Issue Date of This Version 1/08/2024

Review Period for This Document - One Year from Original Issue

Due Date for Review/Expiry 1/08/2025

1. What is this Policy

Online safety is an integral part of safeguarding. This policy is written in line with ‘Keeping Children Safe in Education 2021 (KCSIE), ‘Teaching Online Safety in Schools 2019, statutory RSHE guidance 2019 and other statutory documents. It is designed to sit alongside the statutory Safeguarding Policy. Any issues and concerns with online safety must follow the school’s safeguarding and child protection procedures which can be located in the safeguarding policy which can be found on the website and also in the Impact A&C Google Drive.

2- What are the main online safety risks today?
Online-safety risks are traditionally categorised as one of the 4Cs:
Content: being exposed to illegal, inappropriate, or harmful content, for example: pornography, fake news, racism, misogyny, self-harm, suicide, anti-Semitism, radicalisation, and extremism.

Contact: being subjected to harmful online interaction with other users; for example: peer-to-peer pressure, commercial advertising and adults posing as children or young adults with the intention to groom or exploit them for sexual, criminal, financial or other purposes

Conduct: online behaviour that increases the likelihood of, or causes, harm; for example, making, sending and receiving explicit images (e.g. consensual and nonconsensual sharing of nudes and semi-nudes and/or pornography, sharing other explicit images and online bullying

Commerce: risks such as online gambling, inappropriate advertising, phishing and or financial scams. Any concerns related to commerce will be reported to the Anti-Phishing Working Group (https://apwg.org/).

(identified by Professor Tanya Byron’s 2008 report “Safer children in a digital world”). These three areas remain a helpful way to understand the risks and potential response, whether technological or educational. They do not stand in isolation, however, they underpin everything we do when considering the internet or technology in our classes.

Many of these new risks are mentioned in KCSIE 2021, e.g. extra-familial harms where children are at risk of abuse or exploitation to multiple harms in situations outside their families including sexual exploitation, criminal exploitation, serious youth violence, upskirting and sticky design.
In past and potential future remote learning and lockdowns, there is a greater risk for grooming and exploitation (CSE, CCE and radicalisation) as children spend more time at home and on devices.

3- How will this policy be communicated?
This policy can only impact upon practice if it is accessible to and understood by all stakeholders. It will be communicated in the following ways:

• Available on the Impact A&C Staff Drive accessible by all staff.
• Part of induction pack for all new staff (including temporary, supply and non-classroom-based staff).
• Integral to safeguarding updates and training for all staff (especially in September refreshers).
• Reviews of this online-safety policy will include input from staff, pupils and other stakeholders, helping to ensure further engagement.

4- Aims
This policy aims to:

• Set out expectations for all stakeholders’ online behaviour, attitudes and activities and use of digital technology (including when devices are offline)
• Help all stakeholders to recognise that online/digital behaviour (including social media activity) must be upheld beyond the confines of the school gates and school day, and regardless of device or platform
• Facilitate the safe, responsible and respectful use of technology to support teaching & learning, and prepare children and young people for the risks and opportunities of today’s and tomorrow’s digital world, to survive and thrive online
• Help staff understand that online-safety risks are traditionally categorised as one of the 3 Cs: Content, Contact or Conduct and that all three aspects are integral to maintaining children’s online safety
• Help staff working with children to understand their roles and responsibilities to work safely and responsibly with technology and the online world:
• for the protection and benefit of the children and young people in their care, and
• for their own protection, minimising misplaced or malicious allegations and to better understand their own standards and practice
• for the benefit of the school, supporting the Trust’s vision, mission, aims and objectives, and protecting the reputation of the Trust and profession
• Establish clear structures by which online misdemeanours will be treated, and procedures to follow where there are doubts or concerns (with reference to other policies such as Behaviour Policy)

Internal procedures should always be followed first for reporting and support, as documented in school policy documents, especially in response to incidents, which should be reported in line with your Safeguarding Policy. The Director and Head teacher (DSL) will handle referrals to local authority multi-agency safeguarding hubs (MASH).

