Processing of personal data by children’s apps

Applications that process children’s personal data must comply with the rules on the protection of personal data and ensure the security and confidentiality of such personal data. In Article 8, the General Data Protection Regulation (GDPR) lays down certain requirements for applications processing children’s personal data.

These requirements include:

  • Obtaining parental or legal guardian consent before processing personal data of children under 16
  • For children over 16, consent is obtained directly from them
  • Ensuring that information presented to children is appropriate to their age and level of understanding.
  • Access to children’s personal data is allowed only to authorized persons.
  • Ensuring that children’s personal data is stored securely, respecting confidentiality, availability and integrity.
  • The operator shall make all reasonable efforts to verify in such cases that the holder of parental responsibility has given or authorized consent, taking into account available technologies.

It is important for parents to be aware of how the applications their children use handle personal data and to take precautions such as reading privacy policies and setting privacy preferences before using applications. Parents should also explain to their children the importance of protecting personal data and teach them how to manage their personal data responsibly.