Providers of Information Society Services (which according to the ICO include most for-profit online services), even if they run an adult only service, must consider whether the service is likely to be accessed by children in order to decide whether their service is covered by the Children’s code, which, as well as covering services which are aimed at children, also covers those which are “likely to be accessed” by children.
The guidance takes the form of FAQ, a non-exhaustive list of factors to consider and case studies.
The FAQs cover topics such as how to assess what a “significant number of children” is, issues of age assurance, data collection during age gating and how to demonstrate your decision making via a DPIA.
The non-exhaustive list of factors to be taken into account includes factors such as evidence of user groups, whether there is evidence that there are peaks in access when children are likely to be accessing services, such as after school or during holidays, whether the organisation has processes in place to prevent children accessing the service (although self-declaration is not considered such a process), the nature of the content and design features, whether children access similar services and whether there is advertising aimed at children.
This guidance is a must read and can be found here.