MythosMUD COPPA Checklist
Apply when adding or changing:
- •User data collection or storage
- •Registration, login, or account features
- •Any feature that could be used by or affect minors (under 13)
Checklist
- • No PII from minors without consent: Do not collect personal information from minors unless explicit parental consent is in place.
- • Data minimization: Collect only data essential for the feature or game functionality.
- • Secure storage: Data must be encrypted and stored securely.
- • Right to deletion: Users (and parents for minors) must be able to delete their data through supported flows.
- • No tracking: No behavioral tracking or profiling of minors.
Implementation
- •Privacy by design: Consider privacy in the design of the feature, not as an afterthought.
- •Secure by default: No optional hardening; defaults must be secure.
- •Secrets: Use environment variables only; never hardcode secrets.
- •Input validation: Validate and sanitize all inputs on the server.