The ICO exists to empower you through information.

A best interests of the child assessment supports your DPIA, it is not a replacement or a separate compliance exercise. A DPIA is obligatory for all organisations in-scope of the code. You will have covered many steps within the DPIA by following the steps in this guidance. This includes describing your processing, identifying and assess risks, and measures to mitigate them.

To find out more about DPIA’s please visit standard 2 of the children’s code, data protection impact assessment, or visit our detailed guidance which explains what a DPIA is and when you need to do it.

We have developed a DPIA template specifically for the Children’s code alongside sample DPIAs for hypothetical online retail, gaming and connected toy scenarios to give you a reference point for completing your organisation’s DPIA.

To demonstrate your accountability you can publish your DPIA. Parents, civil society groups and other stakeholders will want to assure themselves you conform with the code.