The paper addresses the problematics of collecting consent to the processing of children’s personal data, observing the connection between granularity and the specificity of consent and insisting on the triple level of granularity which may be seen as applicable: (i) the granularity of the first degree, relative to the delimitation by reference to the consent granted at the formation of the main contract; (ii) secondary degree of granularity, relating to the sequencing of processing purposes; (iii) tertiary granularity, regarding the taxonomic specificity of the processing operations; in the case of children’s consent, this specific protection is expected to apply particularly to the use of children’s personal data for marketing or profiling purposes and to the collection of personal data when using services directly offered to children, whose capacity to exercise rights in this matter can be established in national law as beginning at the age of 16, without being able to go below the 13-year threshold, as provided by Article 8, para. (1), second thesis of General Regulation 2016/679. Related to the purposes of the processing, the data operator must inform the child, in an unambiguous and structured way, of the purposes of the processing of personal data, so that the latter were able to express the consent for each of the purposes, in a differentiated manner without being forced to accept them in their entirety, a requirement that functions as a safeguard against the gradual expansion or blurring of the clarity of the processing purposes. In relation to the holder of responsibility or parental authority, Regulation (EU) 2016/679 imposes on the data controller an obligation of diligence, in order to verify whether the holder of responsibility or parental authority has granted or authorized the granting of consent, taking into account the available technologies (as selected by the parent), which is a requirement that implies, for data controllers, the fact that they are expected to check not only the existence of consent (when processing the child’s personal data), but also the provenience of this consent.