Role Models E-Safety Policy

INTRODUCTION

E-Safety encompasses Internet technologies and electronic communications such as mobile phones as well as collaboration tools and personal publishing.It is the duty of Role Models to ensure that every child in our care is safe, and the same principles should apply to the ‘virtual’ or ‘digital’ world as would be applied to the physical buildings where we run our courses.

This Code of Practice is drawn up to protect all parties: the students, the staff and the company and aims to provide clear advice and guidance on how to minimise risks and how to deal with any infringements. It also highlights the need to educate children about the benefits and risks of using technology and provides safeguards and awareness for users to enable them to control their online experience. It will be reviewed every two years.This Code of Practice is made available to parents, children and staff, and is available in the Office.

AIMS

• To set out the key principles expected of all members of the community at Role Models with respect to the use of ICT-based technologies.• To safeguard and protect the children and staff of Role Models.• To fulfil the responsibilities imposed by UK and EU laws and regulations in respect to data protection and privacy.• To assist course staff working with children to work safely and responsibly with the internet and other communication technologies and to monitor their own standards and practice.• To set clear expectations of behaviour and/or codes of practice relevant to responsible use of the internet for educational, personal or recreational use.• To ensure that all members of the Role Models community are aware that unlawful or unsafe behaviour is unacceptable and that, where appropriate, disciplinary or legal action will be taken.• To minimise the risk of misplaced or malicious allegations made against adults who work with children.

SCOPE

• This code of practice applies to the whole Role Models community including management, board directors, all staff employed directly or indirectly by the Company and all pupils.• Role Models’ management and directors will ensure that any relevant or new legislation that may impact upon the provision for e-Safeguarding within company will be reflected within this code of practice.• The company reserves the right to interrupt working contracts, exclude children from courses and take any legal action that it deems appropriate where this code of conduct is not adhered to. This is pertinent to incidents of cyberbullying, or other e-Safeguarding-related incidents covered by this code of practice, which may take place out of the courses we offer, but is linked to membership of the company.• Role Models will clearly detail its management of incidents within this code of practice, associated behaviour and anti-bullying policies and will, where known, inform parents and carers of incidents of inappropriate e-Safeguarding behaviour that takes place within their courses and community.

CONTEXT AND BACKGROUND

The technologies

ICT in the 21st Century has an all-encompassing role within the lives of children and adults. New internet and online technologies are enhancing communication and the sharing of information.

Current and emerging Internet and online technologies used in school and, more importantly in the case of Role Models, used outside school by children and staff include:1. The Internet – World Wide Web2. E-mail3. Instant messaging (often using simple web cams, e.g. Instant Messenger)4. Web based voice and video calling (e.g. Skype)5. Online chat rooms6. Online discussion forums7. Social networking sites (e.g. Facebook)8. Blogs and Micro-blogs (e.g. Twitter)9. Podcasting (radio / audio broadcasts downloaded to computer or MP3/4 player)10. Video broadcasting sites (e.g. You Tube)11. Music and video downloading (e.g. iTunes)12. Mobile phones with camera and video functionality13. Smart phones with e-mail, messaging and internet access14. CCTV Recordings

Our whole Company approach to the safe use of ICT

Creating a safe ICT learning environment includes three main elements:1. An effective range of technological tools2. Policies and procedures, with clear roles and responsibilities3. E-Safety teaching is embedded into the staff training and schemes of work

ROLES AND RESPONSIBILITIES

E-Safety is recognised as an essential aspect of strategic management of this company, with the support of its directors, Role Models aims to embed safe practices into the culture of the company.

Management team• The management is ultimately responsible for ensuring the safety (including e-safety) of members of the company.• All safeguarding issues will be dealt with following the procedures within this code of practice and the Child Protection and Safeguarding Procedures. (See Role Models Safeguarding Policy)• The management ensures that this code of practice is implemented across the company via the usual monitoring procedures.• The management is responsible for ensuring that all relevant staff receive suitable training to enable them to carry out their e-Safeguarding roles.• The management should be aware of procedures to be followed in the event of a serious e-Safeguarding incident.

