When Steam Epic and Mobile Policy Changelogs Move Mid-Sprint - Ninety-Minute Evidence Sync for Unity and Godot Teams (2026)

Your build can be green. Your trailer honest. Your Steam depot map sane. None of that protects you when a store policy page you never pinned moves the definition of acceptable metadata the week you freeze strings.

In 2026, Unity and Godot teams routinely ship the same codebase to Steam, Epic Games Store, Google Play, and the App Store. Each surface publishes news, policy center updates, and partner documentation at different cadences. RSS feeds retire, portals gain new tabs, and well-meaning AI summaries confidently cite paragraphs that no longer exist. Without a lightweight evidence sync, producers discover drift only when review rejects a build—or when legal asks why your privacy copy disagrees with your binary.

This guide is a ninety-minute policy changelog and evidence ritual for small teams. It is not legal advice. It is a repeatable way to turn “someone should watch the feeds” into rows your release captain can defend.

May 2026 maintenance note: teams are now seeing same-sprint pressure where store metadata, privacy disclosures, and SDK disclosure wording are reviewed together instead of in separate lanes. That changes the practical risk from “copy cleanup later” to “submission hold today,” which is why this pass now emphasizes binding each diff to an owner ticket before upload week.

If you are already deep in Steam listing hygiene, pair this pass with our Steam store page capsule and short description ninety-minute QA and Steam depots beta branches and default build discipline. For Android stability evidence in the same window, cross-read Google Play pre-launch report triage. For iOS App Store Connect privacy tables, use App Store Connect App Privacy ninety-minute data inventory. For cross-store listing copy discipline, keep Google Play and App Store metadata policy checklist for Q2 2026 open beside this agenda.

Why this matters now

Three forces make policy drift a mid-sprint engineering risk, not a compliance department hobby.

First, platform motion accelerated. Steamworks partner documentation, Epic public-facing developer rules, Google Play policy center articles, and Apple Developer News all ship incremental edits that change what “obvious” means for screenshots, AI disclosure, account deletion, and data safety wording. Teams that only read policy at kickoff inherit silent assumptions.

Second, indie calendars stack PC and mobile milestones. The same Unity Addressables or Godot export preset may feed Steam tonight and Play console tomorrow. When metadata rows disagree across stores, you do not get a polite merge conflict—you get human review queues and publisher escalations.

May 2026 reminder: more review teams are cross-checking whether your Data safety / App Privacy claims match the feature and SDK story in your public listing text. If your wording drifted while policy pages moved, this shows up as a cert blocker rather than a post-launch cleanup note.

Third, evidence culture is catching up. Partners ask for links, archive timestamps, and screenshots with hashes. That expectation intersects painfully with Git hygiene—if your commit story and store story diverge, you want the same discipline our Git LFS and large binary hygiene ninety-minute pass describes, applied carefully to policy URLs and export artifacts.

Direct answer

A ninety-minute policy evidence sync is done when your team can show one table where each platform row lists what you ship this month, which authoritative policy or news URL you treat as binding, when you last fetched it, what changed since the prior fetch, and who owns the follow-up ticket if the diff is non-empty.

This pass does not predict the future. It stops surprise from masquerading as bad luck.

Who this is for

• Producers who own submission calendars across PC and mobile
• Engineers who implement account flows, privacy panels, and SDK disclosures
• Solo devs who need a checklist before they say “we are ready to upload”

Time budget: about ninety minutes once per milestone or before each cert window, shorter for hotfix lanes if you narrow scope to the stores you touch.

Before you start

Collect:

• A list of stores you actually ship on this quarter (Steam, Epic, Play, App Store, itch, and so on)
• The exact SKU or app id names your spreadsheets use (avoid alias drift between “main game” and “demo”)
• Access to your ticket system so diffs become work, not chat
• A PDF or HTML archive habit—browser “save as” is fine if your policy allows it

Pro tip: If two teammates cannot agree which URL is authoritative for Epic self-publishing rules, resolve that before minute ten. Guessing burns the whole pass.

The ninety-minute agenda

If you only ship Steam this month, collapse the mobile block to ten minutes and spend the savings on depot and branch evidence instead.

