IT Consultancy
Project Management
Data Protection
Network Design
WAN & VPN
Wi-Fi & Guest Portals
Cloud (AWS/Azure)
Server Infrastructure
Active Directory
Storage
Backup & DR
5-Step Cyber Health Check
NCSC Cyber Advisor
Virtual CISO
Virtual DPO
Accreditation
Secure Architecture
Vulnerability Scans
Secure Destruction
Incident Response
Windows Applications
Mobile Apps
Web Applications
Internet of Things
Artificial Intelligence
Database Design
Support Home
News & Blogs
FAQs
Contact Us
CompanyData Compliance
Introduction
The importance of complying with international data regulations is more important than ever. Both the EU and USA have very strict regulations about the use and collection of personal data. These regulations extend into software, web applications and mobile apps too (regardless if it was created outside these regions).
As a web/mobile app publisher, you will need to understand how you obtain, transfer, store, and handle user data; and should invest time to understand exactly how you currently ensure data security for your users, and what you can do to improve this in order to have a compliant application.
Children's Data (GDPR-K, COPPA)
To complicate matters further, there are additional laws & regulations that must be followed when the data belongs to a child.COPPA
The Children’s Online Privacy Protection Act (COPPA) is a data protection law in the USA and applies to all data belonging to a child under 13 years of age. It includes any information that can be used to identify a specific user under the age of 13.GDPR-K
The GDPR regulation is continually being amended and incorporates elements of COPPA to apply to children’s personal data. However, the regulation sets the age of consent at 16 years of age but allows individual member states in the EU to lower the age of consent to a minimum of 13 years old.ICO Age Appropriate Design Code
The Information Commissioner’s Office (ICO) is in the process of finalising a set of guidelines called ‘Age Appropriate Design Code’ which sets out 15 key restrictions to be applied to any code. It is expected that this will be incorporated into the Data Protection Act in 2021.Apple Store / Google Play Store
There are also strict rules when submitting apps to the Apple App Store and Google Play Store. These rules are continually being updated, but state that, in limited cases, third-party analytics may be permitted in children’s apps (provided that the services do not collect or transmit any identifiable information about children, such as their name, date of birth, email address, location, or unique device identifier).Parental Consent
The key to complying with data protection regulations with children’s data is to design a suitable method of verifying parental consent, such as:- Signing a paper consent form and returning it.
- Using a credit card, debit card, or other online payment system.
- Calling a free-phone number staffed by trained personnel.
- Provide a copy of a form of government issued identification.
How we can
help you.
Our security architects are on hand to help you throughout the development process, with expert advice and guidance.
Call
Contact Us
Research
Our consultants work to understand your requirements, and how it benefits your company.
Code Reviews
We review your application code and structure to look for potential data risks.
Design
We can work with you from the start, ensuring your products comply with data regulations.
Consultancy
Our consultants are experts in their field, and are at hand to help you throughtout the process.
Services
Jovasi Technology’s software developers and security architects are certified GDPR assessors, who can help you ensure your software & apps comply with international data regulations.Data Compliance Review
Remote review & analysis.- Personal data & analytics analysis.
- Detailed reporting.
- Telephone & e-mail support.
- Suitable for existing applications
From £900 +VAT
QuoteData Compliance Design
- Onsite design meetings.
- Personal data analysis.
- Third-party analytics design.
- App store compliance.
- Detailed reporting.
- Telephone & email support.
- Suitable for new or existing applications.
From £1,000 +VAT
All Data Protection advisors are CISSP qualified and are certified through IASME.
Additional Services
Jovasi Technology also offers a Virtual DPO service, where we provide support with all your data protection requirements, and a GDPR Certification service.Frequently Asked Questions
- What age does a child need parental consent in the UK?
In the UK the age is set at 13 years. - Can you help us comply with the requirements of the Apple and Google App stores?Yes, that is part of the consultancy service we offer. Since Apple and Goodle regularly update their terms & conditions (and policies regarding data compliance), we believe it is important to fully understand the requirements beforehand.
- What consent method should we use?There is no definitive answer here, as it depends on your specific application. We can help you integrate a range of consent mechanisims into your app/website so that it is easy to use for the end user, and easy for you to implement and manage.
- Do these regulations apply to our apps?It depends what your target audience is, and what you do with the data.
If you specifically target children, then your app/website will likely fall within COPPA and GRPR-K. - How can we show customers that we take data protection seriously?The best way to show your customer that you take data protection seriously is to have a clear privacy policy that is easy to follow, and become certified with a scheme such as IASME or Cyber Essentials.
- Can you review our existing apps?Yes, our data compliance review service is geared just for that. We can work with you to look as aspects of your apps to understand where data is being used and how it should be handled.
We can also work with you through the design stages from the very start, so that you get data compliance done correctly to begin with.
