Parental consent for the processing of children's data according to GDPR
Parental consent for the processing of children's data according to GDPR
GDRP introduces a measure that protects minors. Specifically, in the case of a minor (if a child is not at least 16 years old), consent will also be required from his or her legal representative. How can such consent be verified?
Legal guardian's consent when processing personal data for minors under 16 years of age
The processing of personal data in the case of minors (up to 16 years of age) and the consent of the legal guardian are necessary if you are the operator of a web portal or a mobile application or provide any information services (sale of goods or services):
- You process personal information for online sales, send a newsletter, provide online financial or other remote services.
- You process the personal data of minors with the required consent.
In this case, you must make reasonable efforts to verify the confirmation of this consent.
Good to know
If you process the data as part of order processing, the consent of the legal representative is not necessary. Although it is an information service, processing is the subject of a purchase contract.
On the contrary, if the e-shop operator processes personal data also for the purpose of marketing (newsletter, business offer), not only for the necessary processing of the order, it is obliged to obtain such verification.
How to get such verification?
In practice, it is quite difficult to imagine how a business entity can verify the age of a user under 16, or the user in general. The GDPR states that it is necessary to make 'reasonable efforts' to obtain such consent. What can this mean in practice?
The information service operator (sales, application) will warn and declare that the provided service is not intended for users under 16 years of age. This means that a younger user should not be interested in such a service. Such a statement assumes that the user under 16 years of age has received the consent of his or her legal representative when using the service.
Violation of parental consent
It is the operator's responsibility to demonstrate that, if necessary, he has made reasonable efforts to verify that the legal guardian has consented to a visitor under 16 years of age. A breach may entail a fine imposed by the Office for Personal Data Protection of up to EUR 10 000 000 or up to 2% of the worldwide annual turnover of the company.
Vyhľadávanie
Most read articles
Categories
Recently added articles
Popular tags
Contact form
Preparation of Security Documentation in terms of GDPR from 139€ with insurance.
- Infoline:
- E-mail:
osobnyudaj.sk, s.r.o. Námestie osloboditeľov 3/A,
040 01 Košice
Non-binding free quote
from € 139 with insurance
We have provided services
to more than
11 500 clients
Questions and answers
Dear client, if you have not found
what you are looking for, do not hesitate
to contact us.
-
What is GDPR?
-
General Data Protection Regulation (GDPR) is the acronym for Regulation…
Find out more
-
-
Who is affected by the GDPR?
-
It applies to all persons processing personal data and any…
Find out more
-
-
What changes come with the GDPR?
-
The fundamental changes of the GDPR include: compulsory appointment of…
Find out more
-
-
Who is Data Protection Officer (DPO)?
-
All organizations processing personal data must count on the appointment…
Find out more
-
-
What happens if I do not comply with GDPR?
-
In the event of a breach of the GDPR regulation,…
Find out more
-
-
How can we help you?
-
Osobnyudaj.sk, s.r.o. is the largest provider of personal data protection…
Find out more
-
-
What are advantages of working with our company?
-
personal visits throughout the Slovak Republic are a matter of…
Find out more
-
-
What is personal data?
-
For the purposes of the GDPR, all information relating to…
Find out more
-
-
Who is Data Protection Officer?
-
All organizations processing personal data must count on the appointment…
Find out more
-