SafeToNet Policy Position on Privacy and Children’s Online Safety

1. Our HarmBlock starting position

SafeToNet’s approach to privacy is grounded in a simple principle: children should be protected from harm online without being monitored, tracked, or profiled.

We design safeguarding technology on the assumption that children have a right to privacy, dignity, and freedom from unnecessary surveillance, as well as a right to protection from harmful and illegal content.

This position aligns with the UN Convention on the Rights of the Child (UNCRC), including General Comment No. 25, which makes clear that children’s rights apply fully in the digital environment and that protection measures must be proportionate, necessary, and privacy-preserving.

2. Privacy by design, not privacy as an afterthought

SafeToNet does not believe that effective safeguarding requires the collection of personal data, browsing histories, messages, or behavioural profiles.

Our technology is deliberately engineered to minimise data processing and eliminate data flows wherever possible. Safeguarding should not depend on surveillance, nor should children’s safety be achieved at the cost of their privacy.

This approach is consistent with:

  • the UNCRC principle of the child’s best interests,
  • the UK Age-Appropriate Design Code’s requirement for data minimisation and privacy by default,
  • and core GDPR principles, including privacy by design and purpose limitation.

3. What HarmBlock activation does and does not mean

When HarmBlock activates to block harmful or illegal sexual content, this does not indicate that a child has searched for, requested, or sought out such material.

HarmBlock does not analyse intent, interest, or behaviour. It does not track searches, monitor conversations, or infer motivation.

Activation reflects a different reality: that explicit and harmful sexual content is widespread across the internet, embedded in mainstream platforms, advertising systems, group chats, image sharing, and automated content feeds.

Children are routinely exposed to sexual material through algorithmic recommendations, unsolicited messages, shared content, and ambient digital environments, often without actively looking for it.

HarmBlock responds to what appears on the device, not to what a child is trying to do.

4. A systemic problem requires systemic safeguards

SafeToNet’s position is that online sexual harm affecting children is a systemic issue, not an individual behavioural issue.

Children cannot control what appears in feeds, messages, recommendations, or shared spaces online. Harmful content is often unavoidable, even for cautious and well-supported children.

Placing the burden on children to avoid harmful content, or on parents to monitor every interaction, is neither realistic nor fair. Equally, treating exposure as evidence of a child’s curiosity or wrongdoing is both inaccurate and harmful.

Safeguards should be built into the digital environment itself, in ways that work across apps, platforms, and encrypted spaces, without requiring constant oversight or data collection.

5. Why on-device, privacy-preserving protection matters

HarmBlock is designed to operate entirely on the device, without collecting, storing, or transmitting personal data. This is a deliberate policy choice.

By processing content locally and transiently, safeguarding can occur:

  • without creating user profiles,
  • without logging activity,
  • without sharing data with companies, platforms, or third parties,
  • and without exposing children to additional privacy or security risks.

This approach supports the UNCRC requirement that children’s rights to protection and privacy must be balanced, not traded off against each other.

6. Respecting children’s dignity

SafeToNet rejects models of child safety that rely on constant surveillance, behavioural scoring, or intrusive monitoring.

Children should not grow up under the assumption that being safe means being watched.

Our policy position is that effective safeguarding should be largely invisible, proportionate, and protective, intervening only when necessary to prevent harm, and doing so without judgment, profiling, or stigma.

7. Our commitment

SafeToNet is committed to:

  • designing safeguarding technology that protects children without exploiting their data,
  • aligning with internationally recognised children’s rights frameworks,
  • supporting parents, carers, and institutions without encouraging over-monitoring,
  • and contributing to a digital environment where children are protected by design, not policed by default.

Privacy is not a barrier to child protection. When done properly, it is one of its foundations.










Website Privacy Policy

Effective Date: December 2025

1. Introduction

SafeToNet Limited (“we,” “us,” or “our”) operates the SafeToNet.com website (the “Website”). We are committed to protecting your privacy and handling your personal information transparently and securely.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Website. Please read this policy carefully to understand our practices regarding your personal data.

Data Controller

SafeToNet Limited
Company Number: 08733316
Registered Address: Quadrant House, Broad Street Mall, Reading, England, RG1 7QE
Email: privacy@safetonet.com

If you are located in the United Kingdom or European Economic Area (EEA), SafeToNet Limited is the data controller responsible for your personal information.

2. Information We Collect

2.1 Information You Provide to Us

We collect personal information that you voluntarily provide when you:

Subscribe for product updates: When you sign up to receive notifications about SafeToNet product news, we collect:

  • Your name
  • Email address
  • Phone number (if provided)

Contact us: Any information you choose to provide when communicating with us

2.2 Automatically Collected Information

We use Plausible Analytics to collect anonymized website usage data. This is a privacy-friendly analytics service that:

  • Does not use cookies
  • Does not collect personal information
  • Does not track users across websites
  • Provides aggregate, anonymized statistics only

The anonymized data collected includes:

  • Page views and visits
  • Referral sources
  • General geographic location (country/region level only)
  • Device type and browser information (anonymized)
  • Page loading times

This data cannot be used to identify you personally.

2.3 Information We Do NOT Collect

We do not:

  • Use tracking cookies for advertising or profiling
  • Collect precise geolocation data
  • Track your browsing activity across other websites
  • Collect financial information (we do not process payments directly through this website)

3. How We Use Your Information

3.1 Legal Basis for Processing (UK GDPR/EU GDPR)

We process your personal information based on the following legal grounds:

Consent:

  • When you subscribe to product updates, you provide explicit consent for us to process your name, email, and phone number to send you notifications about SafeToNet.

