GDPR & Children's Code Compliance


Understand your obligations as a company. Join PRIVO's GDPRkids™ Privacy Assured Program to work alongside our experts on GDPR and Children's Code compliance as it relates to children and information society services. 



The EU General Data Protection Regulation (GDPR) came into force on May 25th, 2018. Noncompliance can result in significantly higher fines than have been issued before under the DPA with an upper limit of 20 million euros or 4% or annual global turnover, whichever is higher. Under the GDPR, children under 16 merit specific protection, which includes adopting measures to verify a child's age and managing consent.

Program Benefits

As a leader and pioneer in children's online privacy, we recognize the need for a dedicated compliance program for businesses engaging with children under 18 in EU Member States. Demonstrate to regulators and your EU customers that you meet the highest standards for children's privacy. 

PRIVO's experience in the children's privacy space and position as an influencer in the industry ensures the highest standards of support for your organization.

  • Work with thought leaders and child privacy experts
  • Protect your brand
  • Provide customer assurance
  • Equip your team with privacy risk assessment tools
  • Display the GDPRkids™ Privacy Assured Program seal on your website and apps
Here’s a few of our

Certified Program Members

Go to the my.PRIVO directory to see more

Assure Your Online Properties are GDPRkids™ Compliant

Work with the PRIVO team to be compliant with the Children's Code and understand the GDPR as it relates to children and ensure your websites and apps are compliant.


Schedule a time to talk

Program Highlights

Comprehensive Assessment

Identify all data and assess the purpose of collection, data retention and the legal basis for processing.


Carry out a Data Protection Impact Assessment (DPIA), known in the US as a PIA, if the data processed is “likely to result in a high risk to the rights and freedoms of natural persons” -GDPR Article 35

Parents & Children's Rights

Understand the rights of your users and how to meet them.
Understand how to comply with the including the ICO's Children's Code.

Consent Process

Consult on meaningful and informed consent.

Transparency & Notice

Meet the need for transparency and explicit notice, including just in time and layered privacy notice. Ensure your notices and privacy policy are compliant.

Data Breach Notification Procedures

Review policy and process.

Storing Data/ Data Transfer Review

Review policy and process.

Findings Report

Provide a detailed Findings Report that includes recommendations, potential solutions and requirements.


Meet with a dedicated privacy solution expert on a regular basis to consult and review changes until solutions are defined and the PRIVO Kids Privacy Assured GDPRkids™ verified mark is awarded.

GDPRkids Verified

Awarded PRIVO's GDPRkids™ Privacy Assured Program verified mark to display on applicable online properties that link to a custom validation page once necessary changes are made and the online property is deemed compliant. The online property will also be showcased in PRIVO’s Discovery Platform.


Children's Code
Support to comply with the Children's Code.

Age of Consent

The GDPR has set the age of consent at 16, so users 15 years and younger need parent consent where applicable. However, member states can choose a younger age down to 13.

Developers will need to prove that where they gain consent is valid, that it is informed and granular and that they have methods in place to allow parents to exercise their rights in relation to children. This may require parent dashboards or a parent portal to allow for the management of consent and revocation.