E-Safety Co-ordinatorOur DSL (Designated Safeguarding Leads) is also an e-Safety Co-ordinators. The role of the e-Safety Co-ordinator includes:1. To promote an awareness and commitment to e-Safeguarding throughout the company.2. To take day-to-day responsibility for e-Safeguarding within the company and to have a leading role in establishing and reviewing e-Safeguarding policies and procedures.3. To ensure all staff are aware of the procedures that need to be followed in the event of an e-safety incident taking place.4. To provide training and advice for staff.5. To receive reports of e-safety incidents and create a log of incidents to inform future e-safety developments.

The e-Safety Co-ordinator is also responsible for:

1. Supporting the company in providing a safe technical infrastructure to support working and teaching.2. Ensuring that users may only access the company’ networks and devices through a properly enforced password protection policy.3. Ensuring that provision exists for misuse detection and malicious attack.4. Taking responsibility for the security of the company’s ICT system.5. Ensuring that access controls exist to protect personal and sensitive information held on company’s devices.6. Ensuring that appropriate physical access controls exist to control access to information systems and telecommunications equipment situated within the company’s premises.7. Ensuring that appropriate backup procedures exist so that critical information and systems can be recovered in the event of a disaster.

Staff

The duties of the staff include:1. To have an up to date awareness of e-safety matters and of the current e-safety code of practice and procedures.2. To adhere to the company’s data protection and privacy policies.3. To read, understand and adhere to the Staff Acceptable Use Agreement.4. To report any suspected misuse or problem to the e-Safety Co-ordinator for investigation / action / sanction.5. To model safe and responsible behaviours in their own use of technology.6. To ensure that all digital communications with students / parents / carers should be on a professional level and only carried out using official company systems.7. To supervise and guide pupils carefully when engaged in learning activities involving technology.8. To ensure that pupils understand and follow the e-safety and acceptable use policies.9. To ensure that in lessons where internet use is pre-planned pupils should be guided to sites checked as suitable for their use and that processes are in place for dealing with any unsuitable material that is found in internet searches.10. To understand and be aware of incident-reporting mechanisms that exist within the company.

Students1. Are responsible for using the company’s digital technology systems in accordance with the Pupil Acceptable Use Agreement.2. Need to understand the importance of reporting abuse, misuse or access to inappropriate materials and know how to do so.

3. Should understand the importance of adopting good e-safety practice when using digital technologies out of the courses they attend and realise that the company’s e-Safety code of practice covers their actions out of the hours of the course they attend, if related to people they met at the course or materials relevant to the course.

Parents/Carers1. Parents/Carers are given information about the company’s e-safety code of practice.2. They are given copies of the course Internet Use agreement with students and asked to support these rules with their children.

COMMUNICATION

Staff1. The e-Safety Code of Practice is provided to and discussed with all members of staff formally.2. All amendments will be updated on the system and awareness sessions will be held for all members of the Role Models community.3. All members of staff are asked to read and sign the company’s Acceptable Use Agreement.4. Staff will be made aware that Internet traffic can be monitored and traced to the individual user. Discretion and professional conduct are essential.5. All members of staff will be made aware that their online conduct out of school could have an impact on their role and reputation. Civil, legal or disciplinary action could be taken if they are found to bring the profession or institution into disrepute, or if something is felt to have undermined confidence in their professional abilities.

Students1. Students are asked to read, understand and adhere to the Student Acceptable Use Agreement.2. A copy of the e-Safety rules and of the Student Acceptable Use Agreement are given to them and their parents to make sure they are aware of what is expected of them.3. Pupils are informed that network and Internet use could be monitored.

Parents/Carers1. Parents/Carers’ attention is drawn to the company’s e–Safety Policy in the Parents' Handbook which they receive before the start of each course.

2. A partnership approach to e-Safety at the course and at home with parents/carers is encouraged.3. Parents/Carers are requested to read and sign the Student Acceptable Use Agreement and discuss its implications with their children.4. This policy is made available to parents/carers for guidance on e–Safety.

TRAINING

1. Course leaders receive e-Safety training on a regular basis (a minimum of every two or three years).2. All staff receive regular information and training on e-Safeguarding issues in the form of insets and staff meetings.3. As part of the induction process all new staff receive information and guidance on the e-Safeguarding policy and the Company’s Staff Acceptable Use Agreement.4. All staff will be made aware of individual responsibilities relating to the safeguarding of children within the context of e-Safeguarding and know what to do in the event of misuse of technology by any member of the Role Models community.

