EPIC GAMES PRIVACY POLICY

Children’s Privacy

Last Updated: June 7, 2023.

Welcome to Epic!

Epic Games, Inc. is headquartered in Cary, North Carolina. We and our subsidiaries have offices and operations located around the world that help create and deliver some of your favorite products and services, including games like Fortnite and development tools like Unreal Engine (see “Our Global Operations” below).

This privacy policy describes the different ways we may collect, use, and share information on, through, or in connection with the Epic Services (see “What are the Epic Services?” below). If you have any questions, you can always reach out to us as described in “Contact Us” below.

When we refer to “Epic” (or any similar terms like “we” or “us”) in this privacy policy, we mean the Epic Games entity that controls and is responsible for your information, including Epic Games, Inc. and its subsidiaries that help provide and support the Epic Services. You can also find details about the data controller for personal information we collect through different Epic Services in “Contact Us” below.
 

1. WHAT ARE THE EPIC SERVICES?

We use the term “Epic Services” to describe any Epic products or services that directly link to this privacy policy. These include, for example:

Note that your use of the Epic Services may also be subject to additional terms and conditions. For example, you must review and accept the Fortnite End User License Agreement (link) to play Fortnite, the Psyonix Terms of Use (link) to play Rocket League, and the Fall Guys: Ultimate Knockout – End User License Agreement (link) to play Fall Guys, and the Horizon Chase 2 End User License Agreement (link) to play Horizon Chase 2.

Please read this entire privacy policy. You should also carefully review any other agreements that apply to the Epic Services you use, and confirm you understand and agree to them, before using those products or services.
 

2. WHAT INFORMATION DO WE COLLECT?

The types of information we collect depend on how you interact with us. Generally speaking, we collect information in three main ways: A) when you provide it to us, B) automatically when you use the Epic Services, and C) from service providers and third parties.

          A. Information You Provide

You can provide us with different kinds of information depending on how you interact with the Epic Services. Sometimes we’ll ask you to provide specific pieces of information, such as when we require it to provide parts of the Epic Services to you (for example, by prompting you to provide your date of birth or complete an online registration process). If we ask you to provide us with information in these cases and you choose not to, you may not be able to access the relevant Epic Services and/or some features may not operate as intended.

For instance, in order to make purchases on the Epic Games Store and to play some of our games, you’ll need an Epic account. To create one, you’ll need to provide us with basic registration information like your name, a public-facing display name, password, the country you live in, and email address. If you want to make a purchase, we may ask you to provide payment-related information (like your credit card number and expiration date) to complete the transaction.

We also collect the information you voluntarily provide to sign up for email alerts, use social features like forums or chat, register for early access to our games, use our developer tools (including to create and publish games and other content), enable two-factor authentication, register for or attend our events, complete surveys, or contact us through Player Support requests or customer service. If you enter a contest or competitive event, or participate in our Support-A-Creator program, we’ll collect your application information and other information we may need to help confirm your eligibility and process payouts. We collect whatever information you choose to provide to us in those or other similar cases.

         B. Information We Collect Automatically

We collect some information automatically when you visit, access, or use the Epic Services. This includes information about your gameplay or application usage, purchases, entitlements, and other activity in the Epic Services, typically associated with your account (if you are logged into your Epic account or use a third-party account to access the Epic Services) or with an identifier we have assigned to your device or profile. While the specific types of information that we automatically collect may vary, they generally include:

The Epic Services use technologies such as cookies, log files, and web beacons to automatically collect the types of information listed above. Some of these technologies may create small files or record-keeping tools that may be stored on your device. They help us, our service providers, and third parties recognize your device and provide information about how you use and interact with the Epic Services. For example, they support our ability to authenticate users, remember preferences, manage advertising, personalize experiences, and conduct data analytics.

Please note that if certain features on the Epic Services are provided by third parties, those third parties may also use automated means of data collection and may record information about your use of the Epic Services or others’ websites over time. These features are subject to those third parties’ privacy notices and policies.

         C. Information We Collect from Other Sources

In some cases, we may also receive information about you from service providers and third parties in connection with your use of the Epic Services or your interactions with us on other platforms.

