Skip to content
ConsentiQo
🧒Compliance

Children's Data Under the DPDP Act: Parental Consent Rules in 2026

KavachOne Privacy Research Team·8 February 2026·7 min read

In short

Under India's DPDP Act 2023, processing children's personal data generally requires verifiable parental consent and prohibits tracking, behavioural monitoring and targeted advertising directed at children. In 2026, EdTech platforms, schools and consumer apps must implement age-gating and verifiable parental-consent workflows.

What the Act requires

Data Fiduciaries must obtain verifiable parental consent before processing a child's data and must not undertake tracking, behavioural monitoring or targeted advertising aimed at children.

Who is most affected

EdTech, schools, gaming and consumer apps that attract young users carry the heaviest obligations and the highest penalty exposure for lapses.

How to comply

Implement age verification, verifiable parental-consent workflows, a children's-data policy and a DPIA for child-facing processing.

FAQ

The DPDP Act treats individuals below 18 years as children, requiring verifiable parental consent and prohibiting tracking and targeted advertising directed at them.

#children data DPDP Act#parental consent India 2026#DPDP children's data rules#age verification DPDP

Related articles

📋

DPDP Act Compliance in India 2026: The Complete Checklist

A step-by-step 2026 checklist that takes you from 'where do we start?' to certified DPDP Act compliance in India.

⚠️

DPDP Act Penalties Explained: Avoiding ₹250 Crore Fines in 2026

The DPDP Act's penalties are per-incident and cumulative. Here's the structure — and how to stay on the right side of it in 2026.

🚀

DPDP Act for Startups in India: A 2026 Compliance Roadmap

Startups can't afford enterprise privacy bureaucracy — or a ₹250 Crore fine. Here's the lean 2026 path.

Need help with DPDP compliance?

KavachOne delivers consent management, audit and certification across India for 2026.

Talk to an expertBrowse services