; this update only expands the languages in which the policy documentation is accessible.

Why this matters This change does not modify the substantive terms of Roblox's privacy policy. The addition of Hindi language documentation makes the policy more accessible to Hindi-speaking users who may prefer to review the terms in their native language. No changes to data collection, processing, rights, or obligations have occurred; the English and other existing language versions remain in effect and govern all users regardless of which language version they consult.

View full change record →

May 6, 2026 low

Roblox updated its Privacy and Cookie Policy on May 6, 2026, effective April 30, 2026. The updated policy now includes a new 'Effective Date' header and a 'Summary of Recent …

View change record →

May 6, 2026 low

Roblox restructured its Privacy and Cookie Policy on May 6, 2026, removing references to an earlier pending update notice and adding a new table-of-contents structure with expanded sections covering data …

View change record →

May 1, 2026 low

On May 1, 2026, Roblox updated its Privacy and Cookie Policy to reflect changes being made on the platform. The updated policy now begins with an explicit effective date of …

View change record →

May 1, 2026 medium

Roblox updated its privacy policy on May 1, 2026 to restrict personalized advertising for users under 18. The previous policy stated the platform personalizes ads for all users; the updated …

View change record →

April 29, 2026 low

Roblox updated its privacy policy on April 29, 2026 to add three new disclosures: clarification of who can see personalized versus non-personalized ads, description of information-sharing practices with authorities, and …

View change record →

April 23, 2026 medium

Roblox updated its Privacy and Cookie Policy effective April 23, 2026 to add detailed language about how it collects and uses persistent identifiers (IP addresses and device identifiers) from all …

View change record →

April 22, 2026 low

Roblox restructured the presentation of its Privacy and Cookie Policy on April 22, 2026, adding a welcome section and reorganizing the table of contents. The document now opens with a …

View change record →

April 21, 2026 low

Roblox updated its privacy policy publication on April 21, 2026, with an effective date of April 30, 2026. The updated policy reorganized its table of contents and added an explicit …

View change record →

April 19, 2026 low

Roblox restructured its privacy policy on April 19, 2026, adding a table of contents and reorganizing content into sections covering when information is collected, how it is shared, security measures, …

View change record →

April 16, 2026 low

Roblox updated its Privacy and Cookie Policy effective April 30, 2026, adding three substantive sections: clarification of who sees personalized versus non-personalized ads, disclosure of practices for sharing information with …

View change record →

March 8, 2026 medium

Roblox removed detailed explanations of how and why it collects user data, streamlined its privacy policy structure, and made specific clarifications about data practices for child accounts. The policy now …

View change record →

High — 3 provisions

Collection of Personal Information from Children (COPPA Framework) Compare →

Roblox states it requires parental consent before collecting personal information from children under 13, and does not serve behavioral advertising to this age group. Parents can contact Roblox to request deletion of their child's data.

Added May 12, 2026 Standard Seen across 262 platforms
Behavioral Advertising and Cross-Context Data Sharing Compare →

Roblox uses your behavioral data and works with advertising partners who use cookies, pixels, and SDKs to serve you targeted ads based on your activity on Roblox and other websites. Users above the applicable age threshold are subject to this cross-context behavioral advertising.

Added May 12, 2026 Standard Seen across 246 platforms
Biometric Identifier Collection Compare →

Roblox states that in some locations and for certain features it may collect biometric data such as facial geometry, and says it will seek consent where required by law before doing so.

Added May 12, 2026 Standard Seen across 251 platforms

Medium — 6 provisions

Data Subject Rights by Jurisdiction Compare →

Depending on where you live, you have rights to access, correct, delete, or restrict how Roblox uses your data, and to opt out of data sales or targeted advertising. You can exercise these rights through Roblox's Privacy Portal or by emailing privacy@roblox.com.

Added May 12, 2026 Standard Seen across 187 platforms
Cookie and Tracking Technology Use Compare →

Roblox and its partners use cookies, pixels, SDKs, and similar tools to track your activity on Roblox and other websites, including for targeted advertising. You can control some cookies through your browser, and Roblox states it honors Global Privacy Control signals where required by law.

Added April 3, 2026 Standard Seen across 251 platforms
Data Sharing with Third Parties and Business Partners Compare →

Roblox shares your personal information with service providers, advertising and analytics companies, business partners, and in the event of a corporate sale or merger. Service providers are contractually restricted to using data only as Roblox directs.

Added May 12, 2026 Standard Seen across 246 platforms
Account Closure and Data Retention Compare →

You can request deletion of your Roblox account and data, but Roblox may retain some information for legal compliance, dispute resolution, fraud prevention, or transaction completion. Some data may also persist in backup systems temporarily.

Added May 12, 2026 Standard Seen across 223 platforms
Policy Updates and Notification Compare →

Roblox may change this privacy policy and will notify users of material changes via the website, email, or other means. Continuing to use Roblox after changes take effect is treated as acceptance of the updated terms.

Added May 12, 2026 Standard Seen across 178 platforms
Virtual Currency and In-Platform Economy Data Compare →

When you buy Robux or make purchases on Roblox, your payment information and transaction history are collected and retained. Robux have no real-world monetary value and are generally non-refundable.

Added May 12, 2026 Common Seen across 150 platforms