STUDENTS

We believe it is better to support children in finding their way around the Internet with guidance and positive role modelling rather than restrict Internet use to a few trusted sites.Despite the best efforts of our staff, occasionally students may come cross something on the Internet that they find offensive, unpleasant or distressing. Students are told at the start of each course to always report such experiences directly to an adult at the time they occur, so that action can be taken. The action will include:

1. Making a note of the website and any other websites linked to it.

2. Informing the e-Safety Co-ordinator

3. Logging the incident 4. Discussion with the pupil about the incident, and how to avoid similar experiences in future.

MANAGING ICT SYSTEMS AND ACCESS

• Role Models will be responsible for ensuring that access to its ICT systems is as safe and secure as reasonably possible. To this effect all staff is required to use strong authentication processes, which will be updated regularly.• Virus protection is installed on all appropriate hardware and will be kept active and up to date.• The use of user logins and passwords to access the company’s network will be enforced.• Data held on the company’s network will be regularly checked.• Staff are allowed to use their own portable media storage (USB Keys etc.) provided that it does not contain any kind of personal data. If use of such a device results in an anti-virus message they should remove the device and immediately report to the e-Safety Co-ordinator.• Unapproved software will not be allowed in work areas or attached to email.

EMERGING TECHNOLOGIES

• Emerging technologies will be examined for educational benefit and a risk assessment will be carried out before use in our courses is allowed.• The acceptable use of any new or emerging technologies in use within the company will be reflected within our e-Safeguarding and Acceptable Use Agreements.• Prior to deploying any new technologies within the company, staff will have appropriate awareness training regarding safe usage and any associated risks.

MANAGING DIGITAL CONTENT

Thought needs to be given whenever images, video and sound, including the use of course-generated assets and those found on the internet, are used in our courses or promotional materials. In order to ensure compliance with GDPRS regulations and to respect privacy, we need to be careful when sharing these images, videos and sounds online. In addition, students should be taught to think about how they share images, videos and sound online in their personal lives.Written permission from parents or carers will be obtained for the following locations before photographs of pupils are published. Parents and carers may withdraw permission, in writing, at any time.• On the company’s website• In the prospectus and other printed promotional material• In display material that may be used around the office and other premises• Recorded or transmitted on a video or via webcam in an educational conference

We will remind pupils of safe and responsible behaviour when creating, using and storing digital images, video and sound.

We will remind pupils of the risks of inappropriate use of digital images, video and sound in their online activities

Pupils and staff will only use Role Models’ equipment to create digital images, video and sound. In exceptional circumstances, personal equipment may be used with permission from the management provided that any media is transferred solely to a company’s device and deleted from any personal devices.

In particular, digital images, video and sound will not be taken without the permission of participants; images and video will be of appropriate activities and participants will be in appropriate dress; full names of participants will not be used either within the resource itself, within the file name or in accompanying text online; such resources will not be published online without the permission of the staff and pupils involved.

If students are involved, relevant parental permission will also be sought before resources are published online.

Parents may take photographs at Role Models’ events: however, they must ensure that any images or videos taken involving children other than their own are for personal use and will not be published on the internet including social networking sites.

Storage of images• Any images, videos or sound clips of pupils must be stored on the company’s server protected by appropriate passwords and never transferred to personally owned equipment.• Pupils and staff are not permitted to use personal portable media for storage of any images, videos or sound clips of pupils. Role Models are permitted to use them to take photos for End of Day Emails but agree to delete these at the end of the week, as per our safeguarding policy.

DATA PROTECTION

Personal data will be recorded, processed, stored, transferred and made available according to the General Data Protection Regulation and our Data protection and Privacy Code of Practice.

E-MAIL

E-Mail is a valuable and stimulating method however there are responsibilities involved in using the email facilities of communication that plays an important role in many aspects of our lives today. By activating a company account, users are agreeing to fulfil the responsibilities imposed by the company’s regulations and recognising that they are subject to UK, EU and other relevant laws.

