Step 5: Identify and assess risks
We have carefully reviewed our processing and do not think that we carry out any activities that are likely to pose a significant risk to users. Specifically, we are satisfied, that the processing is not likely to give rise to any of the following harms:
- access to websites offering age-inappropriate content or activities;
- financial harm (eg advertising encouraging inappropriate or excessive spending online);
- grooming or abuse;
- inappropriate sharing of personal information, including via uploading content containing children’s personal data;
- access to inappropriate goods;
- discrimination (around price of products);
- harassment, bullying, loss of social standing leading to self-esteem and mental health issues;
- intrusion into private spaces and associated loss of privacy for the child;
- inaccessibility of services or discrimination due to a disability; or
- service lock-in ie unfair contractual terms.
Describe source of risk and nature of potential impact on individuals.
Include as a minimum an assessment of particular risks to children as listed in the DPIA standard in the Children’s Code. You may need to consider separately for different age groups.
|Likelihood of harm||Severity of harm||Overall risk|
|Remote, possible or probable||Minimal, significant or severe||Low, medium or high|