Per GDPR we need explicit consent for under-aged (<13) members. We currently require date of birth on our membership forms which is the only source for determining this.
We need to establish a routine for
* Identifying any under-aged members in our membership system
** A one-off check is needed for all imported members
** Can either be checked continuously or as part of a routine whenever a new member signs up
* Contacting and collecting the parental consents
** For this we need to create a parental consent form
* Registering the received consent in Zynatic
** Ideally the signed consents are hosted on our nextcloud and Zynatic contains a reference to the relevant document.
** The same solution is ideally used for members who sign up on our paper forms and give their (general) consent there
A **policy decision** on how we deal with members who have not filled in a birth date (or filled in date which we could not reasonably assume to be true). ({T189097})