school banner

 

 

Online Safety Policy

November 2025

Approved by Governors on: November 2025

To be reviewed: November 2026

 

This policy will be reviewed annually as a minimum and updated if needed to incorporate online safety safeguarding issues as they emerge or evolve, lessons learnt and national or local changes.  

Contents:

Section 

Page:

1: Key Staff

3

2: Context, including current online safeguarding trends

4

3: Communicating this policy

6

4: Policy aims

6

5: Roles and responsibilities

7

6: Education and the curriculum

7

7: Managing online safeguarding concerns and incidents, including specifically:

  • 7.1: Sharing of nudes and semi-nude images
  • 7.2: Upskirting
  • 7.3: Online bullying
  • 7.4: Child on child abuse and sexual violence/sexual harassment
  • 7.5: Misuse of school technology
  • 7.6: Incidents including or involving the misuse of social media

9

8: CCTV

14

9: Extremism and radicalisation

14

10: Data protection and cyber security

14

11: Filtering and Monitoring

14

12: Messaging and commenting

16

13: Behaviour principles 

17

14: Online storage and learning platforms

18

15: School websites

18

16: Digital images and video

18

17: Social Media use, by the school, staff, parents and pupils

20

18: Devices, including use of personal and BYOD, school devices and devices taken on trips and visits away from school

18

19: Searching and confiscation

24

Appendix A: Individual roles and responsibilities.

25

 

Section 1: Key staff

 

KCSIE makes clear that “the designated safeguarding lead should take lead responsibility for safeguarding and child protection (including online safety and understanding the filtering and monitoring systems and processes in place).” 

The DSL can delegate activities but not the responsibility for this area and whilst subject leads, e.g. for RSHE will plan the curriculum for their area, it is important that this ties into a whole-school approach.

Designated Safeguarding Lead (DSL), with lead responsibility for filtering and monitoring

[OWEN BAYLY

Deputy Designated Safeguarding Lead(s)

CHRIS MINETT, TRACY PEARSON

Safeguarding Link LAC Member, also having responsibility for online safety

JENNY WHITE

Link LAC Member having responsibility for online safety if different from above.

Curriculum leads with relevance to online safeguarding and their role

[ e.g. PSHE/RSHE/RSE/Computing leads ]

REBECCA MYERS (ICT), MEGAN WELDON (PSHE,RSE)

Network manager/other technical support

TURN IT ON (MATTHEW BEVIN)

             

Section 2: Context

Online safety is an integral part of safeguarding and requires a whole school, cross-curricular approach and collaboration between key school leads. Accordingly, this policy is written in line with ‘Keeping Children Safe in Education’ 2024 (KCSIE), ‘Teaching Online Safety in Schools’, statutory RSHE guidance and other statutory documents. It is cross-curricular (with relevance beyond Relationships, Health and Sex Education, Citizenship and Computing) and designed to sit alongside or be integrated into your school’s statutory Child Protection & Safeguarding Policy. Any issues and concerns with online safety must always follow the school’s safeguarding and child protection procedures. 

Current Online Safeguarding Trends

In our school over the past year, we have particularly noticed the following in terms of device use and abuse and types of online/device-based incidents which affect the wellbeing and safeguarding of our students: 

Misuse of social media platforms such as Whatsap.

Nationally, some of the latest trends of the past twelve months are outlined below. These are reflected in this policy: 

Self-generative artificial intelligence has become rapidly more accessible, with many students often having unfettered access to tools that generate text and images at home or in school. These tools not only represent a challenge in terms of accuracy when young people are genuinely looking for information (gen AI can be responsible for incorrect and sometimes harmful information), but also in terms of plagiarism for teachers and above all safety - none of the mainstream tools have end-user safety settings, most have an age limit of 13 or even 18 and in spite of basic rude words not delivering results, will easily produce inappropriate material. Schools not only need to tackle this in terms of what comes into school but also educating young people and their parents on use of these tools in the home. Self-generative AI has also made it easier than ever to create sexualised images and deepfake videos. Whilst they may not be real, they have a devastating effect on a young person’s emotional wellbeing and physical safety, and can also be used to blackmail, humiliate and abuse. The Internet Watch Foundation has reported AIgenerated imagery of child sexual abuse progressing at a worrying rate.  

Ofcom’s ‘Children and parents: media use and attitudes report 2024’ has shown that YouTube remains the most used site or app among all under 18s and the reach of WhatsApp, TikTok and Snapchat increased yet further (especially with the minimum age for use of WhatsApp now 13). With children aged 3 - 17 spending an average 3 hours 5 minutes per day online, four in ten parents report finding it hard to control their child’s screentime. Notably, 45% of 8-11s feel that their parents’ screen time is too high, underlining the importance of modelling good behaviour. 

Given the 13+ minimum age requirement on most social media platforms, it is notable that half (51%) of children under 13 use them. Despite age restrictions, four in ten admit to giving a fake age online, exposing them to content inappropriate for their age and increasing their risk of harm, with over a third (36%) of parents of all 3-17s saying they would allow their child to have a profile on sites or apps before they had reached the minimum age.

As a school we recognise that many of pupils are on these apps regardless of age limits, which are often misunderstood or ignored. We therefore will remind about best practice while remembering the reality for most of our students is quite different. 

This is striking when you consider that 25% of 3-4 year olds have access to their OWN mobile phone (let alone shared devices), rising to over 90 percent by the end of Primary School, and the vast majority have no safety controls or limitations to prevent harm or access to inappropriate material. At the same time, even 3- to 6-year-olds are being tricked into ‘self-generated’ sexual content (Internet Watch Foundation Annual Report) while considered to be safely using devices in the home and the 7–10year-old age group remains the fastest growing for this form of child sexual abuse material.

Growing numbers of children and young people are using social media and apps, such as Snapchat, as their source of news and information, with little attention paid to the facts or veracity of influencers sharing news. The alarming speed and scale at which misinformation about the attack in Southport (August 2024) was shared, resulting in Islamophobic and racist violence, rioting and looting across England is particularly concerning, with much of it was fuelled by false online accusations about the assailant. Despite attempts by Police and national news to correct the misleading information, it racked up millions of views on social media sites like X and was actively promoted by several high-profile users with large followings. 

There have also been significant safeguarding concerns where parents have filmed interactions with staff outside the school gates and posted this on social media, putting children and the wider school community at risk of harm. See nofilming.lgfl.net to find out more.

Cyber Security is an essential component in safeguarding children and now features within

KCSIE. Sadly, the education sector remains a clear target for cyber-attacks, with the Cyber Security Breaches Survey 2024 highlighting an increase in school attacks nationally, with 71% of secondary schools reporting a breach or attack in the past year, and 52% of primary schools.

