In order to promote a healthy purchasing environment, reducing instances of customers purchasing products which deliberately break, we’ve established a sunsetting period, during which sellers have to ensure their external systems remain running as initially promised.


This policy applies to products which:

  • Rely on external DRM solutions.
  • Rely on installers which require external services.
  • Require external web services for core operations.
  • Use download replacement webhooks.
  • Are offered as Software as a Service products.

This does not apply to:

  • Non-Core Features (such as version checks, metrics or usage tracking)
  • Specifically, features which do not impede the core operations of the product.
  • Features for which failovers are available (self-hosted, alternative APIs)


Once a product is disabled, any external services required for its download, installation, or use must be removed in an update. Until they have been removed, such services must remain accessible.

Any external services which are required for core feature operation must either be provided as a self-hostable option, or replaced with an alternate service source.

When the product is not self-hostable (such as SaaS offerings), it must either remain accessible for a month after a self-hosted version is provided to end users, or accessible for 3 months after being disabled, whichever comes later.


Example

John provides a product which syncs in-game weather with an external data source. The product uses download webhooks to generate an API key, a 3rd party DRM solution to secure access, and a remote API to provide weather information.


Under this policy, after disabling the product, John would:

  • Remove the download webhook.
  • This allows the product to be downloaded, even when the webhook service is disabled.
  • Remove the DRM interaction.
  • This allows the product to be used, even when the DRM service is disabled.
  • Either make the weather information API available to customers, or provide a suitable alternative data provider.
  • This allows the core feature to still work.

Once the above steps have taken place, John can decommission their DRM and API infrastructure.


If you have any queries about how this policy relates specifically to your products, please feel free to open a site ticket.

Can't find what you're looking for?

Contact our support

Search products...