Protecting children is a core operating principle.
Grounded in the UN Convention on the Rights of the Child, the Class2Class Child Safeguarding Policy defines how the organisation works to prevent harm, report concerns, respond appropriately, and protect children in classrooms and digital environments. Most of our users are minors — so safeguarding is the priority that sits above all others.
Prevention and screening
Awareness, recruitment screening, mandatory criminal-record checks (børneattest in Denmark; equivalent national certificate elsewhere), and signed Code of Conduct help reduce risk before harm occurs.
Clear reporting and response
Concerns are raised through defined channels and followed by prompt review, assessment, and referral to competent authorities where appropriate.
Digital safeguarding
Adult supervision, platform safety features, moderation, and data protection make online collaboration safe and structured.
No exceptions on harm to children
Romantic, sexual, grooming, or solicitation behaviour toward a minor is strictly prohibited regardless of local law. Suspected cases are referred to competent authorities.
Seventeen sections covering the safeguarding system end to end.
Click any section to jump to it in the document below.
Class2Class Child Safeguarding Policy.
Version 1.0 · Effective 30 April 2026 · Next review by 30 April 2027.
Purpose
Class2Class connects classrooms across more than 160 countries. Most of our users are minors, including children under 13 with parental consent. Protecting children from harm is therefore not one priority among many — it is the operating principle that sits above the others.
This policy translates that principle into rules that bind everyone who acts on behalf of Class2Class. It is the institutional counterpart to the user-facing rules in the Ethical Guidelines §6 (Keeping students safe). Where the Ethical Guidelines describe how users should behave on the platform, this policy describes how Class2Class as an organisation prevents harm, identifies it, and responds when it occurs.
Our commitment
Class2Class commits to a child-safe organisation and a child-safe platform. Specifically:
- We treat the safety, dignity, and wellbeing of every child as our highest priority
- We take a child-rights approach grounded in the UN Convention on the Rights of the Child (UNCRC), in particular Articles 3 (best interests of the child), 12 (right to be heard), 16 (right to privacy), and 19 (protection from violence, abuse, and exploitation)
- We prevent harm where we reasonably can, recognise it when it occurs, respond proportionately, and refer appropriately to competent authorities
- We do not tolerate any form of abuse, exploitation, harassment, neglect, or grooming of a child by anyone acting on behalf of Class2Class
- We support and protect anyone who raises a safeguarding concern in good faith, in line with the Reports Handling and Whistleblower Procedure
This policy applies in addition to — never in place of — the laws of Denmark, the laws of the country where a child resides, and the policies of the school the child attends.
Regulatory framework
| Source | What it expects |
|---|---|
| UN Convention on the Rights of the Child (UNCRC) | Best interests of the child; protection from violence, abuse, and exploitation; right to be heard |
| EU Digital Services Act (DSA) Article 28 | Online platforms accessible to minors must put in place appropriate and proportionate measures to ensure a high level of privacy, safety, and security of minors |
| GDPR Article 8 | Reasonable verification of parental authority where information-society services are offered to a child |
| GDPR Article 35 | Data Protection Impact Assessment where minors' data triggers high risk |
| EU Whistleblower Directive (2019/1937) | Functioning channels for raising concerns; protection of reporters from retaliation |
| Danish Penal Code, Ch. 24 & 25 | Criminal-law floor that this policy never sits below |
| COPPA (US) | School-authorisation framework for under-13 students whose schools partner with Class2Class |
| EU Better Internet for Kids (BIK+) | Design and operational expectations for platforms with minor users |
| EU AI Act Articles 4 and 50 | AI literacy of staff handling AI; transparency where AI interacts with a child |
Scope — who and what is covered
4.1 Who this policy applies to
This policy applies to every individual acting on behalf of Class2Class, regardless of contractual status:
- Employees of Class2Class ApS
- Board members and advisors
- Volunteers, interns, and fellows
- Consultants and contractors engaged to deliver work for Class2Class
- Country coordinators and regional representatives
- Partner teachers and facilitators while performing duties on the Class2Class platform or within Class2Class programmes
- NGO partners and any third party engaged by Class2Class on a programme that involves children
Every person above is required to acknowledge this policy in writing before engagement begins, by signing the Commitment to Safeguarding declaration. The signed declaration is renewed annually.