Section 3: Communicating this policy

This policy can only impact upon practice if it is a (regularly updated) living document. We will make this policy accessible to all stakeholders in the following ways:

  • Posted on your school website
  • Part of school induction pack for all new staff (including temporary, supply and non-classroom-based staff and those starting mid-year)
  • Integral to safeguarding updates and training for all staff
  • Clearly reflected in the Acceptable Use Policies (AUPs) for staff, volunteers, contractors, governors, pupils and parents/carers (which must be in accessible language appropriate to these groups), which will be issued to whole school community, on entry to the school, annually and whenever changed, plus displayed in school Discussed with parents when it is relevant to a concern regarding their child

Section 4: Policy aims

This policy aims to promote a whole school approach to online safety by:

  • Setting out expectations for all Calverley C of E  community members’ online behaviour, attitudes and activities and use of digital technology (including when devices are offline) 
  • Helping safeguarding and senior leadership teams to have a better understanding and awareness of all elements of online safeguarding through effective collaboration and communication with technical colleagues (e.g. for filtering and monitoring), curriculum leads (e.g. RSHE) and beyond.
  • Helping all stakeholders to recognise that online/digital behaviour standards (including social media activity) must be upheld beyond the confines of the school gates and school day, regardless of device or platform, and that the same standards of behaviour apply online and offline.
  • Facilitating the safe, responsible, respectful and positive use of technology to support teaching & learning, increase attainment and prepare children and young people for the risks and opportunities of today’s and tomorrow’s digital world, to survive and thrive online.
  • Helping our school staff working with children to understand their roles and responsibilities to work safely and responsibly with technology and the online world:
    • for the protection and benefit of the children and young people in their care, and o for their own protection, minimising misplaced or malicious allegations and to better understand their own standards and practice.
    • for the benefit of the school, supporting the school ethos, aims and objectives, and protecting the reputation of the school and profession.
  • Establishing clear structures by which online misdemeanours will be treated, and procedures to follow where there are doubts or concerns (with reference to other school policies such as Behaviour Policy or Anti-Bullying Policy)

Section 5: Roles and responsibilities

This policy applies to all members of the Calverley C of E community (including teaching, supply and support staff, LAC members, volunteers, contractors, students/pupils, parents/carers, visitors and community users) who have access to our digital technology, networks and systems, whether on-site or remotely, and at any time, or who use technology in their school role. 

Our school is a community, and all members have a duty to behave respectfully online and offline, to use technology for teaching and learning and to prepare for life after school, and to immediately report any concerns or inappropriate behaviour, to protect staff, pupils, families and the reputation of the school. We learn together, make honest mistakes together and support each other in a world that is online and offline at the same time.

Depending on their role, all members of the school community should read the relevant section in Annex A of this document that describes individual roles and responsibilities. Please note there is one for All Staff which must be read even by those who have a named role in another section. There are also pupil, governor, etc role descriptions in the annex. All staff have a key role to play in feeding back on potential issues.

Section 6: Education and the curriculum

Despite the risks associated with being online, we recognise the opportunities and benefits of children being online. Technology is a fundamental part of our adult lives and so developing the competencies to understand and use it, are critical to children’s later positive outcomes. The choice to use technology in school will always be driven by pedagogy and inclusion. 

It is important that schools establish a carefully sequenced curriculum for online safety that develops competencies (as well as knowledge about risks) and builds on what pupils have already learned and identifies subject content that is appropriate for their stage of development. 

As well as teaching about the underpinning knowledge and behaviours that can help pupils navigate the online world safely and confidently regardless of the device, platform or app, Teaching Online Safety in Schools recommends embedding teaching about online safety and harms through a whole school approach and provides an understanding of these risks to help tailor teaching and support to the specific needs of pupils, including vulnerable pupils. [ dedicated training around this with curriculum mapping for RSHE/PSHE and online safety leads is available at safetraining.lgfl.net]

RSHE guidance also recommends that schools assess teaching to “identify where pupils need extra support or intervention [through] tests, written assignments or self-evaluations, to capture progress.” [ See LGfL’s SafeSkills Online Safety Quiz and diagnostic teaching tool which is linked to statements from UKCIS Education for a Connected World framework, enabling teachers to monitor progress throughout the year and drill down to school, class and pupil level to identify areas for development at safeskillsinfo.lgfl.net ]

The teaching of online safety, features in these areas of curriculum delivery:

  • Relationships education, relationships and sex education (RSE) and health education (also known as RSHE or PSHE) [ Please be aware that during the 2024/5 school year the subject may be subject to significant changes of scope and content following the 2024 consultation.]

● Computing

  • Citizenship 

However, as stated previously, it is the role of ALL staff to identify opportunities to thread online safety through all school activities, both outside the classroom and within the curriculum, supporting curriculum/stage/subject leads, and making the most of unexpected learning opportunities as they arise. 

Whenever overseeing the use of technology (devices, the internet, generative AI tools, etc.) in school or setting as homework tasks, all staff should remind pupils/students of and encourage sensible use, monitor what pupils/students are doing and consider potential risks and the age appropriateness of tasks. This includes supporting them with search skills, reporting and accessing help, critical thinking (e.g. disinformation, misinformation and fake news), access to age-appropriate materials and signposting, and legal issues such as copyright and data law.

saferesources.lgfl.net has regularly updated theme-based resources, materials and signposting for teachers and parents.

Annual reviews of curriculum plans and schemes of work (including for SEND pupils) take place and are used as an opportunity to follow this framework more closely in its key areas. This is done within the context of an annual online safety audit, which is a collaborative effort led by Rebecca Myers , Clare Hanna (SBM) and Turn it on (template available here: onlinesafetyaudit.lgfl.net)

We communicate with parents and carers about how we support pupils with their online safety learning, including what their children are being asked to do online and the sites they will be asked to access by sharing this policy, sharing the curriculum, including info. in newsletters, webinars etc. and parent workshops.

Section 7: Managing online safeguarding concerns and incidents

It is vital that all staff recognise that online safety is a part of safeguarding and so concerns must be handled in the same way as any other safeguarding concern. Safeguarding is often referred to as a jigsaw puzzle, so all stakeholders should speak to the safeguarding lead with any concerns (no matter how small these seem) to contribute to the overall picture or highlight what might not yet be a problem.

Support staff will often have a unique insight and opportunity to find out about issues first in the playground, corridors, toilets and other communal areas outside the classroom.

School procedures for dealing with online safety will be mostly detailed in the following policies (primarily in the first key document):

  • Safeguarding and Child Protection Policy
  • Anti-Bullying Policy
  • Behaviour Policy 
  • Acceptable Use Policies
  • Prevent Risk Assessment 
  • Data Protection Policy, agreements and other documentation (e.g. privacy statement and consent forms for data sharing, image use etc)

We take all reasonable precautions to safeguard pupils online but recognise that incidents will occur both inside school and outside school (and that those from outside school will continue to impact pupils when they come into school or during extended periods away from school). All members of the school are encouraged to report issues swiftly to allow us to deal with them quickly and sensitively through the school’s escalation processes.

Any suspected online risk or infringement should be reported to the designated safeguarding lead as soon as possible on the same day. The reporting member of staff will ensure that a record is made of the concern on CPOMS.

