← Back to Privacy Center

Children's Safety & Safeguarding Statement

Effective date: 20 April 2026

Purpose

This Child Safety & Safeguarding Statement is made available by UniHawk Education Support Services L.L.C, a company incorporated under the laws of the United Arab Emirates, with its registered address at Office 1113, Malik Hamad Suhail Owaida Al Khaili Building, Al Sufouh 2, Dubai, UAE (“UniHawk”) and is prepared for the HawkNest platform, including the website, mobile application, and related features and functionalities (together, “HawkNest” or the “Platform”).

This Statement sets out the technical, administrative, and organisational measures implemented by UniHawk to safeguard minors and ensure compliance with applicable child protection, data protection, and privacy laws when accessing and using the Platform and any related services.

This statement should be read alongside our Privacy Policy, Terms of Use, Acceptable Use Policy, and any other applicable agreements or policies published by UniHawk.

UniHawk implements the safeguarding measures set out in this statement in accordance with all applicable legal and regulatory requirements concerning the protection of minors and the processing of their personal data. Specifically, this statement and our practices are aligned with:

  • UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL);
  • UAE Child Digital Safety Law (Federal Decree-Law No. 3 of 2024, effective January 2026);
  • UAE Child Rights Law (Federal Law No. 3 of 2016); and
  • International child safeguarding and online safety best practices.

Scope of Access

Access to the Platform is provided exclusively through a school-mediated model, whereby schools onboard students and confirm parental or guardian consent prior to any student account being activated. No student may access the Platform without a valid school-issued access code (UniCode) linked to a consent-confirmed student record. Direct consumer sign-up by students or parents without school mediation is not currently available.

Key safety principles

HawkNest is an educational guidance platform and is not a public social platform. The following baseline safety principles apply across the Platform:

  • Direct messaging between adults and students is restricted by default to minimize risks of inappropriate communication.
  • Users are granted access only to content, data, and functionalities necessary and proportionate to their respective role (student, parent/guardian, school administrator, or internal administrator). Unauthorized access or attempts to exceed assigned privileges are strictly prohibited.
  • The Platform does not enable public-facing user profiles, open community forums, or unmoderated peer-to-peer communication.

Account controls

  • Student accounts may only be created using a school-issued UniCode. Accounts cannot be self-registered without an authorised invitation from a verified school.
  • Activation of a student account is conditional upon prior documented confirmation of parental or guardian consent by the relevant school. Students whose consent status is unconfirmed or withdrawn cannot activate or access their account.
  • All users are subject to Role-Based Access Control (RBAC), ensuring that access rights correspond to role-specific responsibilities. Access rights are reviewed periodically in accordance with UniHawk's internal policies.
  • Administrative actions are subject to secure session management and audit logging, to ensure accountability and traceability of system activity.
  • Where a parent or guardian withdraws consent, the student's account is deactivated within 72 hours and the student's personal data is queued for deletion in accordance with our Data Retention and Deletion Policy.

Content and AI safety

HawkNest provides AI-powered career guidance, psychometric assessments, university discovery, and conversational assistance features. The following safeguards apply to all AI-generated content on the Platform:

  • AI-generated outputs (“Outputs”) are provided solely for informational and educational guidance purposes and may be inaccurate, incomplete, or inappropriate. Students, parents, and school administrators must independently verify critical facts and not rely on Outputs as a substitute for professional advice.
  • Outputs are subject to algorithmic and human-monitored safety controls designed to minimize the generation of harmful, illegal, or abusive content, in accordance with the Acceptable Use Policy.
  • AI Outputs are filtered and reviewed for age-appropriateness for users aged 13 and above.
  • UniHawk does not permit the Platform to be used to generate harmful, illegal, abusive, or exploitative content. Any such use is a breach of our Acceptable Use Policy and may result in immediate account suspension and reporting to relevant authorities.
  • No personally identifiable information is included in AI prompts sent to the underlying language model. AI processing is conducted in real time and prompts are not retained by the AI subprocessor after processing.
  • Student data is never used to train, fine-tune, or otherwise develop foundational AI models.

Data protection for children

UniHawk implements enhanced safeguards for the processing of minors' personal data, as further detailed in our Privacy Policy:

  • Only personal data necessary to provide the educational guidance services is collected and processed. Data minimisation is applied as a baseline principle.
  • Student data is not used for advertising, marketing, or commercial profiling of any kind.
  • UniHawk does not sell or commercially share student personal data with any third party.
  • Retention limits appropriate for children's data are applied, and data is deleted in accordance with our Data Retention and Deletion Policy upon account closure or consent withdrawal.
  • All personal data of minor users is hosted within the United Arab Emirates (AWS me-central-1 region). No minor personal data is currently transferred outside the UAE. In the event that cross-border processing becomes necessary in future, appropriate safeguards will be implemented in accordance with the applicable UAE law prior to any such transfer.

Incident response

UniHawk maintains separate procedures for responding to child safeguarding incidents and personal data breaches, recognising that these are distinct categories of incident requiring different responses.

Safeguarding incidents (24-hour reporting)

A safeguarding incident includes any event where a child may be at risk of harm, abuse, or exploitation, whether identified through platform activity, AI outputs, or user reports.

In accordance with the UAE Child Digital Safety Law and UAE Child Rights Law (Federal Law No. 3 of 2016), UniHawk shall implement the following procedures:

  • All suspected Safeguarding Incidents shall be escalated internally to the designated safeguarding personnel within four (4) hours of identification.
  • Reports to the relevant UAE authorities are made within 24 hours of confirmed detection.
  • The relevant School (acting as data controller, where applicable) shall be notified without undue delay and, where feasible, in parallel with any regulatory reporting.
  • UniHawk shall fully cooperate with law enforcement and competent authorities in connection with any Safeguarding Incident, including providing access to relevant information as required by law.

UniHawk shall maintain appropriate internal policies and training to support the effective identification, handling, and reporting of safeguarding incidents.

Data breaches (72-hour reporting)

Personal data breaches are handled in accordance with applicable law and internal policies:

  • Notification to the relevant controller (e.g., school) without undue delay.
  • Where applicable, notification to the relevant UAE Data Protection Authority within statutory timeframes, where required.
  • Appropriate Investigation, containment, and remediation measures are implemented.

Detection and response

UniHawk maintains appropriate technical and organisational measures to identify and respond to both safeguarding and data protection incidents, including:

  • Detection: Automated monitoring and manual review processes for identifying safety risks.
  • Escalation: Internal escalation procedures with designated points of contact for child safety.
  • Notification: Affected schools and, where required, relevant authorities are notified without undue delay.
  • Remediation: Steps to contain and resolve the incident, including content removal, account action, and system updates.

Reporting concerns

If you believe a student is at risk or you encounter unsafe content:

All reports are treated seriously and handled promptly in accordance with internal procedures.

Continuous improvement

UniHawk regularly reviews and enhances its safeguarding measures, including through periodic risk assessments, updates to policies and technical controls, staff training, and alignment with evolving legal requirements and industry best practices. This statement will be updated from time to time to reflect any material changes to our safeguarding practices or applicable legal obligations.