Consent is a cornerstone of GDPR. For children under the age of 16, parental or guardian consent is required. Pediatric clinics must ensure that consent is freely given, specific, informed, and unambiguous. This often involves clear, age-appropriate explanations of how the data will be used.