Age Verification Providers Association – Code of Conduct
The Age Verification Providers Association’s Code of Conduct is a set of guiding principles our Members agree to follow when conducting business. Our goal is that these principles will drive high standards from the industry, assist in establishing best practice and create a collaborative approach to solving the problems of age verification.
All references to age verification in this Code shall mean any physical or remote checks on an individual to determine the age of an individual or the age-range they fall within.
We recognise that requirements for age restrictions differ markedly from country to country and from sector to sector. Whilst the Code aims for a global approach to age verification, certain local regulations may preclude full adherence to this Code.
Key Goals of the Code
To promote effective age verification
To encourage age verification adoption in a manner compliant with regulations
To encourage sound business practice
To promote the highest levels of data protection and data control
Code of Conduct
Member organisations agree to the following five principles:
- Fairness and transparency
How personal data is collected or verified and how it is used should be clearly explained to the consumer. Data should be used for age verification and not additional unspecified purposes without the consumer’s knowledge and consent.
- Use of appropriate verification methods
Data sources and technical methods against which consumers are checked should be reasonable and suitable to meet the requirements of regulators and client organisations, while recognising the sensitivities around release and use of personal data.
Members should normally comply with applicable published international or local age verification standards where these have been endorsed by the AVPA e.g. PAS 1296:2018 for the UK.
- Privacy and Security
Data privacy should be paramount. Members should follow ‘privacy and security by design’ principles and make all reasonable endeavours to minimise the use and retention of personal data and to maintain the security of processed or stored personal data.
Members should normally comply with applicable published international or local information security standards where these have been endorsed by the AVPA e.g. ISO27001
Members should take all reasonable steps to ensure the accuracy of data and rectify inaccurate data to maintain the integrity of their age verification systems.
Full Members must maintain appropriate operational and financial independence from the suppliers of age-restricted goods, services and content to ensure that age verification is conducted by a neutral party with no incentive to provide results that do not meet regulatory requirements and applicable standards.
Members acknowledge that they have a collective responsibility to maintain a positive public image of the age verification sector.
The approach to enforcing this code is set out in the Rules of the Association