Player Data Management

This page offers a guide to addressing some areas of player data management for your game when using the GameSparks service:

FAQs? Review Frequently Asked Questions about managing your player's data.

Data Capture

When you use the GameSparks service, you can avoid storing and sharing any personal data linked to the players of your game. The options here will depend on decisions you have made regarding the set up of your game for:

Gathering Personal Data - Directly or Indirectly

We've designed our services to avoid the need for you to share or store personally identifiable information of your players on our services. If you make certain choices - such as integrating with social networks or asking your players for personal data - then the service will store and process the data you choose. This is your decision, and you are responsible for obtaining the necessary consent from your end users, employing appropriate safeguards (such as the use of anonymous identifiers, data encryption, and so on), and for complying with privacy law applicable to you.

If you receive a request from an individual player to delete their data, you can accomplish this using the tools and methods listed below in Removing Data.

Authentication Methods

When a player registers with a game in GameSparks, the player data captured is dependent on the authentication method you select for your players. For all authentication methods:

Device Authentication

The DeviceAuthenticationRequest is used to create an anonymous registration. In this case, the following is recorded:

Username/Password Authentication

The RegistrationRequest creates a user that is identified by a username and password. In this case, the following is recorded:

Social Network Authentication

The ConnectRequest API calls, such as FacebookConnectRequest, authenticate the player against the chosen social network. In this case:

Data Encryption

The GameSparks service implements encryption to safeguard your data. We also recommend that you encrypt data before sending it to, or persisting it in, the GameSparks service.

At Rest

The storage used by the databases supporting the GameSparks service is encrypted using AWS EBS encryption (for details, see the Amazon EBS Encryption guide).

In Transit

All communication between clients and the GameSparks service is encrypted using the Transport Layer Security (TLS) protocol.

Data Storage Locations

Preview Stage

When you first create a game in GameSparks, to minimize developer latency the Preview instance of the game is deployed in the closest region to you based on your IP address. This region will be either Europe, Americas, or Asia.

Live Stage

When you publish the game for the first time, you can select which region it is deployed to. The data that you store in your game is only persisted in the country where games are deployed for the region you have selected for the published version of your game. The specific countries we deploy to for each region listed in GameSparks are:

We do not transfer any data stored by a game outside of these countries, with the exception of backups which we replicate to other countries in the same region. The replication location for each of our regions is as follows:

Data Transfer

Once you have selected the region for your game, we do not transfer the game's data outside of the region the game is deployed to. However, by accessing your game in GameSparks through our published APIs, you may choose to transfer this data to other regions.

Removing Data

You can delete any of the data stored by GameSparks at any time.

Individual Player Data Deletion

The data associated with an individual player can be deleted with a Cloud Code API deletePlayer request:

This request removes the player record and all system collection references to the player in question.

External Authentication Data Deletion

Individual External Authentication records can be deleted from the externalAuthentication database collection using either the NoSQL Explorer:


Custom Data Deletion

If you have stored data in custom collections or in Game Data, then you must remove this data yourself using either Cloud Code:

Or using one of the Management APIs:

Entire Game Deletion

You can delete an entire game from GameSparks by clicking the Delete button in the game:

If you do this:

Account Deletion

If you wish to delete your GameSparks account, please raise a support ticket at:

Or send an email requesting that your account be deleted to:

If you do this:

Amending Data

You can change a player’s username or display name using this API call:

You are responsible for amending any custom data you store about a player using one of the NoSQL/Data APIs:

Extracting Player Data

If you wish to extract player data in response to a request from a player, you can extract their data using the following APIs:

Data Retention

Even though you might delete player data manually at any time, the GameSparks service doesn't automatically delete any data stored in your game. You are responsible for managing the retention of any data stored within a GameSparks game and we recommend that you set up automatic deletion via Cloud Code or by setting up Time to Live (TTL) on your data.

API Stream

The API request/response data presented within the API Stream is available online for up to 7 days in Preview and 5 days in Live. The raw data is retained for 7 days from creation and then automatically deleted.


The databases associated with your game are backed up multiple times per day, with these backups retained for 7 days.