5- Scope
This policy applies to all members of the Impact A&C community (including teaching and support staff, supply teachers, tutors, volunteers, pupils, parents/carers, visitors and third parties) who have access to our digital technology, networks and systems, whether on-site or remotely, and at any time, or who use technology in their school role.

6- Roles and responsibilities
Impact A&C is a community and all members have a duty to behave respectfully online and offline, to use technology for teaching and learning and to prepare for life after school. All staff have a duty to immediately report any concerns or inappropriate behaviour using the policy, to protect staff, pupils, families and the reputation of the Impact A&C. We learn together, make honest mistakes together and support each other in a world that is online and offline at the same time.

Impact A&C Director and Head teacher (DSL)
Key responsibilities:

• Foster a culture of safeguarding, where online safety is fully integrated into whole-company wide safeguarding
• Ensure that the DSL responsibilities listed in the section below are being followed and fully supported
• Keep abreast of current legislation and information on Online safety and disseminate this to DSLs and staff where appropriate

Designated Safeguarding Lead
Key responsibilities (The DSL can delegate certain online safety duties from the list below, but not the overall responsibility; this assertion and all quotes below are from Keeping Children Safe in Education 2021):

• “The designated safeguarding lead should take lead responsibility for safeguarding and child protection [including online safety] … this lead responsibility should not be delegated”
• Check all school staff have read Part 1 and Annex A of KCSIE.
• Ensure that Annex C on Online Safety reflects practice in school.
• Where the online-safety Lead is not the named DSL or deputy DSL, ensure there is regular review and open communication between these roles and that the DSL’s clear overarching responsibility for online safety is not compromised
• Ensure “An effective approach to online safety that empowers Impact A&C to protect and educate the whole community in their use of technology and establishes mechanisms to identify, intervene in and escalate any incident where appropriate.”
• “Liaise with staff on matters of safety and safeguarding (including online and digital safety) and when deciding whether to make a referral by liaising with relevant agencies.”
• Take day-to-day responsibility for online safety issues and be aware of the potential for serious child protection concerns
• Remind staff of safeguarding considerations as part of a review of remote learning procedures and technology, including that the same principles of online safety and behaviour apply
• Stay up to date with the latest trends in online safeguarding and “undertake Prevent awareness training.”
• Review and update this policy, other online safety documents (e.g. Acceptable Use Policies) and the strategy on which they are based (in harmony with policies for behaviour, safeguarding, Prevent and others).
• Receive regular updates in online safety issues and legislation, be aware of local and school trends – see safeblog.lgfl.net for examples
• Ensure that online safety education is embedded across the curriculum
• Ensure all staff are aware of the procedures that need to be followed in the event of an online safety incident, and that these are logged in the same way as any other safeguarding incident.
• Ensure adequate provision for staff to flag issues when not in school and for pupils to disclose issues when off site, especially when in isolation/quarantine/lockdown.
• Ensure staff adopt a zero-tolerance approach to sexual violence and harassment,as well as to bullying, and that this is followed throughout the school. This includes peer on peer abuse.
• Facilitate training and advice for all staff:
• all staff must read KCSIE Part 1 and all those working with children Annex A
• it would also be advisable for all staff to be aware of Annex C (online safety)

CEO Impact A&C
Key responsibilities (quotes are taken from Keeping Children Safe in Education 2020)

• “Ensure that all staff undergo safeguarding and child protection training (including online safety) at induction. The training should be regularly updated in line with the Impact A&C Child Protection and Safeguarding Policy that follows with advice from local safeguarding partners.
• “Ensure that children are taught about safeguarding, including online safety as part of providing a broad and balanced curriculum.

All Staff
Key responsibilities:

