1.6 Online safety (including mobile phones and cameras)


Policy statement


We take steps to ensure that there are effective procedures in place to protect children, young people and vulnerable adults from the unacceptable use of Information Communication Technology (ICT) equipment or exposure to inappropriate materials in the setting.




  • Our designated persons responsible for co-ordinating action taken to protect children is:

1st - Clare Worlin.  1st Deputy – Cheryl Beisly. 


Information Communication Technology (ICT) equipment

  • Only ICT equipment belonging to the setting is used by staff and children.

  • The designated persons are responsible for ensuring all ICT equipment is safe and fit for purpose.

  • All computers have virus protection installed.

  • The designated persons ensure that safety settings are set to ensure that inappropriate material cannot be accessed.

  • Any memory stick or laptop used with the pre-school are password protected and this password is only known by the manager, deputy manager and administrator.  This  is changed termly.

  • The pre-school iPad are password protected and are logged out when not in use.


The Designated Person for Safeguarding will ensure:


  • Day to day responsibility for online safety issues and will have a leading role in implementing, monitoring and reviewing this Policy.

  • All ICT users are made aware of the procedures that must be followed should a potentially unsafe or inappropriate online incident take place.

  • Recording, reporting, monitoring and filing of reports should a potentially unsafe or inappropriate online incident occur. This must include the creation of an incident log to be used to inform future online safety practice.

  • All necessary actions are taken to minimise the risk of any identified unsafe or inappropriate online incidents reoccurring.

  • Regular meetings take place with the registered person and/or managers to discuss current issues and review incident reports.

  • Effective training and online safety advice is delivered and available to all early years managers and practitioners, including advisory support to children, young people, parents and carers as necessary.

  • Liaison, where appropriate, with other agencies in respect of current online safety practices and the reporting and management of significant incidents.


Managing online access


Password security

  • Maintaining password security is an essential requirement for early years managers and practitioners particularly where they are to have access to sensitive information.

  • Early years managers and practitioners are responsible for keeping their passwords secure and must ensure they are updated every term.. All users must have strong passwords, for example a combination of numbers, symbols and lower and upper case letters.

  • Sharing passwords is not considered to be secure practice. Where children and young people are to be enabled to create their own password a copy of such will be kept on file for reference.

  • All computers and laptops should be set to ‘timeout’ the current user session should they become idle for an identified period.

  • All ICT users must ‘log out’ of their accounts should they need to leave a computer unattended.

  • If ICT users become aware that password security has been compromised or shared, either intentionally or unintentionally, the concern must be reported to the Designated Person for Safeguarding.



Internet access

  • Children do not have access to the internet and never have unsupervised access.  This includes the Ipads used by the children.

  • Ipads used by the children will be checked regularly and any photographs taken will be deleted.

  • If staff access the internet for the purposes of promoting the children’s learning, only approved apps are used.

  • The designated persons have overall responsibility for ensuring that children and young people are safeguarded and risk assessments in relation to online safety are completed.

  • Designated persons will also seek to build children’s resilience in relation to issues they may face in the online world, and will address issues such as staying safe, having appropriate friendships, asking for help if unsure, not keeping secrets as part of social and emotional development in age appropriate ways.

  • If a second hand computer is purchased or donated to the setting, the designated persons will ensure that no inappropriate material is stored on it before children use it.

  • All devices for use by children are located in an area clearly visible to staff.

  • Children are not allowed to access social networking sites.

  • All ICT users are made aware of the procedures that must be followed should a potentially unsafe or inappropriate online incident take place.

  • Staff report any suspicious or offensive material, including material which may incite racism, bullying or discrimination to the Internet Watch Foundation at www.iwf.org.uk.

  • Suspicions that an adult is attempting to make inappropriate contact with a child on-line is reported to the National Crime Agency’s Child Exploitation and Online Protection Centre at www.ceop.police.uk.

  • The designated persons ensure staff have access to age-appropriate resources to enable them to assist children to use the internet safely.

  • If staff become aware that a child is the victim of cyber-bullying, they discuss this with their parents and refer them to sources of help, such as the NSPCC on 0808 800 5000 or www.nspcc.org.uk, or Childline on 0800 1111 or www.childline.org.uk.

  • The internet access for all users will be managed and moderated in order to protect them from deliberate or unintentional misuse. Every reasonable precaution will be taken to ensure the safe use of the internet. However, it must be recognised that it is impossible to safeguard against every eventuality.

  • The following control measures will be implemented which will manage internet access and minimise risk:

    • Secure broadband or wireless access

    • A secure, filtered, managed internet service provider and/or learning platform.

    • Secure email accounts.

    • Regularly monitored and updated anti-virus protection.

    • A secure password system

    • Effective audit, monitoring and review procedures.

  • Online activity is monitored to ensure access is given to appropriate materials only. Computers, laptops, tablets and gaming machines are sited in areas of high visibility to ensure children, young people and adults are closely supervised and their online use appropriately monitored.

  • Should children, young people or adults discover potentially unsafe or inappropriate material, they must hide the content from view. For example, the window will minimised and/or the monitor (not Computer) will be turned off. All such incidents must be reported to the DPS who must ensure a report of the incident is made and take any further actions necessary.

  • All managers and practitioners will be made aware of the risks of compromising security, for example from connecting personal mobile devices to work related ICT systems. Such use is avoided but should it, on occasion, be unavoidable it will be subject to explicit authorisation of the Designated Person for Safeguarding. Such use will be stringently monitored.

  • Should it be necessary to download unknown files or programmes from the internet to any work related system it will only be actioned by authorised ICT users with permission from the Designated Person for Safeguarding (DPS). Such use will be effectively managed and monitored.

