If you’re building a game or app for kids (under-13 in the US or under-16 in Europe), you need to consider how you’re going to manage age gates and parental permissions. Both are essential to ensure compliance with data privacy laws (COPPA and GDPR-K), but both are complex user flows and mismanaging them can create barriers to engagement for your easily-distracted young audiences.
Here’s what you need to remember:
1. Design your app with the best kids’ experience possible in mind.
Don’t let permissions requests be a killjoy. Best practice is to allow kids to explore parts of the app without having to wait for the request to be approved. Otherwise they’ll get bored, leave and never return to your app. If you keep them occupied with features that don’t require parental consent, they’re much more likely to be retained.
2. Use progressive permissioning
Permissions work better when they appear in the right context. Kids are more likely to continue if the permission request appears at the moment they want to engage with the feature that requires consent. This is similar to the best practice of asking for permission to send push notifications only when the user comes across a feature that needs it, instead of doing it upfront when the user has no context.
3. Analyse each individual feature’s data requirements independently
It’s not enough to seek grouped permissions or blanket permissions (eg, geolocation for any purpose). Under both COPPA and the ‘purpose limitation’ principle of GDPR-K, each consent request needs to itemise exactly what purpose that data will be used for.
4. Make sure the permissions are easy to understand for parents
Parents aren’t going to grant you access to their child’s data without a good reason for doing so. Make sure your permissions request includes the reason the data is required and explains your data privacy and security practices in language anyone can understand.
5. Make the value proposition of the permission clear too
Many great games require the use of data to make the game even better – it’s this data that enables features like leaderboards, teams and competitions to work. However, parents might not necessarily understand this. Make sure that your permissions request includes the value its inclusion will give to their child’s experience.
Want to know how other developers are handing parental permissions in their products? Download our Tankee case study now!