The policy states that user inputs submitted to AI-powered features, which may include personally identifying information, are used to generate outputs. The policy does not specify whether inputs are used for AI model training, retained beyond the session, or shared with third-party AI providers.
This analysis describes what Unreal Engine's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision discloses that personally identifying user inputs are processed by AI-powered features, but the policy as excerpted does not address whether those inputs are used for model training, retained beyond immediate use, or processed by third-party AI infrastructure providers. This gap in disclosure is operationally significant for GDPR compliance (Articles 13 and 14 transparency requirements) and for enterprise and developer users of Epic's tools who may submit proprietary or sensitive information.
Interpretive note: The policy does not clarify whether AI inputs are retained for model training, processed by third-party AI providers, or subject to separate retention schedules, creating ambiguity about the full scope of processing.
Under this provision, information submitted to Epic's AI-powered features including content that may identify the user is processed to generate responses. The agreement does not specify whether this data is retained for model improvement or shared with external AI service providers.
How other platforms handle this
If you are in the European Economic Area (EEA), we only process your personal data when we have a valid legal basis to do so, including when: (a) you have consented to the processing; (b) the processing is necessary to perform a contract with you; (c) we have a legitimate interest in processing your...
We process the information you share with us when you create your profile or send messages. This includes photos, videos, messages, and other content you share on the platform. We may use this content to improve our services, ensure safety, and comply with legal obligations.
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
Monitoring
Unreal Engine has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"When you use AI-powered features (e.g., Epic Developer Assistant), we use your inputs (e.g., information you submit that may identify you) to generate outputs (e.g., responses that may identify you).— Excerpt from Unreal Engine's Epic Games Privacy Policy
1) REGULATORY LANDSCAPE: This provision engages GDPR's transparency and purpose limitation principles (Articles 5, 13, and 14) regarding the scope of processing for AI-generated outputs. The EU AI Act may apply depending on the risk classification of the AI systems used. The FTC's guidelines on AI and data transparency are also relevant for US-based users. State consumer privacy laws including CCPA may require disclosure of AI-related processing in privacy notices. 2) GOVERNANCE EXPOSURE: Medium. The policy discloses that AI inputs may identify users but does not specify retention duration, training use, or third-party AI provider involvement. This disclosure gap creates potential compliance exposure under GDPR's transparency obligations and may require supplemental disclosure depending on the specific AI systems deployed. 3) JURISDICTION FLAGS: EU/EEA users face heightened exposure under GDPR's purpose limitation and data minimization principles if inputs are retained for model training without an explicit legal basis. California residents may have rights under CCPA to know whether their personal information is used in automated decision-making or AI training contexts. 4) CONTRACT AND VENDOR IMPLICATIONS: Developers and enterprise users of Unreal Engine and Epic Developer Assistant who submit proprietary content or client data through AI-powered features should assess whether the policy's disclosure is sufficient for their own data processing obligations under contracts with their customers or under applicable law. 5) COMPLIANCE CONSIDERATIONS: Legal teams should assess whether the AI input/output processing disclosure satisfies GDPR Article 13 requirements, particularly regarding retention period and any automated processing with legal or significant effects. If third-party AI infrastructure providers process user inputs, those providers should appear in data processing agreements and sub-processor registries.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision discloses that personally identifying user inputs are processed by AI-powered features, but the policy as excerpted does not address whether those inputs are used for model training, retained beyond immediate use, or processed by third-party AI infrastructure providers. This gap in disclosure is operationally significant for GDPR compliance (Articles 13 and 14 transparency requirements) and for enterprise and …
Under this provision, information submitted to Epic's AI-powered features including content that may identify the user is processed to generate responses. The agreement does not specify whether this data is retained for model improvement or shared with external AI service providers.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Unreal Engine.