The ICO has issued a reminder that businesses need to act now to make necessary changes to their online services and products to achieve compliance with the Children's Code (a.k.a. the Age Appropriate Design Code) before the 12 month grace period ends on 2 September 2021.

From that date, businesses will be expected to meet the 15 standards set out in the statutory code of practice to ensure that children's personal data are protected online. Otherwise, they face the possibility of enforcement action - think compulsory audits, processing bans and fines. You get the picture.

The Code aims "to protect children within the digital world, not protect them from it" and does this by requiring online services to put the best interests of the child first when designing and developing apps, games, connected toys and websites that are likely to be accessed by them.

According to an ICO survey of 500 businesses, three quarters of those surveyed are aware of the Code but are in the preparation stages. Do you count yourself in that number?

If not, or you're looking to accelerate your preparation efforts, take a deep breath, have a read of our previous article on the Code here (Lewis Silkin - ICO issues final text of ‘Age Appropriate’ design code for online services, to keep children safe) and then join us on 22 April at our next In-House Data Club which will be the first of a series of two events we'll be running on the topic. To sign up please contact

Meanwhile, if you have any burning questions on the Code that you'd like us to address at the event, do drop us a line - if you're not sure of the answer, then you're unlikely to be alone! Please let us know at 

And remember, if you'd like to read more, visit our Data Privacy blog here for our additional commentary and in-depth analysis or sign up for our monthly newsletter here.