Any concern/allegation about staff misuse is always, as with any safeguarding concern, referred directly to the Headteacher, unless the concern is about the Headteacher in which case the complaint is referred to the Chair of The LAC, and the LADO (Local Authority’s Designated

Officer); the Trust Safeguarding Lead should always be notified of any referrals to the LADO.

The school will actively seek support from other agencies as needed (i.e. the local authority, LGfL,

UK Safer Internet Centre’s Professionals’ Online Safety Helpline (POSH), NCA CEOP, Prevent Officer, Police, IWF and Harmful Sexual Behaviour Support Service). The DfE guidance Behaviour in Schools, advice for headteachers and school staff September 2024 provides advice and related legal duties including support for pupils and powers of staff when responding to incidents – see pages 31-33 for guidance on child on child sexual violence and harassment, behaviour incidents online and mobile phones.

We will inform parents/carers of online safety incidents involving their children, and the Police where staff or pupils engage in or are subject to behaviour which we consider is particularly concerning or breaks the law.

The school should ensure all online safety reporting procedures are sustainable for any unforeseen periods of closure.

• 7.1: Sharing nudes and semi-nudes

All schools (regardless of phase) should refer to the UK Council for Internet Safety (UKCIS) guidance on sexting - now referred to as Sharing nudes and semi-nudes: advice for education settings.

There is a one-page overview called Sharing nudes and semi-nudes: how to respond to an incident for all staff (not just classroom-based staff) to read, in recognition of the fact that it is mostly someone other than the designated safeguarding lead (DSL) or online safety lead to first become aware of an incident, and it is vital that the correct steps are taken. Staff other than the DSL must not attempt to view, share or delete the image or ask anyone else to do so, but to go straight to the DSL.

It is important that everyone understands that whilst the sharing of nudes involving children is illegal, students should be encouraged and supported to talk to members of staff if they have made a mistake or had a problem in this area. The UKCIS guidance seeks to avoid unnecessary criminalisation of children. 

The school DSL will use the full guidance document, Sharing nudes and semi-nudes advice for educational settings to decide next steps and whether other agencies need to be involved (see flow chart below from the UKCIS guidance) and next steps regarding liaising with parents and supporting pupils.

The following LGfL document (available at nudes.lgfl.net) may also be helpful for DSLs in making their decision about whether to refer a concern about sharing of nudes:

 

• 7.2 Upskirting

It is important that everyone understands that upskirting (taking a photo of someone under their clothing, not necessarily a skirt) is a criminal offence and constitutes a form of sexual harassment as highlighted in Keeping Children Safe in Education. As with other forms of child-on-child abuse pupils/students can come and talk to members of staff if they have made a mistake or had a problem in this area.

• 7.3 Online Bullying

Online bullying (which is sometimes referred to as cyberbullying), including incidents that take place outside of school should be treated like any other form of bullying and the school bullying policy should be followed, . This includes issues arising from banter.

It is important to be aware that sometimes fights are being filmed, live streamed or shared online and fake profiles are used to bully children in the name of others. When considering bullying, staff will be reminded of these issues. 

Materials to support teaching about bullying and useful Department for Education guidance and case studies are at bullying.lgfl.net

• 7.4 Child on child sexual violence and sexual harassment

Any incident of sexual harassment or violence (online or offline) should be reported to the DSL who will follow our Safeguarding and Child Protection Policy in accordance with the guidance in KCSIE. Staff should work to foster a zero-tolerance culture and maintain an attitude of ‘it could happen here’. We take all forms of sexual violence and harassment seriously, explaining how it exists on a continuum and that behaviours incorrectly viewed as ‘low level’ are treated seriously and not allowed to perpetuate. The document makes specific reference to behaviours such as brastrap flicking and the careless use of language. One member of our school safeguarding team, either the DSL or a DDSL has completed specific training in Harmful Sexual Behaviour and they will be involved in assessing any incidents which occur in our school.

• 7.5 Misuse of school technology; devices, systems, networks and platforms

Clear and well communicated rules and procedures are essential to govern pupil and adult use of school networks, connections, internet connectivity and devices, cloud platforms and social media (both when on school site and outside of school).

These are defined in the relevant Acceptable Use Policy as well as in this document, for example in the sections relating to the professional and personal use of school platforms/networks/clouds, devices and other technology, as well as to BYOD (bring your own device) policy. 

Where pupils contravene these rules, the school behaviour policy will be applied; where staff contravene these rules, action will be taken as outlined in the staff code of conduct/handbook.It will be necessary to reinforce these as usual at the beginning of any school year but also to remind pupils that the same applies for any home learning that may take place.

Further to these steps, the school reserves the right to withdraw – temporarily or permanently – any or all access to such technology, or the right to bring devices onto school property.

7.6 Incidents involving use of social media

Social media incidents involving pupils are often safeguarding concerns and should be treated as such and staff should follow the safeguarding policy. Other policies that govern these types of incidents are the school’s Acceptable Use Policies/social media policy/online safety.

Breaches will be dealt with in line with the school behaviour policy (for pupils) or code of conduct/handbook (for staff). See the social media section later in this document for rules and expectations of behaviour for children and adults in the Calverley C of E community. 

Further to this, where an incident relates to an inappropriate, upsetting, violent or abusive social media post by a member of the school community (e.g. parent or visitor), Calverley C of E will request that the post be deleted and will expect this to be actioned promptly.

Where an offending post has been made by a third party, the school may report it to the platform it is hosted on, and may contact the Professionals’ Online Safety Helpline, POSH, (run by the UK Safer Internet Centre) for support or help to accelerate this process.

 

Section 8: Use of CCTV

Closed Circuit Television (CCTV) is installed at the rear of the school, overlooking the all-weather pitch. The system was introduced in response to repeated incursions by groups of youths during evenings and weekends, which resulted in minor vandalism and damage to school property. The purpose of the CCTV system is to enhance site security, protect the school community and its assets, and deter anti-social behaviour.

The use of CCTV in our school is guided by the principles of the Data Protection Act 2018 and the UK GDPR, ensuring that the rights to privacy and dignity of individuals are fully respected. Cameras are positioned only in areas where there is a legitimate need for monitoring and never in spaces where individuals would reasonably expect privacy. The system is not used for routine monitoring of staff or pupils, and all footage is handled in a way that upholds confidentiality and fairness.

CCTV footage is stored securely on a password-protected server located within the school. Access to the footage is strictly limited to authorised personnel — specifically, the Site Manager, Deputy Headteacher, and Headteacher. Images are automatically deleted after 31 days, in line with statutory guidance and best practice for data retention, unless they are required as evidence in an ongoing investigation.

The school community is made fully aware of the use of CCTV. Clear signage is displayed around the premises to inform staff, pupils, parents, and visitors that CCTV is in operation. Information about the use and purpose of CCTV is also shared through the school’s privacy notice and communication channels, ensuring transparency and implied consent through continued use of the site.