Step 1 - Build the policy evidence table (template)

Create a sheet with one row per surface you depend on. Minimum columns:

• store
• artifact (for example Steam store page, Epic product configuration, Play Data safety, App Privacy questionnaire)
• authoritative_url (the exact page your legal team trusts—not a third-party blog)
• last_reviewed_at_utc
• fetch_sha_or_note (either a hash of archived HTML/PDF bytes or a clear note like screenshot set v3 stored beside the packet)
• diff_summary_since_last (empty string means no material change detected)
• owner
• ticket_if_non_empty

Common mistake: Recording google.com search URLs instead of canonical partner pages. Auditors care about first-party sources.

Step 2 - Steamworks and Steam news discipline

For Steam:

1. Open Steamworks documentation home from a clean session and confirm you are reading the partner surface, not a cached consumer help article.
2. Note any navigation changes since your last pass—Steam groups features under shifting headings when festivals or Deck programs evolve.
3. If your game uses demos, workshop, or cloud, expand the row into sub-rows so feature policy does not hide under a generic Steam label.

Pair Steam copy work with the ninety-minute listing QA article linked above. Pair binary truth with depot discipline so policy rows do not fight technical rows.

Festival and demo windows add noise on purpose

Next Fest and seasonal Steam events do not change physics, but they do change what your store page is allowed to promise relative to your build. Marketing wants urgency language; Steam wants honest demo boundaries; QA wants stable branches. During those weeks, policy diffs often arrive as new graphical asset expectations, trailer length guidance, or review queue behavior notes buried in partner announcements rather than the doc page you usually read.

When you extend the evidence table for a festival lane, add columns for event name, start UTC, and which beta branch players receive. That keeps policy awareness tied to the same branch story your depot checklist already tracks, so producers cannot green-light store copy that references features still sitting on a private beta your default branch never received.

Deck and controller-adjacent policy rows

If you claim Steam Deck Verified or Playable posture in copy, add a sub-row that points at Deck compatibility documentation and your internal Deck profiling notes—not only generic PC requirements. Controller glyphs, readable text, and performance guardrails are policy-shaped engineering tasks. Treat them as first-class diff sources so marketing screenshots do not drift from engineering truth under review pressure.

Step 3 - Epic Games Store and PC alt-store parity

For Epic (when you ship there):

1. Identify whether your team treats public documentation pages, in-portal notices, or publisher communications as binding. Write that rule in the owner column so a new producer does not improvise.
2. Capture product metadata rules that affect screenshots, ratings, and release timing separately from engine integration docs.
3. If you mirror Steam strings on Epic, add an explicit diff step—PC audiences tolerate different tone, but compliance fields tolerate zero divergence when legal names must match.

Screenshot and trailer deltas teams forget

Even when both stores sell the same PC build, Epic and Steam often disagree on safe area expectations, UI density in capsules, and whether work-in-progress watermarks belong in public screens. Run a literal side-by-side diff of your hero image set after each policy fetch, not only a text diff of descriptions. Visual policy violations are expensive because they are obvious to humans and opaque to grep.

Release timing and exclusive windows

If you sign timed exclusivity or promotional windows, your policy table should include calendar rows that cite the paragraph authorizing the window, not only the contract pdf stored elsewhere. Mid-sprint churn often arrives when portal tooling changes how exclusivity flags surface to reviewers. When the tool moves, re-fetch the same policy anchor and update your ticket that binds the flag to the clause.

Step 4 - Google Play policy center and console news

For Android:

1. Open Google Play Android developer help policy paths relevant to your SDK list, AI features, and data types.
2. Compare against your pre-launch report severity table—policy changes often land first as warnings your pre-launch surface already showed.
3. If you maintain Q2 2026 metadata checklist rows, update the same IDs rather than duplicating a second shadow table.

Step 5 - Apple Developer News and App Store Connect reality

For iOS:

1. Scan Apple Developer News for entries dated after your last freeze. API required reason and privacy manifest pressure continued to tighten across Xcode generations—your Unity or Godot export pipeline must match the template you think you ship.
2. Cross-check App Privacy labels against the ninety-minute inventory article—label versus binary mismatches are a classic post-policy-edit failure mode.
3. If you ship multiplayer with Sign in with Apple, Family Sharing, or ATT flows, ensure policy rows mention those SDK strings explicitly so engineers do not treat them as marketing footnotes.

When AI summaries collide with primary sources

Large language models are useful for routing—“this paragraph probably affects SDK disclosure”—but they are a terrible system of record. They truncate, merge sections from different years, and occasionally hallucinate anchor text that reads plausibly but does not exist in the partner portal.