For example, some other developers allow you to use your Epic account to log in to their service. And if you choose to link your Epic account with your account on a third-party social media (like Facebook), gaming (like Steam), or other similar website or service, or if you interact with an ad for one of the Epic Services on an external website or service, the company that operates that website or service may share some information with Epic in accordance with their own privacy practices. Your privacy settings on the other company’s website or service typically control the specific types of information they can share with Epic, so please be sure to review and update them regularly. Common examples for linked accounts might include your third-party account display name and user ID, as well as associated device information, name, and email address. For participants in our Support-a-Creator program, we may also collect the number of social media account followers you have for program eligibility purposes.

You can also buy, download, or access some Epic Services on or through services operated by third parties. If you do, they may provide us with information to facilitate your access to and use of the Epic Services. This typically includes information like your display name, user ID, and device and region information. For example, you can choose to download and play games like Fortnite on gaming consoles (like PlayStation®, Microsoft Xbox, and Nintendo Switch) through your gaming console account. When you do, the company operating that platform or service may share some information with us, which helps us do things like facilitate your gameplay and track your progression and entitlements.

         D. Fraud Prevention & Anti-Cheat

Providing users with a fair, balanced, and competitive experience on the Epic Services is extremely important to us. We strictly enforce prohibitions against cheating, hacking, account stealing, and any other unauthorized or fraudulent activity on the Epic Services. We use a variety of anti-cheat and fraud prevention technologies to help us identify and prevent malicious activity. These services may collect and analyze data about your computer and the software on your computer to detect cheating and may be provided by Epic or by service providers such as BattlEye.
 

3. HOW DO WE USE INFORMATION?

As a general matter, we use the information we collect (either individually or in combination with other information collected as described in this policy) to help us provide, improve, customize, analyze, and promote the Epic Services.

This includes using it for purposes such as:

We may also process information that does not identify you individually, including aggregate or de-identified information that we create or collect from other sources. This information helps us better understand larger groups of users. If we combine this information with information that identifies you, we will treat it as described in this privacy policy. But please note that this privacy policy does not restrict our ability to process information that does not individually identify you, and we may use and disclose aggregated or de-identified information for any reason permitted by law.
 

4. HOW DO WE SHARE INFORMATION?

We may share some of the information we collect to help operate and improve the Epic Services. Depending on how you interact with us, common examples might include sharing:

No mobile phone numbers provided to Epic for security purposes will be shared with third parties or affiliates for marketing/promotional purposes. Third parties you interact with through Epic Services may have different privacy practices than Epic, so we encourage you to review their privacy policies before sharing your information with them.
 

5. CHILDREN’S PRIVACY

The Epic Services are intended to be appropriate for general audiences and are not directed to children (usually considered to be under 13, depending on where you reside). Epic does not intentionally collect personal information from children without seeking any required parental approval in accordance with applicable legal and regulatory obligations, such as the U.S. Children’s Online Privacy Protection Act (“COPPA”).

We may ask you to provide age-related information in order to help us comply with laws like COPPA. For example, we may request your date of birth to determine whether COPPA requires us to obtain verifiable parental consent from your parent or guardian before allowing you to access the Epic Services. If a user indicates they are a COPPA minor, we’ll require that user to complete a parental approval process before continuing to access the relevant Epic Services. This process is designed to notify parents that their child has requested access to the Epic Services, inform them about Epic’s privacy practices, offer them the opportunity to approve Epic’s collection and use of their child’s information as described in this policy, and describe the controls that we make available to them.

Once a parent provides their consent, we’ll give them an opportunity to review and change important account settings that control how their child can interact with the Epic Services. To learn more, see https://www.epicgames.com/site/en-US/parental-controls. Parents are also generally free to change or revoke the choices they’ve previously made, and can review the personal information associated with their child’s account or request that we delete it from our systems. To submit these requests or ask us any other questions you may have about how we handle your child’s personal information, please see “Contact Us” below.

Authorized child accounts are otherwise treated much like other Epic accounts unless the settings are adjusted through the parental controls available at https://www.epicgames.com/site/en-US/parental-controls. They can generally play approved games (such as Fortnite, Rocket League, or Fall Guys), access communications and social features (like chat and friends lists), and freely interact with most of the Epic Services (including downloading other games from the Epic Games Store). For additional details, please see “What Information Do We Collect?”, “How Do We Use Information?”, and “How Do We Share Information?” above.

SuperAwesome & Kids Web Services

The Epic Services use Kids Web Services (“KWS”) for parental and guardian verification purposes. KWS is a service focused on children’s safety that is offered by our subsidiary SuperAwesome. When you verify with KWS, SuperAwesome will remember that you have been verified the next time you use your email address to manage your child’s permission for other games or services powered by SuperAwesome so that you won’t need to do so again. This means Epic and SuperAwesome are jointly responsible for how your personal information is used for parent verification services.