Section 9: Extremism and radicalisation

Our school has obligations relating to radicalisation and all forms of extremism under the Prevent Duty. Staff will not support or promote extremist organisations, messages or individuals, give them a voice or opportunity to visit the school, nor browse, download or send material that is considered offensive or of an extremist nature. We ask for parents’ support in this also, especially relating to social media, where extremism and hate speech can be widespread on certain platforms.

Section 10: Data protection and cyber security

All pupils, staff, LAC members, volunteers, contractors and parents are bound by the Trust’s data protection and cyber security policy. It is important to remember that there is a close relationship between both data protection and cyber security and a school’s ability to effectively safeguard children. Schools are reminded of this in KCSIE which also refers to the DfE Standards of Cyber Security for Schools and Colleges.

Schools should remember that data protection does not prevent, or limit, the sharing of information for the purposes of keeping children safe. As outlined in Data protection in schools, 2023, “It’s not usually necessary to ask for consent to share personal information for the purposes of safeguarding a child.” And in KCSIE 2024, “The Data Protection Act 2018 and UK GDPR do not prevent the sharing of information for the purposes of keeping children safe. Fears about sharing information must not be allowed to stand in the way of the need to safeguard children at risk of abuse or neglect.

Section 11: Filtering and monitoring

The designated safeguarding lead has lead responsibility for filtering and monitoring and works closely with Turn it on (Matt Bevan) to implement the DfE filtering and monitoring standards, which require schools to:

  • identify and assign roles and responsibilities to manage filtering and monitoring systems.
  • review filtering and monitoring provision at least annually.
  • block harmful and inappropriate content without unreasonably impacting teaching and learning.
  • have effective monitoring strategies in place that meet their safeguarding needs.

We provide appropriate filtering and monitoring (as outlined in Keeping Children Safe in Education) at all times. 

We ensure all staff are aware of filtering and monitoring systems and play their part in feeding back about areas of concern, potential for students to bypass systems and any potential over blocking. They can submit concerns at any point via the headteacher and Turn it on and will be asked for feedback at the time of the regular checks which will now take place. [guidance on the standards and on checks versus review at safefiltering.lgfl.net ]

Technical and safeguarding colleagues work together closely to carry out annual reviews and check and also to ensure that the school responds to issues and integrates with the curriculum.

We carry out checks to ensure all systems are in operation, functioning as expected, etc and an annual review as part of an online safety audit of strategy, approach etc.

Safe Search is enforced on any accessible search engines on all devices [ Surf Protect]. 

Out of hours, our policies are: - we do not send any devices home with students

Staff will be reminded of the systems in place and their responsibilities at induction and start of year safeguarding as well as via AUPs and regular training reminders in the light of the annual review and regular checks that will be carried out.

The DSL checks filtering reports and notifications and takes any necessary action as a result. 

DDAT’s recommended process for recording concerns identified through monitoring processes:

      1. When no concerns have been identified – keep email/report as evidence of the process.
      2. Concerning search identified, but after investigation, concerns are unfounded/search is within the context of the lesson – keep email/alert as evidence of the process and record/store as ‘no concern’.
      3. Concerning search identified, which on investigation indicates a pastoral support need – refer to most appropriate member of staff to follow up with the pupil and record as actioned.
      4. Concerning search identified, which was assessed as being a safeguarding concern- log as an incident on CPOMS/My Concern and follow standard safeguarding procedures.

According to the DfE standards, “a variety of monitoring strategies may be required to minimise safeguarding risks on internet connected devices and may include:       

At Calverley C of E we use 

    • Physical monitoring by staff watching screens of users
    • network monitoring using log files of internet traffic and web access 
    • individual device monitoring through software or third-party services 

Section 12: Messaging and commenting

• Pupils at this school communicate with each other and with staff using email, MSOffice Forms,  and Scratch. Email is used internally by pupils to each other.

  • Staff at this school use the email system provided by Microsoft (Outlook) and Arbor for all school emails. They never use a personal/private email account (or other messaging platform) to communicate with children or parents, or to colleagues when relating to school/child data, using a non-school-administered system.
  • Staff at this school use MSOutlook, MSTeams, Whatsap (school messages between staff) and Arbor (which is used for email, SMS communications with parents)  
  • Any systems above are centrally managed and administered by the school or authorised IT partner

(i.e. they can be monitored/audited/viewed centrally; are not private or linked to private accounts). This is for the mutual protection and privacy of all staff, pupils and parents, supporting safeguarding best-practice, protecting children against abuse, staff against potential allegations and in line with UK data protection legislation.

Use of any new platform or app with communication facilities or any child login or storing school/child data must be approved in advance by the school and centrally managed.

Any unauthorised attempt to use a different system may be a safeguarding concern or disciplinary matter and should be notified to the DSL (if by a child) or to the Headteacher (if by a staff member).

Where devices have multiple accounts for the same app, mistakes can happen, such as an email being sent from, or data being uploaded to the wrong account. If this a private account is used for communication or to store data by mistake, the DSL/Headteacher/DPO (the particular circumstances of the incident will determine whose remit this is) should be informed immediately. 

Section 13: Behaviour principles

  • More detail for all the points below are given school’s Acceptable Use Agreements, Behaviour

Policy and Staff Code of Conduct. Appropriate behaviour is expected at all times, and the system should not be used to send inappropriate materials or language which is or could be construed as bullying, aggressive, rude, insulting, illegal or otherwise inappropriate, or which (for staff) might bring the school into disrepute or compromise the professionalism of staff. 

  • Data protection principles will be followed at all times when it comes to all school communications, in line with the Trust Data Protection Policy and only using the authorised systems mentioned above.

Pupils and staff are allowed to use the email system for reasonable (not excessive, not during lessons) personal use but should be aware that all use is monitored, their emails may be read and the same rules of appropriate behaviour apply at all times. Emails using inappropriate language, images, malware or to adult sites may be blocked and not arrive at their intended destination (and will be dealt with according to the appropriate policy and procedure).

Section 14: Online storage and learning platforms

All the principles outlined above also apply to any system to which you log in online to conduct school business, whether it is to simply store files or data (an online ‘drive’) or collaborate, learn, teach, etc. In Calverley C of E this includes Sharepoint, CPOMS, Arbor, Insight, local school work

For all these, it is important to consider data protection and cyber security before adopting such a platform or service and at all times when using it. Any new platforms will be approved by the headteacher and school governors.

Section 15: School websites

Our school website is a key public-facing information portal for the school community (both existing and prospective stakeholders) with a key reputational value. The Headteacher/SBM have delegated the day-to-day responsibility of updating the content of the website and ensuring compliance with DfE stipulations to ICT Lead and Governor with responsibility for the Web site.  

Where staff submit information for the website, they are asked to remember that schools have the same duty as any person or organisation to respect and uphold copyright law – schools have been fined thousands of pounds for copyright breaches. Sources must always be credited, and material only used with permission. There are many open-access libraries of public-domain images/sounds etc that can be used. Finding something on Google or YouTube does not mean that copyright has been respected.

