- 1.
Where point (a) of Article 6(1) applies, in relation to the offer of information society services directly to a child, the processing of the personal data of a child shall be lawful where the child is at least 16 years old. Where the child is below the age of 16 years, such processing shall be lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child.
- 2.
The controller shall make reasonable efforts to verify in such cases that consent is given or authorised by the holder of parental responsibility over the child, taking into consideration available technology.
- 3.
Paragraph 1 shall not affect the general contract law of Member States such as the rules on the validity, formation or effect of a contract in relation to a child.
GDPR Article EN
Article 8
Conditions applicable to child's consent in relation to information society services
Related across sources
Guidance Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR (part 1) Guidance ARTICLE 29 DATA PROTECTION WORKING PARTY Guidance Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679 Guidance Guidelines 05/2020 on consent under Regulation 2016/679 Guidance Guidelines 3/2018 on the territorial scope of the GDPR (Article 3) Guidance Version history