You can learn more about SuperAwesome and KWS in SuperAwesome’s privacy policy here: https://www.superawesome.com/kws-privacy-notice/.
 

6. YOUR CHOICES AND CONTROLS

We seek to provide you with meaningful choices about the personal information we collect. The specific choices available to you often vary depending on the exact nature of our relationship with you, such as the Epic Services you use. Common examples include:

Some parts of the world provide individuals with specific choices related to their personal information by right under local law.
 

7. OUR GLOBAL OPERATIONS

Epic Games, Inc. is based in the United States, but we operate globally to help provide users all around the world with a better experience on the Epic Services. We have subsidiaries, offices, service providers, and partners worldwide to support these operations in a number of different ways -- for example, the developer of Fall Guys is a subsidiary called Mediatonic Limited that is based in the United Kingdom. This means that Epic may process the information we collect in connection with your use of the Epic Services in places outside the region where you reside.

          A. Data Transfers

When you use the Epic Services, your information may be transferred to or stored in the United States or other countries where we or our service providers operate. The data protection laws and rules in these countries may be different than those where you live. We rely on various legal mechanisms to help lawfully support transfers of information outside the country of collection where appropriate. If permissible under local law, you’re authorizing Epic to process your information in any of the locations where we operate (including the United States) by using the Epic Services.

To learn more about the Epic entity responsible for operating the Epic Services you use, see “Contact Us” below.  

          B. California Residents

The California Consumer Privacy Act or “CCPA” provides consumers residing in California certain rights with respect to their personal information. If you are a California resident, you may have the right to: (1) request to know more about the categories and specific pieces of personal information we collect, use, and disclose; (2) request deletion of your personal information; (3) opt out of sale of your personal information (if any); and (4) not be discriminated against for exercising these rights.

You or your authorized agent may make these requests by contacting us as described in “Contact Us” below. Note that we may ask you for additional information to help us verify who you are before completing your request. If we receive your request from an authorized agent, we may ask for evidence that you gave that person authority to submit requests to exercise rights on your behalf. We will not discriminate against you if you exercise your rights under the CCPA.

In the past 12 months, we have collected the following categories of personal information, as described in the CCPA:

For details about the precise data points we collect and the categories of sources where we got that information, please see “What Information Do We Collect?” above. We collect personal information for the business and commercial purposes described in “How Do We Use Information?” above.

Epic does not sell the personal information we collect. We do, however, disclose personal information as described in this policy (see “How Do We Share Information?” above). In the past 12 months, we have disclosed personal information to the following categories of recipients:

          C. Residents Of The European Economic Area, The United Kingdom, And Switzerland

If you’re located in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, you have certain rights regarding how your personal data is processed.

Data Subject Rights

You may have the right to access, correct, or delete personal data we have collected about you through the Epic Services. You may also have the right to a portable copy of the personal data you have provided, and to object to or restrict processing of your personal data, such as for direct marketing. Where you have provided your consent to our data processing, you have the right to withdraw consent.

You also have the right to make a complaint against us by contacting your local supervisory authority for data protection (if one exists in your country). We would, however, appreciate the chance to address your concerns before you contact a data protection regulator, and ask that you direct your complaint to us first.

Please see the “Contact Us” section below to learn more about reaching out to Epic with any relevant concerns you may have. You can find more details about your local Data Protection Authority as follows:

Basis for Processing

The legal bases we rely on to process your personal data depend on the Epic Services you use and how you interact with them. They primarily include:

Retention

Because the specific personal data we process and our reasons for doing so often vary depending on how you use the Epic Services, how long we retain it can also vary. We generally store personal data for as long as we reasonably need it for the purposes described in this policy (like complying with our legal obligations, managing internal records, enforcing our terms, and resolving disputes), unless a long retention period is required or permitted by law.

The main criteria we consider in determining specific retention periods often include minimum requirements under applicable law, relevant industry standards, the types of data in question (such as its level of sensitivity), relevance to potential litigation or similar proceedings (like defending ourselves against legal claims), and whether the data is required to prevent fraud or similar abuse of the Epic Services (including to enforce prohibitions against cheating and other unauthorized behavior). For example, if you create an Epic account, we will generally store the personal data associated with your Epic account for as long as needed to maintain your account, provide the Epic Services you requested, enforce any terms that apply and govern your use of the Epic Services, and maintain appropriate records to reflect how we deliver the Epic Services to you.

