Children's data

Children and the processing of their personal data receive specific attention in the Applied GDPR.  

Recital 38 states:

"Children merit specific protection with regard to their personal data, as they may be less aware of the risks, consequences and safeguards concerned and their rights in relation to the processing of personal data.

Such specific protection should, in particular, apply to the use of personal data of children for the purposes of marketing or creating personality or user profiles and the collection of personal data with regard to children when using services offered directly to a child.

The consent of the holder of parental responsibility should not be necessary in the context of preventive or counselling services offered directly to a child."

Controllers must, therefore, be aware of whether they process children's data and ensure that they have adequate safeguards and procedures in place as the following provisions apply to, or restrict, their processing: