← All Policies

Online Safety Policy

Reference: ET-OSP-001Last reviewed: April 2026

1. Policy Statement

Ember Learning Ltd, trading as Ember Tutors, is committed to the online safety of every student who participates in our sessions. Our entire model of delivery is online: students aged 11 to 16 attend live small group tutoring sessions via the Vedamo virtual classroom platform. This means that online safety is not a peripheral concern — it is central to every safeguarding decision we make.

This Policy sets out how we create and maintain a safe, positive, and professional online environment. It applies to all sessions delivered via Vedamo, all associated communications, and all related digital activity. It must be read alongside the Child Protection and Safeguarding Policy (ET-CPSP-001).

This Policy is informed by:

  • Keeping Children Safe in Education (DfE, 2025) — Annex C (Online Safety)
  • The Online Safety Act 2023
  • Searching, Screening and Confiscation guidance (DfE, 2022) — applied as relevant to online contexts
  • UK Council for Internet Safety (UKCIS) guidance
  • Working Together to Safeguard Children (HM Government, 2023)

2. Scope

2.1 This Policy applies to:

  • All Tutor Associates delivering sessions via the platform
  • All Company directors and staff with access to the platform or to student data
  • Students participating in sessions (and, by extension, their parents and carers via information shared by the commissioning LA or MAT)

2.2 This Policy covers all activity on the Vedamo platform during sessions, including: video and audio interaction, the in-session chat function, virtual whiteboard use, and any screen-sharing or file-sharing features.

2.3 This Policy also covers any communications between Tutor Associates and students that might occur outside the platform — which are strictly prohibited under this Policy and the Tutor Associate Agreement.

3. The Vedamo Platform — Safeguarding Features and Controls

3.1 Sessions are delivered using Vedamo, a dedicated virtual classroom platform. Vedamo provides the following features which are relevant to online safety:

  • Session recording — all sessions are recorded automatically. Recordings are retained for safeguarding purposes only, in accordance with the Session Recording Policy (ET-SRP-002). No other use of recordings is permitted
  • In-session safeguarding concern reporting — the platform includes a built-in mechanism for Tutor Associates to log a safeguarding concern immediately following a session
  • Host controls — the Tutor Associate, as session host, controls who can speak, share video, and use chat during the session
  • Access controls — students access sessions via a unique link issued by the Company. Links shall not be shared beyond the intended student

3.2 Ember Tutors expects Vedamo to be used only for its intended educational purpose. Tutor Associates shall not configure the platform in ways that circumvent the safeguarding features described above.

Vedamo is configured at the administrator level to control participant permissions. Session chat logs are retained as part of the session recording. Students access sessions via unique session links and do not have the ability to contact other participants outside of sessions through the platform. Vedamo's own data processing terms should be reviewed and agreed before first session delivery to confirm their coverage of session recordings and personal data handling.

4. Responsibilities of Tutor Associates

4.1 Before the Session. Tutor Associates must:

  • Deliver sessions from a professional, appropriate setting with a neutral background free from distractions, personal items, and third parties
  • Ensure that their own device is secure, updated, and free from malware
  • Not share session access links with any third party
  • Not record the session independently by any means — the platform records automatically and independently

4.2 During the Session. Tutor Associates must:

  • Keep the session on topic and maintain professional conduct at all times
  • Monitor the session chat actively and address any inappropriate content immediately
  • Not show students any content — shared screen, documents, or videos — that has not been reviewed for appropriateness in advance
  • Not engage in private one-to-one messaging with individual students via the in-session chat
  • Not invite or admit any uninvited or unknown participant to the session
  • Remain alert to signs of online harm, exploitation, or inappropriate conduct affecting students during the session (including concerning content visible in a student's background environment)
  • Immediately use the host controls to mute or remove any participant whose conduct poses a risk to others

4.3 After the Session. Tutor Associates must:

  • Log any safeguarding concern (including concerns about online safety) via the platform's reporting feature and notify the DSL directly, in accordance with the Child Protection and Safeguarding Policy
  • Not retain, download, copy, or share any element of the session recording
  • Not contact any student outside the platform by any means

5. Responsibilities of the Company

5.1 Ember Tutors will:

  • Ensure that all Tutor Associates complete online safety awareness training as part of mandatory pre-commencement training before delivering any session
  • Ensure that the DSL maintains up-to-date knowledge of online safety risks relevant to the 11–16 age group, including cyberbullying, grooming, CSE facilitated online, radicalisation via online channels, and the specific risks of live video communication
  • Ensure that Vedamo is configured with appropriate access controls and session settings before any student participates
  • Maintain session recordings for safeguarding purposes and ensure they are accessible only to the DSL and Deputy DSL
  • Provide Commissioners with information about the platform and the Company's online safety arrangements to support parental communication
  • Review this Policy annually and following any online safety incident

6. Responsibilities of Commissioners

6.1 Commissioning Local Authorities and Multi-Academy Trusts are responsible for:

  • Ensuring that parents and carers are informed that sessions are delivered online via a live video platform and that sessions are recorded for safeguarding purposes
  • Obtaining appropriate parental/carer consent for online participation and for session recording, prior to referring any student
  • Ensuring that referred students understand the expectations for their conduct during sessions
  • Ensuring that students have access to an appropriate device and a private, safe space from which to attend sessions
  • Notifying Ember Tutors promptly if they become aware of any online safety concern relating to a referred student

