@troylyndon I’m not completely sure about that. Been trying to find information in other forum threads, but can’t figure out what the bottom line is.
The Corona Labs privacy policy states things such as: “Information from Apps. Each time you use an App, we may collect certain information from you, including the bundle identifier or package name of the App, your IP address, device operating system, cookie identifiers, unique device identifiers, and the time when you launch the App.”
If that is true, then according to GDPR we must inform out users about this and also give them a way to opt out, which I understand has never been offered by Corona Labs.
But in the GDPR Compliance forum topic I read this response from Rob at https://forums.solar2d.com/t/gdpr-compliance/347017/189:
“Ben, starting with daily build 3286, we stopped collecting anything that fell into the personal ID category (IP address, IDFV, the Android equiv). (Note, you should use 3301 or later since we fixed some build bugs on older iOS and Android versions). If you use a community made plugin, we don’t control the source to that plugin and it’s up to the vendor to make sure their plugin is GDPR compliant. And for plugins we have control over the plugin source, once we call the third-party SDK, we no longer have control over what that SDK does.”
If that is true, then we don’t have to include Corona/Solar2D in our own privacy policy, and instead just focus on the plugins that we use that may collect user data.
So… Does anyone know for sure if any sensitive user data is collected?
EDIT: If I don’t hear otherwise I’ll just assume what Rob said (see above) is true and that no personal ID data is collected anymore. Meaning there’s no need to link to any Solar2D privacy policy when it comes to GDPR consent in our Solar2D apps.