It’s time to look at data protection from a child’s perspective.
That’s because from May 25th the way in which you obtain and handle the personal data of children will change. It’s the day when the EU’s General Data Protection Regulation (GDPR) comes into force.
The GDPR contains new provisions intended to enhance the protection of children’s personal data.
Under the GDPR, consent needs to be gained in order to process a child’s personal data. Children under the age of 13 cannot provide this consent, so instead, consent must be sought from a parent or legal guardian. Although many housing associations will have little need to hold the personal data of children, it will be up to the organisation to establish the age of an individual and if necessary, verify who the parent or legal guardian is.
That means the processes you currently use to obtain and manage the personal data of children might not be legally compliant from May 25th.
As Colin Sales, 3C Consultants’ Managing Director, explains in this video, now is the time to examine all the processes and systems you use for data collection, taking into consideration if any inolve data related to children.
You may find you need to put a new system in place to verify an individuals’ age and to obtain parental or guardian consent for processing their personal data if needs be.
The GDPR also has a requirement that all communications concerning the collection and handling of personal data are written in plain and simple language, which begs the question… ‘could even a child understand it?’.
If you need help or would like to discuss any issue that this GDPR video series raises, please call us now on 0333 900 3003.