4.2 Who this policy protects
This policy protects every child who participates in Class2Class programmes or whose data Class2Class processes:
- Students under 13 (with parental consent under GDPR Article 8 and COPPA school-authorisation framework)
- Students aged 13 to 17
- Children indirectly affected by Class2Class programmes — for example, a sibling or classmate visible in a recording or image
4.3 Where this policy applies
The policy applies wherever Class2Class operates, online and offline — the platform, virtual classrooms, video calls, recordings, in-person events, AI features, communications between staff and children, and conduct of any representative that affects a child's perception of or trust in Class2Class.
Definitions
The policy adopts UNCRC-aligned definitions for child, safeguarding, sexual abuse, physical and psychological violence, emotional harm, neglect, exploitation, grooming, disclosure, concern, and the Designated Safeguarding Lead. The full glossary is in §5 of the institutional document.
Two definitional anchors that govern the rest of the policy:
Child — Any person under the age of 18, or any person under the age of digital consent in the jurisdiction where they reside, whichever is higher.
Safeguarding — The actions Class2Class takes to prevent harm to children, recognise concerns, respond appropriately, and refer where necessary.
Designated Safeguarding Lead
The Designated Safeguarding Lead (DSL) is the named Class2Class staff member with primary responsibility for child safeguarding. The current DSL is:
Named contact
Anton Skriver
[email protected]Anton receives and triages safeguarding concerns and disclosures; coordinates investigations together with the DPO where personal data is involved; liaises with competent child-protection authorities and law enforcement; maintains confidential records of safeguarding cases; co-owns the Annual Child Safety Risk Assessment with the DPO.
Where the DSL is unavailable or in conflict, safeguarding responsibility escalates to the CEO (Jørgen Balle Olesen, [email protected]). Where a concern involves the DSL or the CEO, it is routed to the Independent Reviewer at [email protected].
Prevention and screening
7.1 Recruitment and pre-engagement screening
Because we work with children, we treat pre-engagement screening as a non-negotiable part of joining Class2Class. For every role involving direct or indirect contact with children, screening includes:
- Identity verification through government-issued identification
- Reference checks with at least two prior references where the role is salaried or extends beyond a single short-term engagement
- Self-declaration of any prior safeguarding concerns, criminal convictions for offences against children, or restrictions on working with children
- Mandatory criminal record check as set out in §7.1.1 below
- Mandatory acknowledgement of this policy, of the Code of Conduct, and of the Anti-Corruption Policy by signed declaration before engagement begins
7.1.1 Criminal record check — substantive requirement
Every individual to whom this policy applies (other than partner teachers, whose own school's screening governs) must provide a current criminal record check from their country of residence at the start of engagement. The check covers, at minimum, offences against children. This is a substantive requirement, not a procedural preference — it exists because the most reliable single safeguard against placing a person who has harmed children into contact with more children is to ask the question and verify the answer.
Form of the check by country
| Country | Required certificate |
|---|---|
| Denmark | Børneattest ("children's certificate") — Class2Class requests this from the Danish Police with the candidate's written consent. Discloses convictions for sexual offences against children. |
| United Kingdom | Enhanced DBS check covering child workforce, including the children's barred list |
| Germany | Erweitertes Führungszeugnis (extended certificate of good conduct) under §30a BZRG |
| France | Bulletin n°2 or n°3 du casier judiciaire, with a specific request for offences against minors |
| Spain | Certificado de Delitos de Naturaleza Sexual from the Registro Central de Delincuentes Sexuales y de Trata de Seres Humanos |
| Italy | Certificato del casellario giudiziale with specific request under Art. 25-bis DPR 313/2002 |
| Netherlands | Verklaring Omtrent het Gedrag (VOG) with the working-with-children profile |
| Other EU/EEA | The national equivalent specifically covering offences against children, or the broadest national criminal record certificate |
| United States | State-level criminal background check covering states of residence in the prior 7 years, plus National Sex Offender Public Website check |
| Outside EU/EEA & US | The national criminal record certificate from the candidate's country of residence; certificates from each country of residence where the candidate has lived in the prior 10 years |
A "current" certificate is one issued not more than 6 months before the engagement start date.
