Safeguarding Policy

1. Our Commitment

Whizlo is committed to safeguarding and promoting the welfare of all children who use our platform. We recognise that the safety and wellbeing of children is paramount and take our responsibility seriously to create a safe online learning environment.

This policy applies to all staff, contractors, AI systems, and anyone working on behalf of Whizlo.

2. How We Protect Children Online

Account Security

• Children cannot create their own accounts — only parents or guardians can register
• Children log in using a simple 4-digit PIN, not email or passwords
• Only a child's first name is collected — never surnames, addresses, or photos
• Parents control all settings and have full visibility of their child's activity

No Social Features

• There is no messaging, chat, or direct communication between children
• There are no public profiles, friend lists, or social feeds
• Leaderboards show first names only and are visible only within a family group

Content Safety

• All educational content is reviewed for age-appropriateness before being shown to children
• AI-generated content passes through automated quality filters that block references to violence, drugs, horror, abuse, gambling, racism, and other inappropriate topics
• A cross-LLM content judge reviews generated questions for accuracy, age-appropriateness, and safety
• An admin review queue allows the team to flag and remove any content that does not meet standards

AI Safety

• AI tutors (Leo and Melody) only discuss educational topics related to the child's current learning
• AI responses are filtered through safety prompts that prevent off-topic, inappropriate, or harmful content
• Child data sent to AI providers is anonymised — no names, ages, or personal details are transmitted
• Parents can opt out of AI-powered features entirely via privacy settings

3. Data Protection for Children

• We comply with the UK Age Appropriate Design Code (Children's Code) issued by the ICO
• We comply with the UK General Data Protection Regulation (UK GDPR)
• Children's data is never used for marketing or profiling
• No third-party analytics or tracking cookies are set during child sessions
• All data is stored within the EU (Hetzner, Germany) and encrypted at rest and in transit
• Parents can request full data export or deletion at any time via privacy settings or by emailing privacy@whizlo.com

4. Reporting Concerns

If you have any concerns about a child's safety or wellbeing in relation to Whizlo, or if you believe any content on our platform is inappropriate, please contact us immediately:

• Email: safeguarding@whizlo.com
• General support: support@whizlo.com

We take all reports seriously and will respond within 24 hours. Where appropriate, we will work with relevant authorities including local safeguarding partnerships and the police.

5. External Resources

If you are concerned about a child's safety, the following organisations can help:

• NSPCC — 0808 800 5000 or nspcc.org.uk
• Childline — 0800 1111 or childline.org.uk
• CEOP (Child Exploitation and Online Protection) — ceop.police.uk
• Internet Watch Foundation — iwf.org.uk

6. Staff and Contractor Responsibilities

All individuals working on Whizlo are expected to:

• Treat the safety and welfare of children as the highest priority
• Report any safeguarding concerns to the designated safeguarding lead
• Follow this policy and all applicable child protection legislation
• Never attempt to contact children directly outside the platform
• Ensure all content and features are appropriate for the target age group

7. Review

This policy is reviewed at least annually and updated whenever there are significant changes to our platform, applicable legislation, or safeguarding best practices.