7. Student Conduct During Sessions

7.1 Students are expected to participate in sessions in a respectful and appropriate manner. The following conduct standards apply:

  • Students must log in using their own individual access credentials and must not share session links
  • Students must not record any element of the session by any means
  • Students must treat the Tutor Associate and other session participants with respect
  • Students must not use the session chat or other platform features to share inappropriate, offensive, or harmful content
  • Students must not attempt to contact the Tutor Associate or other students outside of the session environment

7.2 The Tutor Associate is authorised to use host controls to mute, warn, or remove a student from a session if their conduct is disruptive, inappropriate, or poses a risk to others. Where a student is removed from a session, the Tutor Associate must notify the DSL and the Commissioner immediately.

7.3 Conduct standards should be communicated to students as part of their onboarding by the Commissioner prior to their first session. The Company will provide Commissioners with relevant information to support this.

8. Specific Online Risks in the Ember Tutors Context

8.1 Grooming and Inappropriate Contact

The live video format and ongoing relationship between a Tutor Associate and a small group of students over time creates a potential vector for grooming behaviour. All associates are trained to maintain professional boundaries and are prohibited from any contact with students outside the platform. Any contact attempted outside the platform — by the associate or by a student — must be reported to the DSL immediately.

8.2 Online CSE and Exploitation

Associates should be alert to indicators that a student may be experiencing online sexual exploitation or coercion. This may include: a student appearing fearful or distressed in relation to online activity; references to unknown adults making contact online; or inappropriate content visible in the background during a session. Any such concern must be reported to the DSL immediately using the platform reporting feature and direct telephone contact.

8.3 Cyberbullying and Peer Harm

In a small group session format, associates may observe peer-to-peer interactions that cause concern. Any bullying, intimidation, or harmful communication observed during a session — whether in video, audio, or chat — must be reported to the DSL and to the referring Commissioner.

8.4 Radicalisation via Online Channels

Associates should be alert to extremist language or references to radicalising content during sessions. Any Prevent-related concern should be reported to the DSL in the same way as any other safeguarding concern.

8.5 Harmful or Illegal Content

If a student shares, displays, or references harmful or illegal content during a session (including child sexual abuse material, extremist content, or content depicting serious harm), the associate should: use host controls to remove or mute the student immediately; end the session if necessary to prevent further harm; and report to the DSL without delay.

8.6 Student Mental Health and Online Harm

Associates should be alert to students who appear to be engaging with self-harm content, pro-eating disorder communities, or suicidal ideation online. Any such concern should be reported to the DSL immediately, who will notify the Commissioner's DSL.

9. Data Protection and Privacy in the Online Environment

9.1 All personal data relating to students processed via the platform is governed by the Data Processing Agreement (ET-DPA-001). The Commissioner is the Data Controller; Ember Tutors is the Data Processor.

9.2 Session recordings are retained exclusively for safeguarding purposes and are accessible only to the DSL and Deputy DSL. This is set out in detail in the Session Recording Policy (ET-SRP-002).

9.3 Associates must not retain student personal data on personal devices and must not photograph, screenshot, or otherwise capture any content from sessions.

9.4 Students' personal data is not used for marketing purposes. Images or recordings from sessions are not published, shared publicly, or used in any way other than as described in the Session Recording Policy.

10. Responding to an Online Safety Incident

10.1 An online safety incident includes any of the following:

  • Inappropriate conduct by a Tutor Associate toward a student during a session
  • A student sharing harmful, illegal, or inappropriate content during a session
  • Unauthorised recording, screenshot, or distribution of session content by any party
  • A student reporting online grooming, exploitation, or abuse
  • A suspected data breach involving session recordings or student personal data
  • Any contact between an associate and a student outside the platform

10.2 All online safety incidents must be reported to the DSL immediately using the platform reporting feature and direct telephone contact. The DSL will assess and manage the incident in accordance with the Child Protection and Safeguarding Policy.

10.3 Where an incident involves a potential criminal offence (including the creation, sharing, or possession of child sexual abuse material), the DSL will contact the police without delay.

10.4 Where an incident constitutes a personal data breach, the DSL will follow the breach notification procedure set out in the Data Processing Agreement (ET-DPA-001).

11. Training

11.1 All Tutor Associates must complete online safety training as part of mandatory pre-commencement training. This training covers: online risks relevant to the 11–16 age group; recognising and reporting online harm; the Company's platform rules and conduct expectations; and prohibited behaviours.

11.2 The DSL and Deputy DSL must maintain current knowledge of online safety risks and guidance, including annual update training.

11.3 Training completion records are maintained by the DSL.

12. Linked Policies and Documents

  • Child Protection and Safeguarding Policy (ET-CPSP-001)
  • Session Recording Policy (ET-SRP-002)
  • Tutor Associate Agreement (ET-TAA-001) — Clauses 6 (Conduct), 7 (Confidentiality), and 8 (Data Protection)
  • Safer Recruitment Process (ET-SRP-001)
  • Data Processing Agreement (ET-DPA-001)

13. Policy Review

This Policy will be reviewed annually and following any significant online safety incident, update to KCSIE or the Online Safety Act guidance, or material change to the platform used for delivery.