Decision standard
| Finding | Outcome |
|---|---|
| No relevant convictions disclosed | Engagement proceeds |
| Any conviction for sexual, violent, or exploitative offence against a child | Engagement does not proceed; an existing engagement is terminated. No-exceptions standard. |
| Conviction for fraud, bribery, or corruption-related offence | Assessed under the Anti-Corruption Policy by the DPO and CEO; outcome may be "engagement does not proceed" depending on facts |
| Other historic convictions unrelated to children, integrity, or the role | Assessed on the facts by DSL and DPO together. Concealment of a known conviction is itself disqualifying. |
A candidate who refuses to provide a criminal record check, or to consent to Class2Class requesting one where local law allows the employer to do so directly, cannot be engaged in any Class2Class role.
We ask for the check because the trust families place in us depends on our being able to verify, not just believe, what we say about who works with their children.
Renewal cadence
- Every 3 years for employees, board members, country coordinators, and consultants in long-term engagements
- Before each new programme cycle for short-term contractors and volunteers in roles with direct contact with children
- A new certificate from the new country of residence within 6 months of any move
Lawful basis & confidentiality
Processing of criminal record data is lawful under GDPR Article 10 read in conjunction with §8 of the Danish Data Protection Act — necessary for the protection of vital interests of children and for the establishment of an employment or partnership relationship in which the safety of children is at stake.
The certificate is reviewed only by the DSL and the DPO. The original certificate is destroyed once the engagement decision is recorded. The fact of the check is retained for engagement plus 5 years in the form: "check completed on [date]; outcome: cleared / cleared with conditions / not cleared."
7.2 Training
Every individual to whom this policy applies completes the AI Literacy and Ethical Conduct Training Programme Module 5 (Safeguarding) at induction and annually thereafter. The DSL maintains training records.
7.3 Code of behaviour with children
Every Class2Class representative observes the following minimum standards in any contact with a child, online or in person:
The eight rules
- Be visible and accountable — contact takes place in a setting where a third party (a teacher, a parent, another adult) is reasonably aware
- Group, not one-to-one — staff do not initiate one-to-one private contact with a student under 13; one-to-one contact with older minors is limited to what is strictly necessary for the project
- No private channels — do not invite a student onto a personal social-media account, messaging app, or any platform outside Class2Class
- No personal information requests — do not ask a child for their phone number, home address, personal email, or social-media handle
- No gifts or rewards to a child outside the programme structure, except where pre-approved by the DSL
- No imagery without consent — do not photograph, record, screenshot, or republish a child or their work without the consent of the child, their teacher, and (for under-13s) their parent or guardian
- No physical contact beyond what is culturally and contextually appropriate; no physical contact in a private setting
- Romantic or sexual contact with a child is prohibited, in any form, online or in person, regardless of the child's age of consent under local law. A representative who develops feelings of romantic or sexual attraction to a child must immediately disengage from contact with the child and disclose to the DSL.
7.4 Platform safeguards
Operational platform safeguards that prevent harm by design include the items inventoried in the Annual Child Safety Risk Assessment v.1.0 (B7) §6 — most materially: teacher-gatekeeping (no self-registration), under-13 messaging restrictions (no 1:1; group only or teacher-mediated), under-16 group-only chats, parental consent flow with attestation record, one-click in-platform reporting, anonymous reports form, AI content flagging with human moderator review, and mandatory AI Literacy attestation by teachers using AI features.
Recognising harm
Every Class2Class representative is trained to recognise potential indicators of harm. Indicators are not proof; they are the reason to ask, listen, and refer.
In the child
- Unexplained changes in mood, withdrawal, or fear
- Reluctance to engage with a particular teacher, peer, or platform feature
- Disclosure to a peer that is reported to staff
- Sudden change in attendance or platform participation
- Age-inappropriate language, knowledge, or behaviour
- References to inappropriate adult contact, gifts, or money
- Self-harm references; references to running away from home; references to fearing a person at home or at school
In an adult on or near the platform
- One-to-one contact with a student outside the student's own school
- Requests for personal contact information, social-media handles, or off-platform contact
- Asking a student to keep something secret from their teacher or parent
- Sending or requesting images outside the project scope
- Patterns of romantic, sexual, or grooming-style language toward a minor
- Excessive personal interest in a particular student
- Crossing professional boundaries set out in §7.3
In AI features
- Outputs that are sexual, violent, or otherwise inappropriate when surfaced to or near a minor
- Outputs that name or identify a specific child in a way that could enable contact
- Outputs that override the Ethical Guidelines §6 prohibitions
- Failure of an Article 50 disclosure where a child is the user
AI-feature concerns route through both this policy and the AI Incident Reporting Procedure (B6) in parallel, with severity governed by the higher of the two assessments.