  • All users are responsible for reporting any concerns encountered using online technologies to the DPS.



  • Children are not permitted to use email in the setting. Parents and staff are not normally permitted to use setting equipment to access personal emails.

  • Staff do not access personal or work email whilst supervising children.

  • Staff send personal information by encrypted email and share information securely at all times.

  • Staff only send email to parents etc through designated work email accounts.


Mobile phones – children

  • Children do not bring mobile phones or other ICT devices with them to the setting. If a child is found to have a mobile phone or ICT device with them, this is removed and stored in a locked box until the parent collects them at the end of the session.


Mobile phones – staff and visitors

  • Personal mobile phones are not used by our staff on the premises during working hours. They will be stored in a locked box which is kept in the main hall.

  • In an emergency, personal mobile phones may be used in an area where there are no children present, with permission from the manager.

  • Our staff and volunteers ensure that the setting telephone number is known to family and other people who may need to contact them in an emergency.

  • If our members of staff or volunteers take their mobile phones on outings, for use in case of an emergency, they must not make or receive personal calls, or take photographs of children.

  • Parents and visitors are requested not to use their mobile phones whilst on the premises. We make an exception if a visitor’s company or organisation operates a lone working policy that requires contact with their office periodically throughout the day. Visitors will be advised of a quiet space where they can use their mobile phone, where no children are present.

  • These rules also apply to the use of work-issued mobiles, and when visiting or supporting staff in other settings.



  • Westwood farm Community Pre-School has a Facebook page where we upload and share images of children within the pre-school environment

  • Only photographs of children for whom parents have given permission will have photographs published on this page.

  • The use of Facebook has been appropriately risk assessed and the setting has taken steps to ensure all data stored is held in accordance with the Data Protection Act 1998 (as above).

  • Images uploaded to Facebook will only be taken used the setting’s devices.

  • All users authorised to upload images to Facebook are advised on safety measures to protect all members of the community e.g. using strong passwords, logging out of systems after use etc.

  • Parents/guardians will be informed of the settings expectations regarding safe and appropriate use (e.g. not sharing passwords or copying and sharing images) prior to being given access. Failure to comply with this may result in access being removed. Further information can be found in our Social Media Policy.


Cameras and videos

  • Our staff and volunteers must not bring their personal cameras or video recording equipment into the setting.

  • Photographs and recordings of children are only taken for valid reasons i.e. to record their learning and development, or for displays within the setting, with written permission received by parents (see the parent permission form). Such use is monitored by the manager.

  • Where parents request permission to photograph or record their own children at special events, general permission is gained from all parents for their children to be included. Parents are advised that they do not have a right to photograph anyone else’s child or to upload photos of anyone else’s children.

  • If photographs of children are used for publicity purposes, parental consent must be given and safeguarding risks minimised, for example, ensuring children cannot be identified by name or through being photographed in a sweatshirt with the name of their setting on it.

  • Any photographs or recording of the children taken for the purposes of learning journeys are deleted at the end of each term.

  • Any photos used for display purposes will be shredded once the child leaves the setting.

  • If parents choose to have their child’s photograph taken by visiting photographer, it is the parents responsibility to ensure they visit the photographers website and policies regarding data protection.




Use of Photos/Videos by Parents/Guardians at events

  • Parents/guardians are permitted to take photographs of events for private use only, they are requested that if they take any video recordings that they do not put them on social media.

  • Parents/guardians are requested not to publish photographs of other people’s children on social media.

  • Parents/guardians who are using photographic equipment must be mindful of others when making and taking images.

  • The opportunity for parents/guardians to take photographs and make videos can be reserved by the setting on health and safety grounds.

  • Parents/guardians are only permitted to take or make recording within designated areas of the setting. Photography is not permitted in sensitive areas such as toilets.

  • The right to withdraw consent will be maintained and any photography or filming on site will be open to scrutiny at any time.

  • Parents may contact the setting DSP to discuss any concerns regarding the use of images.

  • Photos and videos taken by the setting and shared with parents should not be shared elsewhere (e.g. posted on social media site), to do so may breach intellectual property rights, data protection legislation and importantly may place members of the community at risk of harm.




Social media

  • Staff are advised to manage their personal security settings to ensure that their information is only available to people they choose to share information with.

  • In the event that staff name the organisation or workplace in any social media they do so in a way that is not detrimental to the organisation or its service users.

  • Staff observe confidentiality and refrain from discussing any issues relating to work

  • Staff should not share information they would not want children, parents or colleagues to view.

  • Staff should report any concerns or breaches to the designated person in their setting.

  • Staff avoid personal communication, including on social networking sites, with the children and parents with whom they act in a professional capacity. If a practitioner and family are friendly prior to the child coming into the setting, this information is shared with the manager prior to a child attending and a risk assessment and agreement in relation to boundaries is agreed.


Electronic learning journals for recording children’s progress

  • Managers seek permission from the senior management team prior to using any online learning journal. A risk assessment is completed with details on how the learning journal is managed to ensure children are safeguarded.

  • Staff adhere to the guidance provided with the system at all time; and will read and sign to say they have understood the Tapestry agreement. 

  • Parents are asked to sign our tapestry agreement which outlines tapestry’s use of our data.


Use and/or distribution of inappropriate images

  • Staff are aware that it is an offence to distribute indecent images. In the event of a concern that a colleague or other person is behaving inappropriately, the Safeguarding Children and Child Protection policy, in relation to allegations against staff and/or responding to suspicions of abuse, is followed

  • Staff are aware that grooming children and young people on line is an offence in its own right and concerns about a colleague’s or others’ behaviour are reported (as above).

Further guidance