• Understand that online safety is a core part of safeguarding; as such it is part of everyone’s job – never think that someone else will pick it up.
• Know who the Designated Safeguarding Lead (DSL) is within Impact A&C and at any settings
• Read Part 1, Annex A and Annex C of Keeping Children Safe in Education (whilst Part 1 is statutory for all staff
• Read and follow this policy in conjunction with the Impact A&C main safeguarding policy
• Record online-safety incidents in the same way as any safeguarding incident and report in accordance with Impact A&C procedures.
• Understand that safeguarding is often referred to as a jigsaw puzzle – you may have discovered the missing piece so do not keep anything to yourself.
• Identify opportunities to thread online safety through all Impact A&C activities.
• Whenever overseeing the use of technology in class, encourage and talk about appropriate behaviour and how to get help and consider potential risks and the age-appropriateness of websites.
• Ensure pupils understand that online safety is followed at home, as well as at school and Impact A&C
• Notify the DSL/OSL of new trends and issues before they become a problem
• Take a zero-tolerance approach to bullying and low-level sexual harassment
• Ask for guidance and updates from the DSL for online safeguarding issues , as appropriate
• Model safe, responsible and professional behaviours in staff use of technology. This includes outside the school hours and site, and on social media, in all aspects upholding the reputation of Impact A&C and of the professional reputation of all staff.

Volunteers and Staff
Key responsibilities:

• Read, understand, sign and adhere to Impact A&C safeguarding policy for volunteers and -
• Model safe, responsible and professional behaviours in their own use of technology at school and as part of remote teaching or any online communications

7- Handling online-safety concerns
It is vital that all staff recognise that online-safety is a part of safeguarding.
Impact A&C procedures for dealing with online-safety will be mostly detailed in the following policies (primarily in the first key document):

• Safeguarding and Child Protection Policy
• Sexual Harassment / Peer on Peer Abuse Policy (if separate)
• Equal Opportunities Policy
• Behaviour Policy
• Prevent Risk Assessment
• Data Protection Policy, agreements and other documentation (e.g. privacy statement and consent forms for data sharing, image use etc)

Impact A&C commits to take all reasonable precautions to ensure online safety, but recognises that incidents will occur both inside school and outside class (and that those from outside class will continue to impact on pupils when they come into class or during extended periods away from class). All members of Impact A&C are encouraged to report issues swiftly.

Any suspected online risk or infringement should be reported to the designated safeguarding lead in line with the safeguarding policy.
Any concern/allegation about staff misuse is always referred directly to the CEO.

8. Misuse of Impact A&C technology
Clear and well communicated rules and procedures are essential to govern pupil and adult use of Impact A&C networks, connections, internet connectivity and devices, cloud platforms and social media.

Where pupils contravene these rules, the school behaviour policy that can be accessed on each school website will be applied. Where staff contravene these rules, action will be taken as outlined in the staff agreement and disciplinary policy.
It will be necessary to reinforce these as usual at the beginning of any school year.

9. Data Protection and data security
There are references to the relationship between data protection and safeguarding in key Department for Education documents ‘Keeping Children Safe in Education’ and ‘Data protection: a toolkit for schools’ (August 2018), which the DPO and DSL will seek to apply. This quote from the latter document is useful for all staff – note the red and purple highlights:

“GDPR does not prevent, or limit, the sharing of information for the purposes of keeping children safe. Lawful and secure information sharing between schools, Children’s Social Care, and other local agencies, is essential for keeping children safe and ensuring they get the support they need. The Data Protection Act 2018 introduced ‘safeguarding’ as a reason to be able to process sensitive, personal information, even without consent (DPA, Part 2,18; Schedule 8, 4) When Designated Safeguarding Leads in schools are considering whether, or not, to share safeguarding information (especially with other agencies) it is considered best practice for them to record who they are sharing that information with and for what reason. If they have taken a decision not to seek consent from the data subject and/or parent/carer that should also be recorded within the safeguarding file. All relevant information can be shared without consent if to gain consent would place a child at risk. Fears about sharing information must not be allowed to stand in the way of promoting the welfare and protecting the safety of children.”

The same document states that the retention schedule for safeguarding records may be required to be set as ‘Very long term need (until pupil is aged 25 or older)’. However, some local authorities require record retention until 25 for all pupil records.
All pupils, staff, volunteers, and parents are bound by the Impact A&C data protection policy and agreements.
Staff are reminded that all safeguarding data is highly sensitive and should be treated with the strictest confidentiality at all times, and only shared via approved channels to colleagues or agencies with appropriate permissions. The use of confidential mode in Gmail to encrypt all non-internal emails is compulsory for sharing pupil data. If this is not possible, the DSL should be informed in advance.