Legitimate Interests: We process anonymized analytics data based on our legitimate interest in understanding how visitors use our Website to improve user experience and functionality.

3.2 Purposes of Processing

We use your information for the following purposes:

  • Product notifications: To send you updates, news, and announcements about SafeToNet when you have subscribed to receive them
  • Communication: To respond to your inquiries and communicate with you about our products and services
  • Website improvement: To analyze anonymized usage patterns and improve the Website’s functionality and user experience
  • Legal compliance: To comply with applicable laws, regulations, and legal processes

We do not:

  • Sell your personal information to third parties
  • Share your personal information with partners for their marketing purposes
  • Use your information for automated decision-making or profiling

4. How We Share Your Information

We do not sell, trade, or rent your personal information. We may share your information only in the following limited circumstances:

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Website and conducting our business, including:

  • Email service providers: To deliver product update notifications
  • Web hosting providers: Our Website is hosted in the United Kingdom
  • Analytics provider: Plausible Analytics (privacy-focused, no personal data shared)

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government regulations).

4.3 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Website of any change in ownership or use of your personal information.

5. International Data Transfers

Our Website is hosted in the United Kingdom. If you are accessing the Website from outside the United Kingdom, please be aware that your information may be transferred to, stored, and processed in the United Kingdom where our servers are located.

For UK/EEA Users: Your data remains within the UK/EEA, ensuring full compliance with UK GDPR and EU GDPR requirements.

For Users Outside the UK/EEA: We ensure that appropriate safeguards are in place for international transfers of personal data, including:

  • Using service providers that comply with applicable data protection frameworks
  • Implementing standard contractual clauses where required
  • Ensuring adequate security measures are maintained

By using our Website and providing your information, you consent to this transfer, storage, and processing.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Subscription data: We retain your name, email, and phone number until you request deletion. If you unsubscribe from product updates, we will stop sending communications but your information will remain in our database unless you specifically request deletion.
  • Analytics data: Plausible Analytics retains anonymized data indefinitely

When we no longer need your personal information, we will securely delete or anonymize it.

7. Your Rights and Choices

7.1 Rights Under UK GDPR

If you are located in the United Kingdom or EEA, you have the following rights regarding your personal information:

  • Right of Access: You can request a copy of the personal information we hold about you
  • Right to Rectification: You can request that we correct inaccurate or incomplete information
  • Right to Erasure: You can request that we delete your personal information in certain circumstances
  • Right to Restrict Processing: You can request that we limit how we use your information
  • Right to Data Portability: You can request a copy of your information in a structured, machine-readable format
  • Right to Object: You can object to our processing of your information based on legitimate interests
  • Right to Withdraw Consent: You can withdraw your consent at any time where we rely on consent to process your information

To exercise these rights, please contact us at privacy@safetonet.com. We will respond to your request within one month.

7.2 Rights for US Residents

California Residents (CCPA/CPRA):

  • Right to know what personal information we collect, use, disclose, and sell
  • Right to request deletion of your personal information
  • Right to opt-out of the sale of personal information (Note: We do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

Other US State Rights: Depending on your state of residence, you may have additional privacy rights under state laws. Please contact us to learn more.

7.3 Unsubscribe from Communications

You can unsubscribe from product update notifications at any time by:

  • Clicking the “unsubscribe” link in any email we send you
  • Contacting us directly at privacy@safetonet.com

Please note that unsubscribing will stop communications but will not delete your information from our database. To have your information deleted, please submit a deletion request to privacy@safetonet.com.

7.4 Right to Lodge a Complaint

If you believe we have not handled your personal information properly, you have the right to lodge a complaint with a supervisory authority:

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using SSL/TLS protocols
  • Secure server infrastructure with regular security updates
  • Access controls limiting who can access personal information
  • Regular security assessments and monitoring
  • Employee training on data protection and privacy

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

9. Children’s Privacy

Our Website is not intended for children under the age of 13 (or 16 in the UK/EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@safetonet.com, and we will delete such information from our systems.

10. Third-Party Links

Our Website may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

We are not responsible for the privacy practices or content of third-party websites.

11. Cookies and Tracking Technologies

We use Plausible Analytics for website analytics, which does not require cookies or tracking technologies for our own analytics purposes.

Strictly Necessary Cookies: We use certain cookies that are essential for the Website to function properly, including:

  • Server load-balancing cookies to distribute traffic efficiently
  • Security cookies to protect against malicious activity

These cookies are necessary for the Website’s operation and do not require your consent under applicable law.

What We Don’t Do:

  • We do not place cookies on your device for our own analytics (we use Plausible instead)
  • We do not track you across different websites
  • We do not use cookies for advertising or profiling on our Website
  • We do not add tracking parameters to outbound links

For More Information: For detailed information about the cookies we use, please see our separate Cookie Policy.

If we implement additional features in the future that require other types of cookies, we will update this Privacy Policy and our Cookie Policy, and obtain your consent where required by law.

12. “Do Not Track” Signals

Some web browsers have a “Do Not Track” (DNT) feature. Since we do not track users across websites and do not use tracking cookies, DNT signals do not change how our Website operates. We respect your privacy by default.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the “Last Updated” date at the top of this policy
  • Post the revised policy on this page
  • For material changes, notify you via email (if you have subscribed) or through a prominent notice on our Website

We encourage you to review this Privacy Policy periodically. Your continued use of the Website after changes are posted constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

SafeToNet Limited
Email: privacy@safetonet.com
Address: Quadrant House, Broad Street Mall, Reading, England, RG1 7QE

For data protection matters, you may also contact our Data Protection Officer at privacy@safetonet.com.

For California Users: This Privacy Policy includes disclosures required by the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). We do not sell personal information as defined by these laws.