Developers of entertainment and serious games are confronted with a lot of personal data, such as IP addresses, account information or player statistics. In some cases the data is even necessary to polish your game, tweak your monetization structure and to make sure that you acquire and retain new players. As you might have known already, the General Data Protection Regulation (“GDPR”) comes into effect on May 25, 2018. This regulation contains the conditions under which a company is allowed to collect, use and share personal information. Violation of these conditions can result in receiving fines from the Dutch Data Protection Authority. Van Iersel Luchtman explains how you can comply with these new set of data protection rules in their nine step checklist.