To learn more about requesting that Epic delete your personal data, please see “Your Choices and Controls” and “Data Subject Rights” above.
 

8. SECURITY

We maintain appropriate administrative, technical, and physical safeguards to protect your personal information from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use and other unlawful forms of processing. In some cases, your information is accessible when you log into a feature we offer, and in those cases you need to keep your user credentials and password confidential and secure so that your information is protected.  
 

9. UPDATES

We’ll update this policy from time to time to reflect changes in our practices or relevant laws. When we do, we’ll change the date noted at the top of the policy. In some cases we may also notify you of the relevant changes by email or within the Epic Services. Please review this policy regularly to make sure that you understand your relationship with Epic and the ways we may collect, use, and share information in connection with the Epic Services.
 

10. CONTACT US

If you have questions or concerns about the Epic Services (such as game-related issues, trouble accessing your Epic account, bugs or other technical problems, payment matters, or content and entitlement issues), please contact our Player Support teams. You can learn more about submitting support requests for products and services from:

If you want to learn more about our privacy practices or this policy, please email your questions about products and services from:

You can also contact us via postal mail (marked “Attn: Legal Department”) to Epic Games, Inc., located at 620 Crossroads Blvd., Cary, NC 27518, USA.

If you live outside of the United States

and you are using:

the data controller is:

contact information:

the Epic Games Store

Epic Games, Inc.

620 Crossroads Blvd., Cary, NC 27518, USA

For any questions or concerns about the handling of personal data, contact our Data Protection Officer at dpo@support.epicgames.com

You can contact Taylor Vinters, our EU/UK representative, at representative@taylorvinters.com

any games provided by Epic Games, such as Fortnite, that link to this privacy policy

Epic Games Entertainment International GmbH

Platz 10, 6039 Root D4, Switzerland

For any questions or concerns about the handling of personal data, contact our Data Protection Officer at dpo@support.epicgames.com

You can contact Taylor Vinters, our EU/UK representative, at representative@taylorvinters.com

any other products or services provided by Epic Games, such as Unreal Engine, that link to this privacy policy

Epic Games Commerce GmbH

Platz 10, 6039 Root D4, Switzerland

For any questions or concerns about the handling of personal data, contact our Data Protection Officer by email at dpo@support.epicgames.com

You can contact Taylor Vinters, our EU/UK representative, at representative@taylorvinters.com

products or services provided by Mediatonic, such as Fall Guys, that link to this privacy policy

Mediatonic Limited

Octagon Point, 5 Cheapside, London, EC2V 6AA, United Kingdom

For any questions or concerns about the handling of personal data, contact Mediatonic Games S.L.U, a Spanish subsidiary of Mediatonic Limited, our EU representative, at privacy@mediatonicgames.com

products or services provided by Psyonix, such as Rocket League, that link to this privacy policy

Psyonix LLC

401 A St. #4200, San Diego, CA 92101, USA

For any questions or concerns about the handling of personal data, contact Mason Hayes and Curran Professional Services Limited our EU Representative, at PsyonixGDPRrepresentative@mhc.ie

You can contact Taylor Vinters, our UK representative, at representative@taylorvinters.com

KWS services provided by SuperAwesome

SuperAwesome, as a joint controller with Epic

SuperAwesome Trading Limited

Octagon Point, 5 Cheapside, London, EC2V 6AA, United Kingdom

For any questions or concerns about the handling of personal data, contact our Chief Privacy Officer at privacy@superawesome.com

You can contact Mason Hayes and Curran Professional Services Limited, our GDPR Representative, at SuperAwesomeGDPRrepresentative@mhc.ie 

products or services provided by Life on Air, such as PostParty, that link to this privacy policy

Life on Air, Inc.

620 Crossroads Blvd., Cary, NC 27518, USA

For any questions or concerns about the handling of personal data, you can contact Taylor Vinters, our EU/UK representative, at representative@taylorvinters.com

products or services provided by Aquiris, such as Horizon Chase 2, that link to this privacy policy

Aquiris Games Studio LLC

c/o IBCPA, 20801 Biscayne Blvd, Ste 403, Office 415, Aventura, Florida, 33180, USA

For any questions or concerns about the handling of personal data, contact our Data Protection Officer at dpo@aquiris.com.br.

You can contact Taylor Vinters, our EU/UK representative, at representative@taylorvinters.com