Call Us at: +44 1772 217800 +353 01 554 9700 +1 303 317 5998

Share

3 min read

Writen by Zlatko Delev

Posted on: July 9, 2021

Dealing with Children’s Data

According to the GDPR, children merit specific protection with regard to their personal data, as they may be less aware of the risks, consequences and safeguards concerns and their rights in relation to the processing of personal data.


Definition under the GDPR

Any information given to, or provided in communication with, a child must be in “such a clear and plain language that the child can easily understand”.

Where a child asks a business to provide a service for which payment is normally made, parental consent will be required unless the child is aged 16 years or over.

How does GDPR Age of consent differ across EU ?

Many EU member countries have the same age as the UK, with only one or two older and surprisingly some nations having no provisions at all.

  • Austria – 14 years old
  • Belgium – 13 years old
  • Czech Republic – 15 years old
  • Denmark – 13 years old
  • Finland – 13 years old
  • France – 15 years old (or younger with parental consent)
  • Germany – None
  • Hungary – None
  • Ireland – 16 years old
  • Italy – 14 years old
  • Netherlands – 16 years old
  • Poland – None
  • Slovakia – 16 years old
  • Spain – 14 years old
  • Sweden – 13 years old

What should your business be doing?

First, consider whether any of your services are targeted at children, or used by children. If so, it is important to ensure that your terms and conditions are up to date and satisfy the “clear and plain language” requirement.

Secondly, if your business does process any personal data relating to children, review how you obtain consent at the point of collecting that data. Do you take steps to verify the child’s age? Are those steps reasonable? And if the child is under 13 years old (in the UK), how can you ensure that you obtain the consent of someone with parental responsibility for that child?

And then take steps to ensure that, should a data subject ever look to exercise its rights under the GDPR, you verify the age of the data subject before responding …and if the data subject is a child, ensure you respond in suitable language. Or potentially, if the child is particularly young, consider responding instead to somebody with parental responsibility for the child.

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
Zlatko, Stefania, Adam.

Contact Us

Recent blogs

5 noticable GDPR statictics from 2021

During the previous year a lot of companies finally got aware of the Data Protection and the GDPR r

Data Protection and Corona Virus

Since vaccinations against corona virus became available, the employers have been increasingly seek

Can you refuse to comply with a Data Subject Access Request [SAR]?

The right of access under GDPR gives data subjects the right to obtain a copy of their personal dat

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.

06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.