The Children’s Code (also known as the Age Appropriate Design Code) was introduced in September 2020 and applies to an Information Society Service (sometimes known as ISS) "likely to be accessed by children”. ISS essentially means a service offered over the internet directly to a user at their request, and applies in the case of the Children's Code to digital services offered directly to a child.
As this guide from the ICO explains, any ISS offered through an intermediary such as a school is not deemed to be offered directly to a child, and therefore does not fall under the Children's Code.
Since Carousel is only ever offered through an intermediary (i.e. a school or tutor), Carousel does not fall under the Children's Code.
However, we strongly believe in transparency and aim to conform to the highest standards of information security at all times. With this in mind, we are proud to detail the ways in which we in any event conform with relevant aspects of the Children's Code.
1. Best Interests of the child
Our product is not sold or offered directly to children. Instead, it is teacher-led and so there is never any usage without an education professional supervising and ensuring the needs of the child are considered.
We complete a DPIA wherever we judge it appropriate in relation to our work. This may, for example, be in situations such as when considering whether to process additional Personally Identifiable Information. because we take "data minimisation by default" approach to product design, we will always limit the data we gather to what is required to provide our services.
3. Age Appropriate application
Our product is designed to be age-appropriate and is teacher-led to ensure age-appropriate use. There is no situation where a student can access content from Carousel without that content first being provided (and therefore vetted) by a teacher.
We our transparent in all our processes and policies, with online privacy and terms of service agreements. Read more about that here.
5. Detrimental use of Data
Carousel contains only educational content that is created and/or shared by a school. As such we never use data detrimentally, as covered by our policies. Read more about that here.
6. Policies and community Standards
We have suitable policies for the purpose of the product. Read more about that here.
7. Default Settings
The product is teacher led so the settings for children are controlled by the teacher. We do not offer any way for children to choose to share their own data through their interaction with the product.
8. Data Minimisation
We only store the minimum data required to provide our services. With students, this is often as little as their first and last name - or, if the teacher prefers, a nickname or pseudonym. More info is our policies and terms. Read more about that here.
9. Data Sharing
We never share a school's data with any third parties except where explicitly requested by that school, or where required by law. You can read more about this in our policies and terms.
We do not record geolocation of students.
11. Parental Controls
Our product is teacher led so it is the teacher (as opposed to the parent) who controls usage.
We do not have any form student profiling built in to the product.
13. Nudge Techniques
We do not use nudge technologies or notifications to encourage children to give up personal data.
14. Connected Toys & Devices
As an online quizzing and retrieval practice tool, this is not relevant to us.
15. Online tools
We provide our schools with the tools and information they require to act as the data controller on behalf of their students.