Reporting safeguarding concerns
9.1 Internal channels
Anyone who has a safeguarding concern about a child connected to Class2Class is asked to report it. The available channels:
Reporting channels
- General safeguarding concernEmail [email protected] or use the in-platform report button. Read by the DPO and the DSL as appropriate.
- Concern involving the DSL, DPO, or another team member in the routing pathEmail the CEO at [email protected]
- Concern involving the CEOEmail the Independent Reviewer at [email protected]
- Anonymous reportUse the dedicated Anonymous Reports Form — no sign-in, no email, no identity capture, returns a case reference number.
Reports may be submitted in any language Class2Class supports (currently EN, ES, DK); we translate as needed.
9.2 External channels
The internal channels do not replace the right to report to a competent authority. A reporter may, at any time, raise a concern with the Danish Police (politi.dk) for any matter that may constitute a crime against a child under Danish law, the Danish national child-protection helpline (Børnetelefonen, 116 111), the relevant child-protection authority in the child's country of residence, the Danish Data Protection Authority (Datatilsynet, [email protected]), or any other competent authority.
9.3 What to report
Report any concern, even a small one. A safeguarding concern does not require certainty; it requires honesty. If something feels wrong, tell us — Class2Class will take it seriously.
9.4 Anti-retaliation
Class2Class does not tolerate retaliation against anyone who raises a safeguarding concern in good faith. Retaliation is itself a breach of this policy and of the Code of Conduct §7, and is grounds for dismissal or termination of partnership.
Response procedure
10.1 Acknowledgement
The receiver of a report acknowledges receipt to the reporter, where contact is possible, within 7 calendar days.
10.2 Triage — severity matrix
| Severity | Examples | Initial response |
|---|---|---|
| High — emergency | Disclosure or strong evidence of ongoing sexual abuse, violence, exploitation, or imminent risk to a child | Immediate. Within 1 hour: restrict the suspected adult's platform access; notify CEO; contact competent authority and law enforcement without delay; preserve evidence |
| High — non-emergency | Disclosure or strong evidence of historical or non-imminent abuse, grooming patterns, or serious boundary breach | Within 24 hours: convene safeguarding response team (DSL + DPO + CEO); refer to competent authority within timelines required by law; preserve evidence |
| Medium | Pattern-level concern, credible single incident, cross-school adult-to-student private contact attempt | Within 72 hours: open investigation; restrict access where proportionate; notify partner school where applicable |
| Low | Single procedural breach, peer-to-peer issue resolvable at classroom level, misinformation | Within 7 calendar days: route to relevant party (partner school, teacher, platform support) |
10.3 Investigation
The DSL leads the investigation, with the DPO co-investigating where personal data is involved. The child's voice is heard where age-appropriate and safe (UNCRC Article 12). The child is not interviewed by the alleged perpetrator's manager. Evidence is preserved without modification — platform logs, messages, AI-feature outputs, recordings, screenshots — to a restricted-access folder.
10.4 Referral to competent authorities
Class2Class refers to a competent authority — without delay and without requiring internal sign-off — where a child is at imminent risk of harm; a criminal offence against a child may have been committed; the law requires us to refer; the reporter has asked us to refer; or continued internal handling alone is insufficient.
10.5 Outcome
The DSL records the outcome and, where contact is possible, communicates it to the reporter and (where age-appropriate and safe) to the child within 3 months of receipt. Outcomes range from no further action through to apology and corrective action, platform change, restriction or removal of a representative, termination of relationship, referral to a competent authority, or supporting civil/criminal proceedings.
Records
The DSL maintains a confidential safeguarding case register accessible only to the DSL and the DPO. Each case file is identified by reference SG-YYYY-MM-NNN and cross-references any parallel Reports Handling case ID, AI Incident reference (B6), or Data Breach reference (D4).
Case files are retained for 10 years from closure, or longer where Danish law requires. Retention follows the Records of Processing Activities (D1) PA-04.
