The guidance on this page is suitable for organisations of all sizes and from all sectors. Small businesses can also use the resources on our small business web hub.
Who the Children's code applies to, and what you need to do to conform.
Codes of practice
The Children's code details fifteen standards that providers of online services that are likely to be accessed by children (such as apps, online games, and web and social media sites) must conform with.
Introduction to the first standard, understanding the rights of the child, identifying and assessing impacts and prioritising actions.
How the Commissioner expects businesses to meet the code’s age-appropriate application standard, how we expect age-appropriate application to be carried out and expectations for age assurance data protection compliance.
Guidance for ISSs whose service is likely to be accessed by children, even if it is not aimed or targeted at children.
In your sector
Frequently asked questions about applying the code to schools and education technologies.
Frequently asked questions about applying the code in the digital news industry, including whether the code applies to your organisation.
Running risk assessments, getting age assurance, being transparent, preventing detrimental use of children's information, high privacy settings, profiling responsibly and positive nudge techniques.
Conduct a risk assessment of how both the UK GDPR and the Children's code apply to your digital service, and get practical steps to apply to ensure a proportionate and risk-based approach to protecting children and their privacy.
We answer the most frequently asked questions about how to apply the standards of the code.
General DPIA template and example DPIAs for online retail, connected toys and mobile games or apps.