Data Compliance Playbook for Handling Chidren’s Data
This Children’s Data Compliance Playbook sets out the principles, obligations, and operational controls governing the processing of children’s personal data by different stakeholders. The purpose of this playbook is to:
- tell you what the law says about children’sdata rights and protection
- give you practical guidance on how to deal with children’sdata
- ensure safetyin all children’s data processing activities
- embedprivacy by design into products and services involving children
- reduce regulatory, legal, and reputational risk
An organisation can adopt it as an operational guide and a compliance resource to aid audits, investigations or regulatory engagements.
Children’s data rights and protection is governed under these Nigerian laws:
- Constitution of the Federal Republic of Nigeria, 1999 as amended
- Child Rights Act, 2003or respective State laws.
- Nigeria Data Protection Act (NDPA), 2023
- NDPA General Application and Implementation Directive
Who the Playbook Serves
Are you a:
- Parent
- Educational Institution,
- Platform owner,
- Financial institution,
- Travel agency, or
- Religious institution?
Or do you interact with children’s personal data, directly or indirectly? Then, this is for you.
Applicability Criteria
In a simpler form, do you:
- Offer services directly to children, or
- Offermixed-audience services reasonably likely to be accessed by children, or
- Processchildren’s data indirectly (e.g., through parents, schools, guardians),
- Processchildren’s data on behalf of another controller (processor role); or
- Have a responsibility of giving consent on behalf of children?
Then, this is for you.
