Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Denmark: Datatilsynet publishes guidance for children and online gaming

On June 20, 2024, the Danish data protection authority (Datatilsynet) announced that a set of common principles were adopted to strengthen the data protection of children in connection with online games. Datatilsynet stated that the purpose of the principles is to ensure game developers who handle personal data are aware of the requirements under the General Data Protection Regulation (GDPR). The Datatilsynet stated that the legal principles of fairness, transparency, data minimization, and accountability were selected. Datatilsynet also highlighted that the widespread use of online games among children and the need to strengthen the protections for players' personal data and privacy were factors in the decision.

Within the guidance provided, Datatilsynet emphasized that the principles apply even if the data controller does not intend for children to access a particular game and that the GDPR cannot distinguish between deliberate or accidental processing of personal data relating to a child. Datatilsynet mentioned that the guidance is not meant to be exhaustive as other data protection principles exist and that the principles outlined are intended to complement and not replace the other provisions within the GDPR. Controllers must examine their processing activities and determine actions that are necessary to comply with the law and the rights of individuals. In addition to reviewing the data protection principles, the guidance explores why the principles are important, how the principles relate to the GDPR, definitions of key terms used throughout the law, and additional considerations to help controllers promote the principles in processing activities.

You can read the press release, only available in Danish, here and the guidance here.