10. Email
When emailing, all Impact A&C staff, use an Impact A&C Google account.
General principles for email use are as follows:

• Email is the main tool for electronic communication to be used between staff and pupils / staff and parents (in both directions)
• Email may only be sent using the email system above. There should be no circumstances where a private email is used.
• Private Gmail accounts are different to the Gmail which we provide staff.
• Appropriate behaviour is expected at all times, and the system should not be used to send inappropriate materials or language which is or could be construed as bullying, aggressive, rude, insulting, illegal or otherwise inappropriate, or which (for staff) might bring the school into disrepute or compromise the professionalism of staff.

Other platforms, such as whatssap, can be use for immediate communication with parents for important messages, issues, tech problems or other sort of quick information that needs to be communicated to Impact A&C and parents.

11. Digital images and video
When a pupil joins Impact A&C, as part of our bookings process, parents/carers are asked if they give consent for their child’s image to be captured in photographs or videos, for what purpose (to be used on the website/social media and advertising). Parents are able to request a change to their consents at any point throughout the year.
Whenever a photo or video is taken/made, the member of staff taking it will check the latest consents before using it for any purpose. Any pupils shown in public facing materials are never identified with more than first name (and photo file names/tags do not include full names to avoid accidentally sharing them).

12. Social Media
Social Media Presence
We manage and monitor our social media footprint carefully to know what is being said about Impact A&C and to respond to criticism and praise in a fair, responsible manner.
Each Impact A&C franchisee is responsible for monitoring their social media presence, and acting quickly to respond or remove any content posted without consent.

13. Staff social media presence
Social media (including here all apps, sites and games that allow sharing and interaction between users) is a fact of modern life, and as a company, we accept that many parents, staff and pupils will use it. However, as stated in the acceptable use policies, we expect everybody to behave in a positive manner, engaging respectfully with the school and each other on social media, in the same way as they would face to face.

This positive behaviour can be summarised as not making any posts which are or could be construed as bullying, aggressive, rude, insulting, illegal or otherwise inappropriate, or which might bring Impact A&C into disrepute. This applies both to public pages and to private posts, e.g. parent chats, pages or groups.

If parents have a concern about Impact A&C, they should follow the school's concerns and complaints policy. Sharing complaints on social media is unlikely to help resolve the matter, but can cause upset to staff, pupils and parents.
Many social media platforms have a minimum age of 13 (note that WhatsApp is 16+). We ask parents to respect age ratings on social media platforms wherever possible and not encourage or condone underage use.
Parents can best support this by talking to their children about the apps, sites and games they use (you don’t need to know them – ask your child to explain it to you), with whom, for how long, and when (late at night / in bedrooms is not helpful for a good night’s sleep and productive teaching and learning at school the next day).

Email and phone calls are the official electronic communication channel between parents and Impact A&C, and between staff and pupils.
Pupils are not allowed* to be ‘friends’ with or make a friend request** to any individual staff or volunteers nor should they communicate via social media.

Pupils should not:
follow staff or volunteer individual accounts (e.g. following a staff member with a public Instagram account). However, we accept that this can be hard to control (but this highlights the need for staff to remain professional in their private lives). In the reverse situation, however, staff must not follow such public pupil accounts.
* Any attempt to do so may be a safeguarding concern or disciplinary matter and should be notified to the DSL (if by a child) or to the CEO (if by a staff member).
Staff are reminded that they are obliged not to bring TechyToys into disrepute and the easiest way to avoid this is to have the strictest privacy settings and avoid inappropriate sharing and oversharing online.
All members of the Impact A&C community are reminded that particularly in the context of social media, it is important to comply with the company policy on Digital Images and Video and permission is sought before uploading photographs, videos or any other information about other people.

14. Personal devices including wearable technology and bringing you own device

• All staff who work directly with children should leave their mobile phones on silent and only use them in private areas during class hours.
• Volunteers and pupils, should leave their phones in their pockets and have them on silent and only use them in private areas during class hours.
• Parents are asked to leave their phones in their pockets and turned off when they are on site. When at school events, please refer to the Digital images and video section of this document. Parents are asked not to call pupils on their mobile phones during the class hours; urgent messages can only be admitted. Parents should never record meetings on their phones.