who have a social media account for communications and to operate targeting purposes and for further a ‘suppression’ list to ensure those profiling of individuals through players that opt-out are not increased data sharing. marketed to again. There’s also a public register in the UK, the Email Marketing Preference Service, which must be Another regulated area is the checked regularly to catch any use of marketing communications, players who have opted out particularly where they are through that route. unsolicited and, again, player Mobile games consent to send these is needed. In the UK and EEA, players have App-based games can gather large an absolute right to opt-out of amounts of data from player devices marketing communications at and it can be challenging to achieve any time. data protection compliance in an Once again, a positive action app-friendly manner. is required by the player to give The key to ensuring data protection consent and best practice is to use compliance in apps is addressing an opt-in box. Consent must be privacy issues at the development opt-in where a third party is sending stage as, typically, this is where it’s the marketing communication and decided both how personal data of the third party should also be named players will be collected and how in the opt-in language. Opt-in information will be presented to consent is also required where players. The principle of data privacy the communication relates to by design and default is enshrined different products or services to into UK and EU law. Regulators those already being provided to highlight that other stakeholders a player (ie cross-selling). including app stores, OS providers, It’s essential to include an device manufacturers and other ‘unsubscribe’ option in all marketing relevant third parties must also 102