Digital safeguarding
Specific commitments for the online dimension of our work:
- Adult supervision — every Class2Class project space has at least one adult (a teacher or country coordinator) accountable for supervision
- No private student-to-staff messaging outside the platform's permitted channels
- AI-feature transparency — every AI feature on the platform identifies itself per Article 50; AI is used to help a teacher, never to replace a teacher's judgement about a student
- No AI training on user data — contractual no-training commitments in every AI sub-processor DPA
- Recordings and images — Class2Class does not record a session or republish a child's image or work without prior, specific, age-appropriate consent
- Data minimisation — the platform collects only what is needed to deliver the educational service
Cross-border considerations
Class2Class operates in 160+ countries. Where the law of the child's country differs from this policy:
- Where local law gives the child stronger protection than this policy, the local law governs in addition to this policy
- Where local law gives the child weaker protection than this policy, this policy governs the conduct of Class2Class representatives — the child still receives the higher standard
- Where a competent authority of the child's country requests information, Class2Class cooperates within the bounds of GDPR Chapter V and Danish law
- Where reporting to the child's country authority creates a risk to the child (for example, where the disclosure concerns abuse by a state actor), the DSL escalates to the CEO and the Independent Reviewer; the child's safety governs the routing decision
Training and awareness
| Audience | Module | Frequency |
|---|---|---|
| Class2Class staff and country coordinators | AI Literacy and Ethical Conduct Module 5 (Safeguarding) | Induction + annual refresher |
| Staff in the safeguarding response chain (DSL, DPO, CEO) | Specialist annual safeguarding training delivered by an external provider | Annual |
| Partner teachers | AI Literacy and Responsible Use module + age-appropriate safeguarding materials | At sign-up + before using AI features |
| Students and parents | Age-appropriate explainers in the Help Centre; teachers introduce in class | Continuous |
Governance and accountability
| Role | Accountability |
|---|---|
| CEO (Jørgen Balle Olesen) | Ultimate accountability for child safeguarding; signs off on this policy and on its annual review |
| Designated Safeguarding Lead (Anton Skriver) | Owns this policy; receives and routes safeguarding concerns; coordinates investigations; maintains records; co-owns the Annual Child Safety Risk Assessment |
| Data Protection Officer (Giancarlo Mena) | Co-owns this policy; co-investigates where personal data is involved; owns the Annual Child Safety Risk Assessment jointly with the DSL |
| Technical Lead (Leonard Abrahamian) | Implements platform safeguards; preserves evidence; co-investigates AI-feature incidents |
| Independent Reviewer | Receives, investigates, and decides safeguarding cases that involve the CEO or that cannot be handled internally without conflict |
| Board of Directors (or designated independent oversight contact) | Oversight; receives the Annual Transparency Report including the safeguarding summary |
Review
This policy is reviewed annually by the DSL and the DPO and approved by the CEO. Material change to the platform, the user population, applicable law, or any High-severity safeguarding case triggers an immediate ad-hoc review.
The annual review covers volume/severity/source of cases, outcomes and timelines, effectiveness of platform safeguards, named contacts and escalation paths, training completion rates, regulatory developments, and cross-procedure interactions with B6 (AI), B7 (annual risk assessment), D4 (data breach), and the Reports Handling Procedure.
Cross-references. Operational counterparts: Ethical Guidelines, Code of Conduct, Anti-Corruption Policy, DPA Template & Sub-processor List, Reports Handling and Whistleblower Procedure, Annual Child Safety Risk Assessment (B7), AI Incident Reporting Procedure (B6), Privacy Policy, Data Breach Response Procedure (D4), Independent Reviewer ToR.
Common safeguarding questions.
Who does the Child Safeguarding Policy apply to?
Every individual acting on behalf of Class2Class — employees, board members, advisors, volunteers, interns and fellows, consultants and contractors, country coordinators, partner teachers and facilitators while on the platform, and NGO partners on programmes that involve children. Every person above is required to sign the Commitment to Safeguarding declaration before engagement begins, and to renew the signature annually.
The policy protects every child who participates in our programmes — students under 13 (with parental consent), students 13–17, and children indirectly affected (a sibling visible in a recording, for example).
What kinds of harm are covered?
