Minors use our app or service, does consent work differently?
In NL the age for independent consent is 16. Under 16: parental or guardian consent is required when processing relies on consent.
Try this first
- 1Determine your basis. Consent for under-16s requires parental consent. Other bases (contract, legal duty) have separate rules.
- 2Verify age reasonably. A checkbox "I am 16+" is not reasonable when your audience is demonstrably younger. Combine with payment method or school ID.
- 3Verify parental consent if needed: confirmation by email via the parent, or a payment method in the parent name.
- 4Adapt the privacy notice to plain language for the audience. Not only legally correct, also readable by a 14-year-old.
- 5Limit profiling. Profiling and targeted advertising toward children is strictly limited under EU rules and further bounded by the EU AI Act.
When to bring us in
Education or youth-care sector? Extra rules apply (GDPR plus sector). Not DIY.
See also
- Does NIS2 apply to my company?Two questions decide it: are you in a listed sector, and do you meet the threshold from Recommendation 2003/361/EC (more than 50 FTE and more than EUR 10M turnover or balance sheet). Below that you are only indirectly in scope, via your customers. The threshold determines whether you are an important or essential entity depending on sector.
- What changes with the Dutch Cyber Security Act?The Cyberbeveiligingswet is the Dutch implementation of NIS2. Track NCSC for the exact effective date and the lower regulations.
- Am I personally liable as a director under NIS2?Yes. The board is accountable for approving and overseeing the cyber measures. Severe negligence can become personal.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.