A Deep Dive on How Overwolf Handles User Data

Disclaimer: This post is a bit more technical than a normal high level explanation on data and privacy. For a more high level explanation, you may want to go here.

Avner Florenthal
Jun 15, 2020 · 5 min read

Background and Data Regulations

The purpose of this article is to be transparent and to set the record straight on how exactly we collect data, what that data is used for, and how we do not under any circumstance sell personal data or ad related data. If you have any further questions or need clarity on any privacy related topic, please reach out to support@overwolf.com.

Data handling has been a major focus over the last decade following a bunch of public scandals, perhaps the famous of them all is Cambridge Analytica + Facebook. In short, this resulted in several important privacy regulations including GDPR, CCPA and COPPA. The purpose of these regulations is to regulate how companies handle digital user’s footprints, provide do’s and don’ts, and force companies to provide services such as “the right to be forgotten” (aka “Delete my data”) and allow one access to see a copy of his or her data. Overwolf is compliant with these privacy regulations, so sharing with you the following paragraphs on how and why we are collecting data, is actually pretty straightforward for us.

Data flow

Let’s walk through how exactly Overwolf collects user data:

  1. A gamer downloads an app
  2. While the app is getting installed together with the engine (i.e Overwolf) an anonymous unique identifier is generated for the user. This identifier is called Machine Unique Identifier, aka ‘MUID’.
  3. Gamer plays a game with the app
  4. Analytical events are being set throughout this process:

These analytics events are sent to a CDN provider, parsed, aggregated and sent to a Database. We use Amazon S3 for storage and Snowflake or MySql for compute.

Once that is completed, the MUID has all its analytics attached to it, but it still doesn’t tell us who that person is. The most detailed piece of information that is collected is the user’s IP, which is used to personalize language and track app performance since some bugs are sensitive to server distributions and game versions across regions.

After that super ordinary process has ended, we aggregate and present the anonymous data to the app’s developer, so he/she can take actions such as:

If that gamer does choose to sign-in to Overwolf, which is non-mandatory, he’ll then have a record in Overwolf’s database, but that information is kept sealed and it is not shared with any of the app developers, nor with any 3rd party partner.

The end result, AKA the dashboard for the app developers, looks like this:

* that’s Redash btw, an open source BI tool we use to visualize the data

Here’s a simplified schema that describes the flow:

What is that data being used for?

Diving in a little deeper, here are some sample tables that we keep track of:

Sample database tables

Apart from exposing this data to the app developers, we only use it to track the health of our framework, highlight good trends and fix bugs.

Now, let’s talk about selling data

As mentioned in Overwolf’s Commitment to Gamers, we don’t sell personal data. Period.

The ONLY way we make money off data (and it’s very little, about 2% of our total revenue) is by selling aggregated, non personal reports to an industry-leading research company called NewZoo, which provides general insights and trends about the gaming market. We don’t sell data to commercial companies, nor do we plan to do so in the future.

Here’s one example of NewZoo’s reports: https://newzoo.com/insights/rankings/top-20-core-pc-games/

What’s the Business Model?

The Overwolf framework is built around a set of APIs and tools that allow creators to build their app in a gaming oriented environment. Since it’s kinda hard to spend so much time developing those wonderful apps, keeping them up-to-date and making sure they have 100% uptime, we introduced ads as a means to allow a steady income for the app developers. Overwolf works in a revenue share model with creators, and our cut is between 20 and 30 percent. We recently introduced a subscription model as well to allow another path for monetization while opening up the opportunity to remove ads. The bottom line is that we understand aversion to ads, but they are an avenue that enables developers to earn a fair wage for their work and it is important for us to give them options for monetization. BTW, we are quite strict on where developers can place ads.

How does that affect you?

Without data collection, developers cannot iterate and improve their products. It’s like building a machine in a dark room. As a result, we can enjoy apps that compliment the game, enhance the gaming experience and don’t break (well, often).

*Update - following PoE AMA — Overwolf plans to add an opt-out option from data collection.

Overwolf Blog

We are a guild for in-game creators that empowers them to create, grow, and monetize in-game apps.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store