Staff

• Staff should bear in mind that e-mail messages can be very easily read by those for whom they were not intended and they should recognise particularly that e-mails can be: - intercepted by third parties (legally or otherwise) - accessed by any individuals mentioned in the e-mails, under data protection legislation - wrongly addressed - forwarded accidentally - forwarded by initial recipients to third parties against your wishes - viewed accidentally on recipients’ computer screens.• Staff should not forward e-mails relating to Role Models business to personal e-mail accounts (such as gmail or hotmail) particularly where these communications include personal data relating to others.• Sensitive personal data should not be communicated by e-mail unless the express permission of the subject has been obtained or unless adequate encryption facilities have been employed.

• Staff should never use a false identity in e-mails.• The Role Models’ e-mail system must not be used to create or distribute unsolicited, offensive, or unwanted e-mail, including the dissemination of chain letters. The sending of unsolicited marketing messages is a criminal offence.• Staff should exercise caution when downloading material from the internet and opening e-mail attachments if there is any suspicion of it including a virus. If they have any suspicions, they should not open an attachment and contact the ICT Coordinator immediately.• Staff are encouraged to familiarise themselves with advice on phishing.• Staff are reminded that using a Role Models e-mail address means that they are representing the company, and all communications must reflect this.• E-mail accounts provided by the company may sometimes need to be accessed, although personal privacy will be respected.• Any inappropriate use of the Company email system or receipt of any inappropriate messages from another user should be reported immediately.• Staff e-mail addresses are to be used primarily for the conduct of Company business. Use of the Role Models email accounts for personal purposes is acceptable provided that it does not interfere with work and is fully compliant with these guidelines and other relevant regulations.

Staff e-mails and data protection

Role Models staff are subject to General Data Protection Regulation 2018. These prescribe a number of further rights and responsibilities in using e-mail:1. Personal data is subject to this legislation. Under its terms, personal data includes any information about a living identifiable individual, including their name, address, phone number, and e-mail address. If such information is included in an e-mail or an attachment to an e-mail, staff would be deemed to be "processing" personal data and must abide by the legislation. Personal information also includes any expression of opinion.2. Staff should be cautious about putting personal information in an e-mail. In particular, staff should not collect such information without the individual knowing what they propose to do with this; they may not disclose or amend such information except in accordance with the purpose for which the information was collected; and they should ensure the information is accurate and up to date.3. They should not use e-mail for any purpose that is not permitted under Role Models’ Data Protection/ Privacy Policy.4. Role Models has, by law, to provide any personal information held about any data subject who requests it under data protection legislation. This includes information on individual computers in departments, and staff have a responsibility to comply with any instruction to release such data made by the company’s data protection officer (John Reed). Emails which contain personal information and are held in live, archive or back-up systems or have been "deleted" from the live systems, but are still capable of recovery, may be accessible by data subjects.5. The law also imposes rules on staff in retaining personal data. Such data should be kept only for as long as it is needed for the purpose for which it was collected. Role Models retain deleted e-mails (for as long as it needs to) to allow for accidental loss or any other later requirement by the user for it to be retrieved.6. Staff should take care when sending e-mails containing personal information to countries outside the European Economic Area, especially if those countries do not have equivalent levels of protection for personal data.

MOBILE PHONES AND PERSONAL DEVICES

More and more young people have access to sophisticated new internet-enabled devices such as SMART mobile phones, tablets and music players.

It is important that whilst the Company recognises the potential advantages these devices can offer, there are clear and enforceable rules for their use during our courses, particularly when they give access to the Internet, and allow pictures and information to be remotely posted to a website or weblog.

Electronic devices of all kinds that are brought into our courses are the responsibility of the user. The company accepts no responsibility for the loss, theft or damage of such items. Nor will the Company accept responsibility for any adverse health effects caused by any such devices either potential or actual.

Students’ use1. Students are not allowed to have personal mobile phones or other similar devices in the classrooms during a course. Parents may request that such devices are kept at the Office for students who may need them on their journey to and from the venue where the course is held.2. If a pupil breaches the company’s policy then the phone or device will be confiscated and will be held in a secure place in the office, to only be released to the pupil’s parent or carer.3. If a student needs to contact his/her parents/carers they will be allowed to use a company phone.

Staff use1. Mobile phones and personal devices will not be used during lessons or formal course time, unless in emergency circumstances.2. Personal mobile phones or devices are permitted only during trips as emergency contact.