Section 16: Digital images and video

When a pupil/student joins the school, parents/carers are asked if they give consent for their child’s image to be captured in photographs or videos, for what purpose (beyond internal assessment, which does not require express consent) and for how long. Parents answer as follows:

Photograph Student - For use in school publications /news / promo materials

Photograph Student - For use in school website

Photograph Student – Internal use in school

Photograph Student – School Social Media

Whenever a photo or video is taken/made, the member of staff taking it will check the latest database before using it for any purpose.

Any pupils shown in public facing materials are never identified with more than first name (and photo file names/tags do not include full names to avoid accidentally sharing them).

All staff are governed by their contract of employment and the school’s Acceptable Use Policy, which covers the use of mobile phones/personal equipment for taking pictures of pupils, and where these are stored. At Calverley C of E if on rare occasions (such as when other devices are unavailable) it is deemed appropriate for staff to use their personal phone to capture photos or videos, they would be uploaded to the secure Sharepoint site and then photos/videos immediately deleted from their personal phone.

Photos are stored on the Web-site platform and Share point sites for Calverley C of E in line with the retention schedule of the school Data Protection Policy. The ICT leader and Headteacher is responsible for checking images/video on all school devices termly. Any concerns about the nature of these images will be reported to the DSL.

Staff and parents are reminded about the importance of not sharing images on social media or otherwise without permission, due to reasons of child protection (e.g. children who are looked after by the local authority may have restrictions in place for their own protection), data protection, religious or cultural reasons, or simply for reasons of personal privacy. [ A sample letter to parents for taking photos or videos at school events can be found at saferesources.lgfl.net ]

We encourage young people to think about their online reputation and digital footprint, so we should be good adult role models by not oversharing (or providing embarrassment in later life – and it is not for us to judge what is embarrassing or not).

Pupils are taught about how images can be manipulated in their online safety education programme and taught to consider how to publish for a wide range of audiences which might include governors, parents or younger children.

Pupils are advised to be very careful about placing any personal photos on social media. They are taught to understand the need to maintain privacy settings so as not to make public, personal information.

Pupils are taught that they should not post images or videos of others without their permission. We teach them about the risks associated with providing information with images (including the name of the file), that reveals the identity of others and their location. We teach them about the need to keep their data secure and what to do if they / or a friend are subject to bullying or abuse.

Section 17: Social media

17.1 Our school’s social media presence

Calverley C of E works on the principle that if we don’t manage our social media reputation, someone else will.

Online Reputation Management (ORM) is about understanding and managing our digital footprint (everything that can be seen or read about the school online). Few parents will apply for a school place without first Googling the school, and the Ofsted pre-inspection check includes monitoring what is being said online.

Negative coverage almost always causes some level of disruption. Up to half of all cases dealt with by the Professionals Online Safety Helpline (POSH: [email protected]) involve schools’ (and staff members’) online reputation.

Accordingly, we manage and monitor our social media footprint carefully to know what is being said about the school and to respond to criticism and praise in a fair, responsible manner

The Headteacher is ultimately responsible for managing our Facebook and other social media accounts and checking our Wikipedia and Google reviews and other mentions online. 

17.2: Staff, pupil and parent social media presence

Social media (including all apps, sites and games that allow sharing and interaction between users) is a fact of modern life, and as a school, we accept that many parents, staff and pupils will use it. However, as stated in our Acceptable Use Policy and Staff Code of Conduct which all members of the school community sign, we expect everybody to behave in a positive manner, engaging respectfully with the school and each other on social media, in the same way as they would face to face.

This positive behaviour can be summarised as not making any posts which are or could be construed as bullying, aggressive, rude, insulting, illegal or otherwise inappropriate, or which might bring the school or (particularly for staff) teaching profession into disrepute. This applies both to public pages and to private posts, e.g. parent chats, pages or groups.

If parents have a concern about the school, we urge them to contact us directly and in private to resolve the matter. If an issue cannot be resolved in this way, the school complaints procedure be followed. Sharing complaints on social media is unlikely to help resolve the matter, but can cause upset to staff, pupils and parents, also undermining staff morale and the reputation of the school (which is important for the pupils we serve).

Many social media platforms have a minimum age of 13 but as previously detailed, many schools regularly deal with issues arising on social media involving pupils/students under the age of 13. We ask parents to respect age ratings on social media platforms wherever possible and not encourage or condone underage use. 

However, the school must strike a difficult balance of not encouraging underage use at the same time as needing to acknowledge reality in order to best help our pupils/students to avoid or cope with issues if they arise. Online safety lessons will look at social media and other online behaviour, how to be a good friend online and how to report bullying, misuse, intimidation or abuse. However, children will often learn most from the models of behaviour they see and experience, which will often be from adults.

Parents can best support this by talking to their children about the apps, sites and games they use (you don’t need to know them – ask your child to explain it to you), with whom, for how long, and when (late at night / in bedrooms is not helpful for a good night’s sleep and productive teaching and learning at school the next day). You may wish to refer to the Digital Family Agreement to help establish shared expectations and the Top Tips for Parents poster along with relevant items and support available from parentsafe.lgfl.net and introduce the Children’s Commission Digital 5 A Day.

Although the school has an official Facebook account and will respond to general enquiries about the school, it asks parents/carers not to use these channels, especially not to communicate about their children. 

Email is the official electronic communication channel between parents and the school. Social media, including chat apps such as WhatsApp, are not appropriate for school use.

As outlined in the Acceptable Use Policy, pupils/students are not allowed* to be ‘friends’ with or make a friend request** to any staff, LAC members, volunteers and contractors or otherwise communicate via social media.

Pupils/students are discouraged from ‘following’ staff, LAC members, volunteer or contractor public accounts (e.g. following a staff member with a public Instagram account) as laid out in the AUPs. However, we accept that this can be hard to control (but this highlights the need for staff to remain professional in their private lives). In the reverse situation, however, staff must not follow such public student accounts.

* Exceptions may be made, e.g. for pre-existing family links, but these must be approved by the Headteacher/Principal and should be declared upon entry of the pupil or staff member to the school).

** Any attempt to do so may be a safeguarding concern or disciplinary matter and should be notified to the DSL (if by a child) or to the Headteacher (if by a staff member).

Staff are reminded that they are obliged not to bring the school or profession into disrepute and the easiest way to avoid this is to have the strictest privacy settings and avoid inappropriate sharing and oversharing online. They should never discuss the school or its stakeholders on social media and be careful that their personal opinions might not be attributed to the school, trust or local authority, bringing the school into disrepute.

The serious consequences of inappropriate behaviour on social media are underlined by the fact that there has been a considerable number of Prohibition Orders issued by the Teacher Regulation Agency to teaching staff that involved misuse of social media/technology.

All members of the school community are reminded that particularly in the context of social media, it is important to comply with the school policy on Social Media and permission is sought before uploading photographs, videos or any other information about other people. Parents must not covertly film or make recordings of any interactions with pupils or adults in schools or near the school gates, nor share images of other people’s children on social media as there may be cultural or legal reasons why this would be inappropriate or even dangerous (see nofilming.lgfl.net for more information). The school sometimes uses images/video of children for internal purposes such as recording attainment, but it will only do so publicly if parents have given consent on the relevant form

Section 18: Device usage

AUPs remind those with access to school devices about rules on the misuse of school technology – devices used at home should be used just like if they were in full view of a teacher or colleague. Please read the following in conjunction with those AUPs and the sections of this document which impact upon device usage, e.g. copyright, data protection, social media, misuse of technology, and digital images and video.

