Children’s Data Privacy Rules Are Changing — Are You Ready?

If you run activities for children, new UK laws could affect how you collect and use data — even if you’re using third-party forms, booking systems, or apps to manage your business.

Here’s what’s changed:

• The Children’s Code is now enforceable under the Data (Use and Access) Act 2025
• The Online Safety Act 2023 requires platforms that children might use to meet tougher safety and privacy standards
• Regulators like Ofcom and the ICO are actively reviewing how children’s data is handled — including online registration, communications, and marketing

What Does That Mean for You?

Even if your systems are managed by someone else, you’re still responsible for checking how they handle children’s data. This includes:

• Forms and registrations
• Photos, videos and health information
• Online tools that children or parents might access

If you’re Ofsted-registered, you may also be asked about how you safeguard children’s data as part of your inspection.

Free KoffeeKlatch Checklist: What You Need to Know

To make it easier, our friends at KoffeeKlatch — specialists in GDPR for small businesses — have created a free checklist just for children’s activity providers.

It helps you figure out:

• What you need to do yourself
• What your booking or online platform should be doing
• Whether you’re likely to need further support

 Click here to download the checklist
(No jargon. No fuss. Just practical guidance.)

If you need more tailored help after using the checklist, the KoffeeKlatch team offer affordable options to get you on track — from self-guided programmes to done-for-you audits.  Just email [email protected] and we’ll set up a quick chat at a time that suits you.