Use AI only after you fetch primary HTML or PDF bytes. A practical split:

• Model output belongs in a scratch column labeled non-authoritative.
• Authoritative cells contain URLs, archive paths, and hashes humans opened.

If your team skips that split, you will eventually file a ticket against a paragraph nobody can find, which burns trust faster than missing a feature.

Step 6 - Turn diffs into tickets (not vibes)

When diff_summary_since_last is non-empty:

• Classify each bullet as copy, SDK disclosure, build setting, or unknown.
• Unknown must become a ticket with acceptance criteria that cite the URL anchor you saw.
• Copy tickets should cite which locale files or CMS rows change.
• SDK tickets should cite package names and versions from Unity Package Manager or Godot project.godot plugins sections.

Pro tip: If a diff is real but irrelevant to your SKU, record waived_not_applicable with a one-sentence rationale so auditors see intentional scope, not neglect.

Step 7 - Archive discipline that survives nervous lawyers

Pick one team convention and keep it boring:

• Store HTML or PDF exports in a versioned folder with date stamps in the filename.
• If you hash, hash the same bytes reviewers open, not a pretty-printed markdown conversion nobody uses.
• Link the folder path in your release packet so Git tags and store evidence stay siblings, not distant cousins.

This is the same evidence instinct as Git LFS and Steam depot rows—artifacts first, narratives second.

Common mistakes

• Relying on social threads as primary sources for policy claims.
• Assuming English policy paragraphs translate cleanly to storefront locales without a localization owner.
• Treating Epic and Steam screenshot rules as identical because both are PC.
• Letting AI chat summaries replace fetch—models compress nuance and invent anchors.
• Skipping mobile rows because this build is “PC only” while marketing still runs iOS TestFlight banners that promise features you deprecated.

Beginner quick start

If you only have twenty minutes:

1. Update Steamworks and Play policy URLs you bookmarked last month.
2. File one ticket per non-empty diff.
3. Paste links into your release notes draft so comms cannot drift from engineering.

Red-team prompts for producers

Ask aloud:

1. “Which URL would we hand a skeptical partner if they challenged our screenshot layout?”
2. “Did any SDK we ship last Tuesday change disclosure obligations this Monday?”
3. “If Apple news drops mid cert, who stops the upload?”

Hesitation is a signal to widen scope, not a reason to skip the row.

Key takeaways

• Policy is a living document set—pin sources per store and refresh them on a cadence.
• Steamworks, Epic docs, Play help, and Apple news are different tempos—one owner per surface prevents orphan feeds.
• Diffs must become tickets or documented waivers, not Slack threads.
• Cross-store teams should mirror metadata checklists so PC copy changes do not poison mobile truth.
• Archives plus hashes beat memory when partners ask what you knew when.
• AI summaries are navigation hints, not evidence.
• Pre-launch warnings often precede policy center language updates—pair them.
• App Privacy and Data safety tables reward boring honesty—refresh them when feeds move.
• Solo devs win by writing down URLs even when no one asks yet.
• Repeat this pass after each major SDK bump or store console navigation reshuffle.

FAQ

Is this a substitute for a lawyer?

No. This pass improves operational awareness and evidence hygiene. Contract and regulatory questions belong with qualified counsel.

How often should we run the full ninety minutes?

At least once per milestone freeze, plus ad-hoc when a trusted feed announces material changes in your categories.

What if we only sell on Steam and itch?

Narrow the table to those rows and reallocate time to itch.io Butler QA and Steam depot evidence instead of mobile surfaces.

Should engineers attend or only producers?

Both. Engineers spot SDK implications faster; producers spot copy and timeline implications faster. Split the timer if headcount is tight.

Do we need automation?

Helpful, not mandatory. A monthly calendar invite plus this template beats a broken RSS parser nobody owns.

Conclusion

Store policy changelogs will keep moving in 2026. Indie teams win not by predicting every paragraph, but by proving they looked and acted when the paragraphs shifted.

Run this ninety-minute sync before you tell players a date you cannot defend—and keep the table next to your Steam QA and mobile metadata rituals so one story survives contact with every store.

If your studio already runs a weekly live-ops meeting, append five minutes for policy diff highlights only—no feature debates—so store motion stays visible each week without stealing engineering deep work blocks.

Further reading

• Steamworks documentation for partner-facing feature and release references
• Google Play Android developer help for policy and console guidance
• Apple Developer News for timed announcements that often precede Xcode and App Store behavior shifts