18.1 Personal devices including wearable technology and bring your own device (BYOD)

  • Pupils/students in Y6 are allowed to bring mobile phones in for emergency use only and will be stored during the day and be returned at home time. During lessons, phones must remain turned off at all times. Any attempt to use a phone in lessons without permission or to take illicit photographs or videos will lead sanctions in line with our behaviour policy and the withdrawal of mobile privileges. Important messages and phone calls to or from parents can be made at the school office, which will also pass on messages from parents to pupils in emergencies. Our approach to pupils using mobile phones is in line with DfE, Mobile Phone Guidance
  • All staff who work directly with children should leave their mobile phones on silent and only use them in private staff areas during school hours. See also the ‘Digital images and video’ section of this document and the school data protection cyber security policies. Child/staff data should never be downloaded onto a private phone. If a staff member is expecting an important personal call when teaching or otherwise on duty, they may leave their phone with the school office to answer on their behalf or ask for the message to be left with the school office. 
  • Some pupils may require access to a mobile phone during the school day to monitor and manage a medical device, such as a diabetes pump. In these cases, the phone is treated strictly as a medical aid. Access is permitted only for health-related monitoring as agreed in the pupil’s healthcare plan. Staff will support pupils to use the device responsibly, ensuring safety, privacy and minimal disruption to learning. The phone will not be used for calls, messaging, internet browsing or social media. Any concerns about misuse will be addressed promptly with parents and reviewed as part of the child’s care arrangements.
  • Volunteers, contractors, governors should leave their phones in their pockets and turned off. Under no circumstances should they be used in the presence of children or to take photographs or videos. If this is required (e.g. for contractors to take photos of equipment or buildings), permission of the headteacher should be sought (the headteacher may choose to delegate this) and this should be done in the presence of a member staff.
  • Parents are asked to leave their phones in their pockets and turned off when they are on site. They should ask permission before taking any photos, e.g. of displays in corridors or classrooms, and avoid capturing other children. Please see the Digital images and video section of this document for more information about filming and photography at school events. Parents are asked not to call pupils on their mobile phones during the school day; urgent messages can be passed via the school office.
  • Where BYOD is allowed, neither staff nor students are allowed to use a mobile hotspot to provide internet to the device as this would potentially bypass filtering in contravention of AUPs.

18.2 Use of school devices

 

Staff and pupils are expected to follow the terms of the school acceptable use policies for appropriate use and behaviour when on school devices, whether on site or at home.

School devices are not to be used in any way which contravenes AUPs, behaviour policy / staff code of conduct.

Wi-Fi is accessible to all staff for school-related internet use / limited personal use within the framework of the acceptable use policy. All such use is monitored.

School devices for staff or students are restricted to the apps/software installed by the school, whether for use at home or school, and may be used for learning and reasonable as well as appropriate personal use.

All and any usage of devices and/or systems and platforms may be tracked. 

18.3 Devices used on trips and events away from school

For school trips/events away from school, teachers will be issued a school duty phone and this number used for any authorised or emergency communications with pupils/students and parents. Any deviation from this policy (e.g. by mistake or because the school phone will not work) will be notified immediately to the Headteacher. Teachers using their personal phone in an emergency will ensure that the number is hidden to avoid a parent or student accessing a teacher’s private phone number.

If on trips pupils are encouraged to connect to another organisation’s Wi-Fi___33/network, staff must be aware that other connections may not be as well controlled (e.g. via filtering and monitoring) as the network and systems in school and therefore staff are responsible for risk assessing and managing such situations. Staff should seek advice from the DSL where necessary.

Section 19: Searching and confiscation

In line with the DfE guidance ‘Searching, screening and confiscation: advice for schools, the Headteacher and staff authorised by them have a statutory power to search pupils/property on school premises. This includes the content of mobile phones and other devices, for example as a result of a reasonable suspicion that a device contains illegal or undesirable material, including but not exclusive to sexual images, pornography, violence or bullying.          

Appendix A:

All staff should sign and follow the staff acceptable use policy in conjunction with this policy, the school’s main safeguarding policy, the code of conduct/handbook and relevant parts of Keeping Children Safe in Education to support a whole-school safeguarding approach.

They must report any concerns, no matter how small, to the designated safety lead as named in the AUP, maintaining an awareness of current online safety issues (see the start of this document for issues in 2024) and guidance (such as KCSIE), modelling safe, responsible and professional behaviours in their own use of technology at school and beyond and avoiding scaring, victimblaming language.

Staff should also be aware of the DfE standards for filtering and monitoring and play their part in feeding back to the DSL about overblocking, gaps in provision or pupils bypassing protections. All staff are also responsible for the physical monitoring of pupils’ online devices during any session/class they are working within.

The Headteacher/HOS should seek to foster a culture of safeguarding where online safety is fully integrated into whole-school safeguarding:

  • Oversee and support the activities of the designated safeguarding lead team and ensure they work technical colleagues to complete an online safety audit in line with KCSIE (including technology in use in the school) – [ see LGfL’s template with suggested questions at onlinesafetyaudit.lgfl.net
  • Undertake training in offline and online safeguarding, in accordance with statutory guidance and Local Safeguarding Children Partnership support and guidance.
  • Ensure ALL staff undergo safeguarding training (including online safety) at induction and with regular updates and that they agree and adhere to policies and procedures.
  • Ensure ALL governors undergo safeguarding and child protection training and updates (including online safety) to provide strategic challenge and oversight into policy and practice and that governors are regularly updated on the nature and effectiveness of the school’s arrangements [ LGfL’s Safeguarding Training for School Governors is free to all governors at safetraining.lgfl.net ]
  • Ensure the school implements and makes effective use of appropriate ICT systems and services including school-safe filtering and monitoring, protected email systems and that all technology including remote systems are implemented according to child-safety first principles.
  • Better understand, review and drive the rationale behind decisions in filtering and monitoring as per the DfE standards—through regular liaison with technical colleagues and the DSL– understand what is blocked or allowed for whom, when, and how as per KCSIE. [ LGfL’s Safeguarding Shorts: Filtering for DSLs and SLT twilight provides an overview ]
  • Liaise with the designated safeguarding lead on all online safety issues which might arise and receive regular updates on school issues and broader policy and practice information.
  • Support safeguarding leads and technical staff as they review protections for pupils in the home and remote-learning procedures, rules and safeguards [ see remotesafe.lgfl.net ].

Take overall responsibility for data management and information security ensuring the school’s provision follows best practice in information handling; work with the DPO, DSL and governors to ensure a compliant framework for storing data, but helping to ensure that child protection is always put first and data-protection processes support careful and legal sharing of information.

