Learn more about the GDPR from PRIVO's experts in the children's online privacy industry.
The GDPR went into effect May 25, 2018. The regulation focuses on providing data protection and privacy for all individuals within the European Union and all individuals whose data is processed by an EU controller regardless of location. It also includes special protections for children’s data.
Children are vulnerable and need protection when online services are collecting and processing their personal data because they are often less aware of the risks involved when using Information Society Services ( apps, websites and connected devices). Here we take a closer look at the GDPR and Children and its impact on online services.
Children merit special protection with regard to processing their data for marketing. Recital 38 protects young users because they may be less aware of the risks, consequences and safeguards concerned with marketing.
Familiar with COPPA but new to the GDPR? Listen in as Claire Quinn and Jeff Brennan compare GDPR vs. COPPA in our on-demand webinar.
The GDPR sets the age of consent at 16, but individual member states may lower this as far as 13. A child below the age of consent cannot provide consent for themselves. When consent is the lawful basis for processing a child’s data reasonable efforts to verify that the person giving consent is old enough to do so, are required. Online services must obtain consent from the holder of parental responsibility for the child. View our Age of Digital Consent Map to see the age determined by each EU member state.
There are other key requirements when it comes to processing a child’s data such as clear, child friendly privacy notices and ensuring the child can action their rights including the right to be forgotten.
Transparency and accountability are especially important when it comes to children’s data online. Lack of transparency about the nature of processing data including persistent identifiers, is a violation of the regulation. This means ensuring that any third party processors your business works with are treating personal data compliantly too. Think analytics, attribution, email service providers and web hosting services to name just a few.
If you are an online service that processes children’s personal data it is vital to take the necessary steps to be GDPRkids™ compliant or risk a hefty penalty, brand damage and a loss of trust and integrity.
Things to keep in mind...
The GDPR has changed the privacy landscape bringing the protection of personal data into sharp focus for industry and consumers.
To keep your business on the right track and avoid hefty penalties, contact our GDPR experts today.
For more information and tips to get your business in line with the GDPR, check out our GDPR Checklist.
The GDPR has set the age of consent at 16, meaning users 15 years and younger need parent consent where applicable. However, member states can choose a younger age down to 13. See the map below.
Developers will need to prove that consent is valid, that it is informed and granular and that they have methods in place to allow parents to exercise their rights in relation to children. This may require parent dashboards or a parent portal to allow for the management of consent and revocation.
Work alongside our GDPR experts to ensure your services are compliant and still meet your business needs.
PRIVO was the first to market with its GDPRkids™ Privacy Assured Program. Some of the best loved brands in the kid’s space have met the program requirements and have been awarded the program Shield to display.
Learn more about Claire Quinn: PRIVO’s subject matter expert when it comes to the GDPR and children. Claire is PRIVO’s VP of Compliance and DPO, based in the UK. Check out our Interview with Claire to see more about how she works with businesses to make sure they are in compliance with regulations as they relate to children’s privacy.
Don't just be compliant, be GDPRkids™ compliant.
Noncompliance can result in significantly higher fines than have been issued before with an upper limit of 20 million euros or 4% or annual global turnover.
As a leader and pioneer in children's online privacy, we recognize the need for a dedicated compliance programs for businesses engaging with minors globally. Demonstrate to regulators and your EU customers that you meet the highest standards for children's privacy.
Protect your brand, build trust and integrity and see your business grow. Learn more about our program.