Legal

Trust & Safety

Last updated: 30 June 2026

Plain-English summary: Fledge is designed for young people aged 10–16. We have built the platform with children's safety and privacy as the starting point, not an afterthought — defaulting to the most protective settings throughout and requiring parental involvement for anything sensitive.

Our approach

The Fledge service — both the website at getfledge.co.uk and the Fledge iOS app — has been designed by Fledge Labs Ltd with reference to the ICO's Age Appropriate Design Code (Children's Code), UK GDPR, the Online Safety Act 2023, PECR 2003, and UK children's safeguarding guidance. We do not claim formal certification — no such scheme exists for the Children's Code — but we have made deliberate design decisions against each standard and document our reasoning here.

We review these practices regularly. If you have a concern about how we handle children's data or safety on the platform, please email hello@getfledge.co.uk.

What we have built

UK GDPR Art. 8

Parental consent at sign-up

Every account is set up with a confirmed parent or guardian (18+) who accepts responsibility for the account and consents to data processing on behalf of their child. This is a required step — the shop cannot be created without it.

Children's Code Std. 3

Best interests of the child first

We default to the most protective settings throughout. Cash on collection is off by default — a parent must actively enable it and is shown a safety reminder every time it is on. Our first-sale email emphasises skills learned, not money earned.

Children's Code Std. 6

Data minimisation

We only collect what is needed to run the service. We prompt young people not to include personal details (home address, school name) in their shop description. Free-text inputs sent to AI are automatically stripped of email addresses, phone numbers, and URLs before processing.

Children's Code Std. 8

Parental controls

The dashboard has a dedicated Parent view with a setup checklist. Privacy-sensitive features (personalisation, cash payments) require explicit parental action to enable. The personalisation consent modal makes clear that a parent or guardian should make the decision for under-13s.

Children's Code Std. 9

No nudge techniques

We do not use dark patterns. The post-sign-up screen presents both paths — subscribing now and setting up first — with equal visual weight and a clearly stated price. We do not hide the free option or use manipulative design to push families toward higher spend.

Children's Code Std. 12 / UK GDPR Art. 25

Privacy by default

New shops are private until a parent actively publishes them. Cash payments are off by default. Analytics cookies are declined by default. Bank account details are not included in buyer confirmation emails unless the merchant explicitly enables this. Personalisation data is not collected unless the account holder consents.

Children's Code Std. 13

Clear and accessible reporting

Every product listing — on the website and in the iOS app — has a visible "Report this listing" button. Reports go directly to our admin team for review within 24 hours. We also moderate every product image at upload time using AI before it goes live on the platform.

Online Safety Act 2023

Content moderation

All product images are checked by AI (Google Gemini) for age-appropriateness before going live. All product names and descriptions are moderated for inappropriate content at the point of saving — on both the website and the iOS app. Users can report any listing and we review every report.

PECR 2003 / UK GDPR Art. 6

Email consent

Review request emails are only sent to buyers who explicitly opt in at checkout. We do not send marketing emails to buyers without consent. Order confirmation emails are sent only when a buyer provides their email address.

UK GDPR Art. 5(1)(e)

Data retention limits

Buyer contact data (name, phone, email) is retained for 90 days after the order date, then deleted. Personalisation profile data is deleted immediately if consent is withdrawn. Order records are kept for 7 years for accounting purposes only.

Safeguarding / Children Act

In-person transaction safety

When a parent enables cash on collection, a safety reminder is permanently displayed in the shop settings: the young person must take a trusted adult, meet in a public place, and never share their home address. The same guidance appears in every new-order notification email when cash or bank transfer is the payment method.

Reporting a concern

If you see a product listing or shop that concerns you, use the Report this listing button on any product page. Reports are reviewed by our team within 24 hours.

For any other safeguarding concerns, data requests, or questions about how we handle children's information, email hello@getfledge.co.uk. We aim to respond within 2 working days.

You can also contact the ICO directly at ico.org.uk.

Related policies