  • Understand and make all staff aware of procedures to be followed in the event of a serious online safeguarding incident.
  • Ensure suitable risk assessments are undertaken so the curriculum meets needs of pupils, including risk of children being radicalised.
  • Ensure the school website meets statutory requirements [ websiterag.lgfl.net can help you with this ].

The Designated Safeguarding Lead (DSL) should “take lead responsibility for safeguarding and child protection (including online safety and understanding the filtering and monitoring systems and processes. 

Remember the DSL can delegate certain online safety duties but not the overall responsibility; this assertion and all quotes below are from Keeping Children Safe in Education): 

  • Ensure “An effective whole school approach to online safety as per KCSIE.
  • Ensure the school is complying with the DfE’s standards on Filtering and Monitoring. [ LGfL’s Safeguarding Shorts: Filtering for DSLs and SLT twilight provides a quick overview and there is lots of information for DSLs at safefiltering.lgfl.net and appropriate.lgfl.net ].
  • As part of this, DSLs will work with technical teams to carry out reviews and checks on filtering and monitoring, to compile the relevant documentation and ensure that safeguarding and technology work together. This will include a decision on relevant YouTube mode and preferred search engine/s etc.
  • Where online safety duties are delegated and in areas of the curriculum where the DSL is not directly responsible, but which cover areas of online safety (e.g. RSHE), ensure there is regular review and open communication and that the DSL’s clear overarching responsibility for online safety is not compromised or messaging to pupils confused.
  • Ensure ALL staff and supply staff undergo safeguarding and child protection training (including online safety) at induction and that this is regularly updated.
      • This must include filtering and monitoring and help them to understand their roles.
      • All staff must read KCSIE Part 1 and all those working with children also Annex B – translations are available in 13 community languages at kcsietranslate.lgfl.net (the condensed Annex A can be provided instead to staff who do not directly work with children if this is better)
      • Cascade knowledge of risks and opportunities throughout the organisation.
  • Ensure that ALL governors and trustees undergo safeguarding and child protection training (including online safety) at induction to enable them to provide strategic challenge and oversight into policy and practice and that this is regularly updated –[ LGfL’s Safeguarding Training for school governors is free to all governors at safetraining.lgfl.net ]. 
  • Take day-to-day responsibility for safeguarding issues and be aware of the potential for serious child protection concerns.

Be mindful of using appropriate language and terminology around children when managing concerns, including avoiding victim-blaming language [ see spotlight.lgfl.net for a CPD resource to use with staff and saferesources.lgfl.net for further support].

  • Remind staff of safeguarding considerations as part of a review of remote learning procedures and technology, including that the same principles of online safety and behaviour apply.
  • Work closely with SLT, staff and technical colleagues to complete an online safety audit (including technology in use in the school) – [see LGfL’s template with questions to use at onlinesafetyaudit.lgfl.net ]. 
  • Work with the headteacher, DPO and governors to ensure a compliant framework for storing data but helping to ensure that child protection is always put first, and data-protection processes support careful and legal sharing of information.
  • Stay up to date with the latest trends in online safeguarding and “undertake Prevent awareness training.” [ see safetraining.lgfl.net and prevent.lgfl.net ].
  • Review and update this policy, other online safety documents (e.g. Acceptable Use Policies) and the strategy on which they are based (in harmony with policies for behaviour, safeguarding, Prevent and others) and submit for review to the governors/trustees.
  • Receive regular updates about online safety issues and legislation, be aware of local and school trends [ for examples or sign up to the LGfL safeguarding newsletter ].
  • Ensure that online safety education is embedded across the curriculum in line with the statutory RSHE guidance (e.g. by use of the updated UKCIS framework ‘Education for a Connected World 2020 edition) and beyond, in wider school life.
  • Promote an awareness of and commitment to online safety throughout the school community, with a strong focus on parents, including hard-to-reach parents [ dedicated resources at parentsafe.lgfl.net ].
  • Communicate regularly with SLT and the safeguarding governor/committee to discuss current issues (anonymised), review incident logs and filtering/change control logs and discuss how filtering and monitoring work and have been functioning/helping.
  • Ensure all staff are aware of the procedures that need to be followed in the event of an online safety incident, and that these are logged in the same way as any other safeguarding incident.
  • Ensure adequate provision for staff to flag issues when not in school and for pupils to disclose issues when off site, especially when in isolation/quarantine, e.g. a survey to facilitate disclosures and an online form on the school home page about ‘something that worrying me’ that gets mailed securely to the DSL inbox.
  • Ensure staff adopt a zero-tolerance, whole school approach to all forms of child-on-child abuse, and don’t dismiss it as banter (including bullying).
  • Pay particular attention to online tutors, both those engaged by the school as part of the DfE scheme who can be asked to sign the contractor AUP, [ template you can use at safepolicies.lgl.net with provisions ] and those hired by parents. [ share the Online Tutors Keeping Children Safe poster at parentsafe.lgfl.net to remind parents of key safeguarding principles ].

 

The Local Academy Committee, led by Safeguarding Link LAC Member Key responsibilities (quotes are taken from Keeping Children Safe in Education) should:

Approve this policy and strategy and subsequently review its effectiveness, e.g. by asking the questions in the helpful document from the UK Council for Child Internet Safety (UKCIS) Online safety in schools and colleges: Questions from the Governing Board .

  • Undergo (and signpost all other governors and Trustees to attend) safeguarding and child protection training (including online safety) at induction to provide strategic challenge and into policy and practice, ensuring this is regularly updated – [ LGfL’s Safeguarding Training for school governors is free to all governors at safetraining.lgfl.net ] .
  • Ensure that all staff also receive appropriate safeguarding and child protection (including online) training at induction and that this is updated.
  • Appoint a filtering and monitoring governor to work closely with the DSL on the new filtering and monitoring standards [ there is guidance for governors at safefiltering.lgfl.net ].
  • Support the school in encouraging parents and the wider community to become engaged in online safety activities.
  • Have regular strategic reviews with the online safety coordinator / DSL and incorporate online safety into standing discussions of safeguarding at governor meetings.
  • Work with the DPO, DSL and headteacher to ensure a compliant framework for storing data but helping to ensure that child protection is always put first, and data-protection processes support careful and legal sharing of information.
  • Check all school staff have read Part 1 of KCSIE; SLT and all working directly with children have read Annex B.
  • Ensure that all staff undergo safeguarding and child protection training (including online safety and now also reminders about filtering and monitoring.
  • “Ensure that children are taught about safeguarding, including online safety […] as part of providing a broad and balanced curriculum […] Consider a whole school or college approach to online safety [with] a clear policy on the use of mobile technology.” [ NB – you may wish to refer to ‘Teaching Online Safety in Schools’ and investigate/adopt the UKCIS cross-curricular framework ‘Education for a Connected World – 2020 edition’ to support a whole-school approach].

