Hi everyone, I'm developing a mobile game and I'm trying to figure out a good way to comply with GDPR. The game in question requires GameSparks (GS) to function (it is used for multiplayer + profile storage), but GS also tracks user IP's and device names and there is no way to disable that. I also use GameAnalytics/Fabric-Crashlytics/Facebook Login, and the game can function without them just fine. ( Also what's funny is that GameAnalytics uses completely random user id's, so there is no way for anyone to correlate real person to collected data. I have no idea what gonna happen if someone gonna send DSR request for exporting data ).

My problem is that I can't find any good examples how to implement opt-in correctly. Most games started to just introduce "ad tracking" toggle (like here https://itunes.apple.com/us/app/diggerman/id1045447651?mt=8 ), but it seems not to comply with requirement of granular opt-in (like user should be able to disable one service, but keep others). So anyone has any examples how to do this?

Some big co also do weird things (Jetpack Joyride, Hill Climb 1/2, Trials Frontier, PUSH SUSHI, etc): they just put "please accept updated privacy policy" with just one "OK" button. There is no opt-out from tracking. How that is even legal under GDPR?