The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

This section outlines how to design privacy information that meets children’s needs as they grow and develop.

 

Things to do

Map what data you collect and when

You should understand how you collect data in the context of your user journey to identify when and how to communicate privacy information. Look out for moments where you:

  • track geolocation;
  • use personalisation; or
  • share data with other users or third parties.

In some cases, when children first use a product you may need to explain how your service uses data, step by step. In other situations it might be better to show privacy information in ‘bite-size’ chunks when you collect data. These are called just-in-time notices.

Example of a just-in-time notice: Ask permission to access personal data when you collect it so children understand what happens to their data and why.

 

Example of important privacy ‘moments’: Children may want to review privacy decisions when you change or update products.

Find important ‘moments’ in your user journey

You might need to show privacy information as the product changes:

  • Onboarding - the first time someone understands how your product uses data.
  • Adding or removing features - show how customising the experience affects how you use personal data.
  • Reviewing or changing settings - give children control of personal data on their terms.
  • Releasing product updates - give children the opportunity to change preferences as the product changes.
  • Deleting user accounts - make it easy to delete or transfer personal data at the end of the journey.

 

Create data privacy moments maps

Visually map important privacy moments on to your user journey and identify risks, questions and ideas.

 

Think about how children using the product might change privacy ‘moments’

Children using a product for the first time may not know enough about the service to make confident decisions about sharing data.

Think about other moments in your user journey where children have more time to understand what's happening to data or review their past choices.

Example of reviewing a privacy decision: Give children options to change privacy decisions as they learn more about how the service work.

 

Things to avoid

Don’t squeeze multiple privacy decisions together

Designing multiple 'just-in-time' notices in a short space of time may cause decision fatigue. Having multiple decisions to make may be overwhelming and prevent children from meaningfully engaging.

 

Don’t hide privacy information where children won’t find it

Make sure privacy information is easy to find. Don’t bury important information in sub-menus that require children to click through multiple options to access it. Instead, place privacy information where children are likely to visit.

 

Things to check

  • Have you mapped how and when your service collects data in context of your user journey?
  • Have you understood how key moments in your user journey might affect when and how you communicate privacy information?
  • Have you identified how privacy ‘moments’ might change as children use your service more and better understand how and why you use data?

Explore more themes

Design for meaningful parent-child conversations

This section outlines how to design interactions for parents and carers to help children navigate the digital world and make informed choices.

 

Protect children’s privacy by default

This section outlines how to design privacy settings for children so they offer the highest protection by default.