3. Staff are not permitted to use their own mobile phones or devices for contacting children, young people or their families within or outside of the setting in a professional capacity.4. Staff are not to permit children to use their mobile phone as part of an educational activity.5. Role Models are permitted to use them to take photos for End of Day Emails but agree to delete these at the end of the week, as per our safeguarding training. 6. If a member of staff breaches the company policy, disciplinary action may be taken.

CHAT, DISCUSSION AND SOCIAL NEWORKING SITES

These forms of electronic communication are used more and more, and can also contribute to learning across a range of areas.

Online chat rooms, discussion forums and social networking sites present a range of personal safety and privacy issues for young people.1. Staff wishing to use Social Media tools with students as part of their course will risk assess the sites before use and check the site’s terms and conditions to ensure the site is age appropriate. Staff will obtain documented consent from the e-Safety co-ordinator before using Social Media tools in the classroom. Individual students’ names or identifying information will never be used.2. Pupils will be advised never to give out personal details of any kind which may identify them and/or their location. Examples would include real name, address, mobile or landline phone numbers, course attended, IM and email addresses, full names of friends/family, specific interests and clubs etc.3. Concerns regarding students’ use of social networking, social media and personal publishing sites (in or out of school) will be raised with their parents/carers, particularly when concerning students’ underage use of sites.4. All members of the Role Models community are advised not to publish specific and detailed private thoughts, especially those that may be considered threatening, hurtful or defamatory.5. Staff personal use of social networking, social media and personal publishing sites will be discussed as part of staff induction and safe and professional behaviour will be outlined in the company’s Acceptable Use Agreement.

DELIBERATE MISUSE OF THE INTERNET FACILITIES

Role Models has to act within the law, which means it has, in turn, to ensure that its students and its staff are doing so, by enforcing the Rules and Regulations as explained in this Policy. Therefore, any breach of these Rules will be treated by Role Models as a serious disciplinary matter. If the breach or misuse results in a data breach Role Models commits to reporting any such breach to the ICO (Information Commissioners Office) and notifying appropriately data subject and data controllers without undue delay.

StudentsAll students will be made aware of the rules for using the Internet safely and appropriately before the start of the course they attend.Where a student is found to be using the Internet inappropriately, for example to download games, or search for unsuitable images, then sanctions will be applied according to the nature of the misuse, and any previous misuse.

Sanctions will include:Unsuitable material (e.g. online games, celebrity pictures, music downloads, sport websites etc)1. Initial warning from course teacher2. Report to Role Models management3. Letter to parent/carer

Offensive material (e.g. pornographic images, racist, sexist or hate website or images etc)1. Incident logged and reported to the Management.2. Call/letter to parent/carer3. Meeting with Parent/Carer to re-sign Internet use agreement4. Subsequent incidents will be treated very seriously by the company and may result in exclusion and/or police involvement.

HOW WILL COMPLAINTS REGARDING E-SAFETY BE HANDLED?

The company will take all reasonable precautions to ensure that users access only appropriate material. Methods to identify, assess and minimise risks will be reviewed regularly. However, due to the global and connected nature of Internet content, it is not possible to guarantee that access to unsuitable material will never occur via a company computer. Role Models cannot accept liability for material accessed, or any consequences of Internet access.Staff and students are given information about infringements in use and possible sanctions.

Our e-Safety Coordinator acts as first point of contact for any complaint. Any complaint about staff misuse is referred to the Board of directors.

CYBERBULLYING – Online bullying and harassment

By cyber-bullying, we mean bullying by electronic media. It is an aggressive, intentional act carried out by a group or individual using electronic forms of contact repeatedly over time against a victim who cannot easily defend him/herself. Cyberbullying is insidious; it can be conducted 24 hours a day, seven days a week, following children into their private space and outside course hours. It can be anonymous. The audience is large and can be reached rapidly. Unlike other forms of bullying, a single incident can be experienced as a multiple attack – a video posted to a website can be copied to many different sites. Bystanders can become accessories by passing on a humiliating message. Messages on social networking sites remain there to damage social life and friendships.

Cyberbullying (along with all other forms of bullying) of any member of the Role Models community will not be tolerated.

We encourage all students to discuss any concerns or worries they have about online bullying and harassment with staff.

We are committed to reviewing our policy and procedures annually.