Sexual abuse (in person and online), physical violence, psychological violence, emotional harm (including bullying, harassment, public shaming, exposure to age-inappropriate content), neglect, exploitation, and grooming. Section 5 has the full definitions; all are aligned with the UN Convention on the Rights of the Child.
What's the criminal record check requirement?
Every individual to whom this policy applies provides a current child-relevant criminal record certificate at the start of engagement — in Denmark, the børneattest; in the UK, an Enhanced DBS check; in Germany, the erweitertes Führungszeugnis; equivalent national certificates elsewhere. The full country matrix is in §7.1.1 above.
Any conviction for a sexual, violent, or exploitative offence against a child disqualifies a candidate — no exceptions. Other historic convictions are assessed on their facts. Refusing the check means we cannot engage you.
The processing is lawful under GDPR Article 10 + Danish DPA §8. Certificates are reviewed only by the DSL and DPO, then destroyed once the engagement decision is recorded.
How are safeguarding concerns reported and handled?
Four channels (see §9): general concerns to [email protected] or the in-platform report button; concerns about the DSL or another team member to the CEO at [email protected]; concerns about the CEO to the Independent Reviewer at [email protected]; and the anonymous Reports Form for reporters who don't want to give their name.
The DSL acknowledges within 7 calendar days, triages by severity (High emergency / High non-emergency / Medium / Low — see §10.2), investigates with the DPO co-investigating where personal data is involved, refers to competent authorities where the case warrants, and communicates the outcome within 3 months.
Who is the Designated Safeguarding Lead?
Anton Skriver — [email protected]. Anton owns this policy, receives and routes safeguarding concerns, coordinates investigations together with the DPO where personal data is involved, liaises with competent child-protection authorities and law enforcement, maintains the confidential safeguarding case register, and co-owns the Annual Child Safety Risk Assessment with the DPO.
Where Anton is unavailable or in conflict, safeguarding responsibility escalates to the CEO. Where a concern involves Anton or the CEO, it goes to the Independent Reviewer.
What does digital safeguarding include?
Adult supervision in every project space, no private student-to-staff messaging outside the platform's permitted channels, AI-feature transparency (every AI feature identifies itself per EU AI Act Article 50), contractual no-AI-training commitments with every AI sub-processor, no recording or republishing of a child's image or work without specific age-appropriate consent, and data minimisation throughout.
Section 12 has the full list. Operational platform safeguards (teacher gatekeeping, under-13 messaging restrictions, parental consent flow) are inventoried in the Annual Child Safety Risk Assessment §6.
Is romantic or sexual contact with a minor ever acceptable on Class2Class?
No — and this is non-negotiable. Romantic, sexual, grooming, or solicitation behaviour toward a minor is strictly prohibited regardless of the child's age of consent under local law. Suspected cases will be referred to the school and, where appropriate, to competent child-protection or law-enforcement authorities.
A representative who develops feelings of romantic or sexual attraction to a child must immediately disengage from contact with the child and disclose to the DSL. Section 7.3 has the full Code of Behaviour with Children.
What happens when a case crosses borders?
Where local law gives the child stronger protection than this policy, the local law governs in addition. Where local law gives weaker protection, this policy governs the conduct of Class2Class representatives — the child still receives the higher standard.
Where a competent authority requests information, Class2Class cooperates within GDPR Chapter V and Danish law. Where reporting to a country's authority creates a risk to the child (for example, abuse by a state actor), the DSL escalates to the CEO and the Independent Reviewer — the child's safety governs the routing decision.
Need to raise a safeguarding concern?
Concerns can be raised through Class2Class leadership or by email at [email protected]. Reports made in good faith are taken seriously, kept confidential, and protected from any form of retaliation. If a child is in immediate danger, contact local emergency services first.
- Designated Safeguarding LeadAnton Skriver — [email protected]
- General concern[email protected]
- Concern about the DSL or DPOCEO Jørgen Balle Olesen — [email protected]
- Concern about the CEOIndependent Reviewer — [email protected]
- Imminent dangerLocal emergency services first
A partner school, regulator, or auditor reviewing our safeguarding posture?
Additional documents available on request from the DSL or DPO: Annual Child Safety Risk Assessment (B7), Parental DSAR Request Process (B8), AI Incident Reporting Procedure (B6), Reports Handling and Whistleblower Procedure, ROPA, DPIA, and the Compliance Scorecard.
Email the DPO