Build awesome personalized digital experiences for kids.
Our consent management platform does the rest.
| Children’s digital privacy | Children’s personal data | What is VPC? | The global challenge | Why is KWS is the #1 platform in the world? |
Kids Web Services: The #1 Consent Platform in the World
Designing and building kids’ apps and web experiences can be hard, given the complexity of kids’ data privacy laws like COPPA and GDPR-K. Our Kids Web Services platform makes it easy. KWS is a parental consent management toolkit that takes care of compliance so that you can create awesome, personalized digital experiences for kids. KWS is certified under the COPPA Safe Harbor program by both kidSAFE Seal and the ESRB.
- Engaging experiences made easy: We automate the process of obtaining consent for each feature that requires personal data, so you can focus on building the best engagement and retention features into your apps or sites
- Built for developers: Integration is a simple API call to obtain parental consent and to activate the features in the child’s experience that require it
- Industry-leading conversion rates: Our pre-built user flows for authentication and parental consent have been iterated to minimise user friction. By leveraging our huge available network of pre-verified parents, you’ll benefit from industry-leading conversion rates
See how a leading mobile games developer uses SuperAwesome platform to deliver GLOBAL personalized experiences for under-13 audience with full COPPA compliance
Push notifications
Newsletters
Geo-location powered game play
Voice recordings
Competitions
Social networking (chat, forums, friends)
In-game purchasing
Personalization (name, age, biometrics)
More about children’s digital privacy
The collection and use of personal data from kids is subject to a growing list of data privacy laws, including the Children’s Online Privacy Protection Act (COPPA) in the US; the General Data Protection Regulation (GDPR) in the EU; and the Personal Information Security Standard in China.
COPPA came into effect in 1998 in the US and remains one of the strongest digital privacy regulations governing the use of children’s personal data online. The intent of COPPA is to provide parents with control over what personal data is collected from their child by online service providers. COPPA is aimed at operators of websites, apps and any digital service that interacts with children.
COPPA sets out specific rules for operators that govern:
- What types of information you can collect
- How to notify parents of your intentions
- How to gather consent from parents
- What methods you can use to verify the identity of parents
COPPA applies where your service has any users in the US aged 12 and under. Similar legislation designed to protect children’s online privacy is now in force in many parts of the world.
GDPR-K—the provisions in Europe’s data privacy law that specifically protect children—require websites and apps that are accessible by children under 16 to obtain parental consent before collecting personal information. Similarly, China’s Regulation on Protection of Children’s Personal Information Online, which took effect on 1 October 2019, requires a guardian’s consent for personal data collection from anyone under the age of 14.
You can learn more about GDPR-K, COPPA, and other data privacy laws on our blog, as well lots of practical advice for developers.
What is kids’ personal data?
Personal information as defined by COPPA and GDPR includes many elements beyond name, address, etc, such as geolocation, user-generated text or photo/video, and persistent identifiers (like device IDs and IP addresses), many of which are necessary for even some basic product features. For this reason, most engaging digital experiences—including augmented reality games, social communities, educational apps that track progress, or any personalised experience—require the developer to think carefully about authentication and compliance with the parental consent requirement.
What is Verifiable Parental Consent (VPC) and why do I need it?
Verifiable Parental Consent (VPC) is the requirement under both COPPA and GDPR-K for operators to try to verify that a parent providing consent for data collection is indeed the parent.
If your service relies on personal information to function (such as collecting an email address, or tracking location to power a game, or using persistent identifiers to target advertising using behavioural data), then you must obtain VPC before you collect such information from children.
The VPC process requires you to contact a parent, to verify their identity, and then to obtain their consent. The FTC has pre-approved several VPC methods. The most commonly used are:
- Charging a nominal amount to the parent’s credit card. This must be enough to trigger a notification of the transaction (e.g, sending of a statement) to the parent.
- Asking the parent to sign a form and send it back to you by post, fax or emailed scan.
- Having trained personnel speak to the parent by phone or video-call.
- Checking the parent’s government-issued ID against a national database
If you are using the child’s information for internal purposes only (i.e. not disclosing it to any third parties or making it publicly available), you may use the ‘email plus’ method of obtaining consent:
- send a direct notice to the parent via email;
- allow them to provide consent by replying; and,
- send them a confirmatory email after a reasonable time delay.
In either case, you must provide parents with the means to access their child’s personal information, and the ability to ask you to stop collecting it or that you delete it.
The Global Challenge
Getting the flow right for authentication, permissions, consent and verification can be hard. The law is complex and changing, and now that many countries are writing their own versions, the overlaps and contradictions are multiplying. Under COPPA, the age threshold is 13. In Europe, it varies between 13 and 16. In China it’s 14. And so on.
Our KWS platform abstracts away all that complexity, so that you can focus on creating a great kids’ experience. KWS has been built and tested over five years to become the most robust and easy-to-deploy consent management platform for kids’ experiences. KWS is ‘legislation-aware’, adapting automatically to the appropriate legal framework (and consent age) depending on where your users are. This keeps you compliant everywhere now and into the future.
What makes KWS the #1 consent platform in the world?
KWS is the most widely deployed kids’ consent management platform in the world. As a result we have optimised the user flows for both kids and parents to minimize friction and maximize conversion—a key concern for kids’ developers. It covers your full user journey end-to-end, from authentication / log-in, to permissions handling, obtaining parental consent, verifying parents’ identity, and providing ongoing parent access to the personal data.
Because our network of verified parents is growing every day, which reduces the requirement for your new users to go through a full verification process, we are seeing industry-leading conversion rates for new apps of up to 4x similar platforms.
KWS Features:
| Verifiable Parental Consent Multiple ways to verify parent identity in compliance with relevant laws, optimized for the highest conversion rate in each market | Kid accounts and authentication Create and maintain compliant child accounts, with SSO into multiple applications |
| Customizable consent flows Implement an opt-in, opt-out, or a VPC consent flow depending on legal requirements | Verified Parents Network KWS is built on the world’s largest network of already verified parents, driving improving conversion rates for all our clients |
| Easy API integration Create accounts and request parental consent with 2 simple API calls Your own branded parent portal | Your own branded parent portal Parents can be directed to a branded parent portal hosted and managed by SuperAwesome KWS |
| Geo-adaptive compliance Removes legal complexities delivering across multiple geos Standardized, optimized and best-in-class infrastructure for all of your critical data collection flows | Fully COPPA and GDPR-K compliant Data Storage is distributed globally to adhere to local legislations |
Want to know more?
To find out more about KWS, please get in touch:
Contact us