Per GDPR we need explicit consent for under-aged (<13) members. We currently require date of birth on our membership forms which is the only source for determining this.
We need to establish a routine for (ongoing here)
- Identifying any under-aged members in our membership system
- A one-off check is needed for all imported members
- Can either be checked continuously or as part of a routine whenever a new member signs up
- Contacting and collecting the parental consents
- For this we need to T195237: Create parental consent form
- Registering the received consent in Zynatic
- Ideally the signed consents are hosted on our nextcloud and Zynatic contains a reference to the relevant document.
- The same solution is ideally used for members who sign up on our paper forms and give their (general) consent there
A policy decision on how we deal with members who have not filled in a birth date (or filled in date which we could not reasonably assume to be true). (T189097: Policy for members lacking essential information or consents)