PSHE/RSHE Lead(s) should:

  • As listed in the ‘all staff’ section, plus:
  • Embed consent, mental wellbeing, healthy relationships and staying safe online as well as raising awareness of the risks and challenges from latest trends in self-generative artificial intelligence, financial extortion and sharing intimate pictures online into the PSHE / Relationships education, relationships and sex education (RSE) and health education curriculum. “This will include being taught what positive, healthy and respectful online relationships look like, the effects of their online actions on others and knowing how to recognise and display respectful behaviour online. Throughout these subjects, teachers will address online safety and appropriate behaviour in an age-appropriate way that is relevant to their pupils’ lives.” [ training is available at safetraining.lgfl.net ].
  • Focus on the underpinning knowledge and behaviours outlined in Teaching Online Safety in Schools in an age appropriate way to help pupils to navigate the online world safely and confidently regardless of their device, platform or app.

Assess teaching to “identify where pupils need extra support or intervention [through] tests, written assignments or self-evaluations, to capture progress” – [ see LGfL’s SafeSkills Online Safety Quiz and diagnostic teaching tool at safeskillsinfo.lgfl.net ] to complement the computing curriculum,.

  • Work closely with the DSL/OSL and all other staff to ensure an understanding of the issues, approaches and messaging within PSHE / RSHE.
  • Note that an RSHE policy should be included on the school website.
  • Work closely with the Computing subject leader to avoid overlap but ensure a complementary whole-school approach, and with all other lead staff to embed the same whole-school approach.

The Computing Lead should:

  • As listed in the ‘all staff’ section, plus:
  • Oversee the delivery of the online safety element of the Computing curriculum in accordance with the national curriculum.
  • Work closely with the RSHE lead to avoid overlap but ensure a complementary whole-school approach.
  • Work closely with the DSL/OSL and all other staff to ensure an understanding of the issues, approaches and messaging within Computing.
  • Collaborate with technical staff and others responsible for ICT use in school to ensure a common and consistent approach, in line with acceptable-use agreements.

Subject Leaders should:

  • As listed in the ‘all staff’ section, plus:
  • Look for opportunities to embed online safety in your subject or aspect, especially as part of the RSHE curriculum, and model positive attitudes and approaches to staff and pupils alike.
  • Consider how the UKCIS framework Education for a Connected World and Teaching Online Safety in Schools can be applied in your context.
  • Work closely with the DSL/OSL and all other staff to ensure an understanding of the issues, approaches and messaging within Computing.
  • Ensure subject specific action plans also have an online safety element.

Network Managers/staff in technical support roles should:

  • As listed in the ‘all staff’ section, plus:
  • Collaborate regularly with the DSL and leadership team to help them make key strategic decisions around the safeguarding elements of technology. 
  • Support safeguarding teams to understand and manage filtering and monitoring systems and carry out regular reviews and annual checks [e.g. schoolprotect.lgfl.net and monitoring.lgfl.net. There is a free template available for filtering checks here- safefiltering.lgfl.net ].

Support DSLs and SLT to carry out an annual online safety audit as recommended in KCSIE. [ LGfL has a free template you can use at https://onlinesafetyaudit.lgfl.net ] This should also include a review of technology, including filtering and monitoring systems (what is allowed, blocked and why and how ‘over blocking’ is avoided as per KCSIE) to support their role as per the DfE standards, [ we recommend you signpost them to LGfL’s Safeguarding Shorts: Filtering for DSLs and SLT which provides a quick overview to help build their understanding ] protections for pupils in the home [e.g. LGfL HomeProtect filtering for the home – https://homeprotect.lgfl.net ] and remote-learning. [ see remotesafe.lgfl.net for guidance ].

  • Keep up to date with the school’s online safety policy and technical information in order to effectively carry out their online safety role and to inform and update others as relevant.
  • Work closely with the designated safeguarding lead / online safety lead / data protection officer / LGfL nominated contact / RSHE lead to ensure that school systems and networks reflect school policy and there are no conflicts between educational messages and practice.
  • Ensure the above stakeholders understand the consequences of existing services and of any changes to these systems (especially in terms of access to personal and sensitive records / data and to systems such as YouTube mode, web filtering settings, sharing permissions for files on cloud platforms etc.

Ensure filtering and monitoring systems work on new devices and services before releasing them to students and staff.

  • Maintain up-to-date documentation of the school’s online security and technical procedures. ● To report online safety related issues that come to their attention in line with school policy.
  • Manage the school’s systems, networks and devices, according to a strict password policy, with systems in place for detection of misuse and malicious attack, with adequate protection, encryption and backup for data, including disaster recovery plans, and auditable access controls. 
  • Ensure the data protection policy and cyber security policy are up to date, easy to follow and practicable
  • Monitor the use of school technology, online platforms and social media and that any misuse/attempted misuse is identified and reported in line with school policy.
  • Work with the Headteacher to ensure the school website meets statutory DfE requirements [ see website audit tool at websiterag.lgfl.net / this may well be part of someone else’s role, but the technical team is likely to play at least some role in working with the web team – move this bullet point as appropriate ].

Data Protection Officers (DPO) should:

    • Alongside those of other staff, provide data protection expertise and training and support in accordance with ensuring compliance.
    • Not prevent, or limit, the sharing of information for the purposes of keeping children safe. As outlined in Data protection in schools, “It’s not usually necessary to ask for consent to share personal information for the purposes of safeguarding a child.” And in KCSIE, “The Data Protection Act 2018 and UK GDPR do not prevent the sharing of information for the purposes of keeping children safe. Fears about sharing information must not be allowed to stand in the way of the need to safeguard and promote the welfare and protect the safety of children.” 
    • Note that retention schedules for safeguarding records may be required to be set as ‘Very long-term need (until pupil is aged 25 or older)’. However, some local authorities require record retention until 25 for all pupil records. You should check the requirements in your area.
    • Ensure that all access to safeguarding data is limited as appropriate, monitored and audited.

Volunteers and contractors should:

  • Read, understand, sign and adhere to an Acceptable Use Policy (AUP)
  • Report any concerns, no matter how small, to the designated safety lead. 
  • Maintain an awareness of current online safety issues and guidance. 
  • Model safe, responsible and professional behaviours in their own use of technology at school and as part of remote teaching or any online communications.
  • Note that as per AUP agreement a contractor will never attempt to arrange any meeting, including tutoring session, without the full prior knowledge and approval of the school, and will never do so directly with a pupil. The same applies to any private/direct communication with a pupil.

Pupils should:

• Read, understand, sign and adhere to the student/pupil acceptable use policy. 

Parents should:

  • Read, sign and adhere to the school’s parental acceptable use policy (AUP), read the pupil AUP and encourage their children to follow it.
  • Read and adhere to the school Parent Code of Conduct.

External groups such as those hiring premises and PTAs should:

  • Sign an acceptable use policy prior to using technology or the internet within school. 
  • Support the school in promoting online safety and data protection.
  • Model safe, responsible, respectful and positive behaviours in their own use of technology, including on social media: not sharing other’s images or details without permission and refraining from posting negative, threatening or violent comments about others, including the school staff, volunteers, governors, contractors, pupils or other parents/carers.