top of page

KLYN Social Media Policy
(Instagram, Facebook & TikTok)

Version: 1.0 | Effective: 01 March 2026 | Review: Every 12 months or on legal/platform change

Approved by: Ben Griffin 

1. Purpose & Scope

This policy sets out how KLYN uses and manages official social media accounts on Instagram, Facebook and TikTok. It applies to all staff, freelancers, volunteers, partners, and moderators who post, schedule, design, film, edit, approve, or moderate content for KLYN, and to any person representing KLYN online. It covers editorial output, community management, advertising/sponsorship, live streams, user‑generated content (UGC), and data handling.

2. Principles

  • Safety first, especially for children and young people.

  • Accuracy, fairness and responsible journalism across platforms.

  • Lawful, respectful and inclusive engagement; zero tolerance for hate or harassment.

  • Privacy by design and data minimisation.

  • Transparency in advertising/sponsorship (#ad/#sponsored).

  • Accessibility: captions, alt text and readable design.

  • Accountability: decisions are documented and auditable.

3. Governance & Roles

Role

Responsibilities

Board/Trustees

Approve policy; oversee risk; serious incident oversight.

Editor‑in‑Chief

Editorial standards; legal sign‑off for high‑risk posts; crisis comms lead.

Head of Digital/Comms Lead

Day‑to‑day ownership; scheduling; analytics; training; audits.

Designated Safeguarding Lead (DSL)

Safety risk assessment; escalation; platform reporting; police liaison.

Moderators/Community Managers

UGC moderation; triage; takedowns; evidence capture; friendly engagement.

Producers/Creators

Create compliant content; retain consent/rights records; respect music/media licensing.

IT/Security

Access control; MFA; incident response for compromised accounts.

4. Legal & Regulatory Framework (UK)

  • Defamation Act 2013; Contempt of Court Act 1981; reporting restrictions for youth/sexual offence cases.

  • Children and Young Persons Act 1933 (youth court anonymity); Sexual Offences (Amendment) Act 1992 (lifetime anonymity).

  • Communications Act 2003 / Malicious Communications Act 1988; Public Order Act 1986 (hate crime).

  • Copyright, Designs and Patents Act 1988; fair dealing for reporting and quotation with attribution; platform music/library rules.

  • UK GDPR & Data Protection Act 2018; PECR (cookies/marketing consents).

  • ASA CAP Code & CMA guidance (advertising, endorsements, prize promotions, influencer transparency).

  • Online Safety Act duties for user‑to‑user features (moderation, illegal harms) and platform reporting routes.

  • Equality Act 2010; Human Rights Act 1998; safeguarding guidance (Working Together, KCSIE for school settings).

5. Accounts & Access Control

  • All official KLYN handles are owned by the organisation; no personal ownership of pages/profiles.

  • Use role‑based access via Business Manager/Meta Business Suite, Instagram professional account, and TikTok Business Center.

  • Enable multi‑factor authentication (MFA) on all admin accounts; unique strong passwords in a password manager.

  • Maintain an access register (who/role/approved platforms); quarterly review and on/off‑boarding within 24 hours.

  • Use organisation emails for admin roles; never share passwords; no unmanaged ‘shadow’ tools.

  • Back‑up ownership: at least two senior admins per platform to prevent lockouts.

6. Content Standards (Editorial & Creative)

  1. Accuracy & fairness: verify facts; correct swiftly; avoid misleading edits/captions.

  2. Children/young people: minimise identification; avoid publishing school/locations/timetables unless justified in public interest and legally safe; apply consent for non‑news promotional content.

  3. Anonymity & restrictions: do not identify victims of sexual offences; check court orders; mask identities where required.

  4. Sensitive stories: apply a public‑interest test; DSL/Editor sign‑off; consider pixelation/voice alteration.

  5. Hate/harassment: zero tolerance; remove and report unlawful content; support targeted individuals.

  6. Copyright & music: only use media you own, have licensed, or which is clearly permitted by platform libraries; keep licence/consent records.

  7. Accessibility: add captions/subtitles to video; alt text to images; avoid text‑heavy graphics without transcript.

  8. Elections & political content: retain neutrality for institutional accounts; label opinion/commentary clearly; follow platform rules and electoral law.

7. Platform‑Specific Rules

7.1 Instagram

  • Use professional account; link to Meta Business Suite.

  • Stories/Reels: ensure music tracks are available for business use; avoid unlicensed audio.

  • DMs with minors: do not initiate private chats; keep communications in monitored inboxes; signpost to safeguarding routes; retain records where necessary.

  • Comment moderation: apply filters; block terms; hide or remove harmful comments swiftly; document takedowns.

7.2 Facebook

  • Pages and Groups: publish House Rules; pre‑approve posts in groups for youth audiences; require membership questions and age affirmation.

  • Events: use moderated discussion; disable private messaging between attendees where possible; monitor live event chats.

  • Messenger: use shared mailbox; never use private personal profiles for official contact.

7.3 TikTok

  • Business account; comply with Community Guidelines and music licensing limits.

  • Live streams: two‑person rule (host + moderator); delay/filters on keywords; end stream if safety/legality risks arise.

  • Under‑18 safeguards: avoid encouraging interaction that reveals personal data/locations; no DMs with minors; pin safety links.

  • Duets/Stitches: review UGC for copyright/defamation; disable if risk is high.

8. User‑Generated Content (UGC) & Moderation

  1. House Rules are published and linked in bios; users must not post illegal, harmful, defamatory, hateful, or personal data about others.

  2. Moderation coverage: 07:00–22:00 minimum; alerts set for high‑risk keywords; outside hours, emergency routes in bios.

  3. Takedown decision tree (illegal → immediate removal/report; harmful but legal → remove if breaches rules; escalate edge cases to Editor/DSL).

  4. Evidence capture before removal (screenshots/URL/time/user ID); retain in incident log for 12 months or per legal hold.

  5. Report criminal threats, grooming, incitement, terrorism or child sexual abuse material to platform and police immediately.

  6. Block/mute repeat offenders; apply comment limits for high‑risk posts; temporarily suspend comments if needed.

9. Advertising, Sponsorship & Promotions

  • Label paid‑for content clearly and up‑front: #ad, #sponsored, or ‘Paid partnership with…’.

  • Comply with ASA CAP Code (Section 2 recognition of marketing; Section 8 promotions). Keep promotion terms in a pinned post and on the website.

  • Use written agreements with sponsors/partners; editorial independence remains with KLYN.

  • Influencers/ambassadors working with KLYN must follow CMA transparency and provide their own disclosures.

  • Prize draws/competitions: document eligibility, opening/closing dates, winner selection method and privacy notices; retain winner consent for publicity if used.

10. Safeguarding & Contact with Minors

  • Do not initiate or move conversations with minors to private, unmonitored channels.

  • Refer safeguarding concerns immediately to the DSL; store evidence securely and do not investigate personally.

  • No one‑to‑one video calls or DMs between staff and minors on personal accounts; use official accounts only, with oversight.

  • Avoid reposting images of minors from personal accounts without consent and risk assessment; for non‑news content obtain appropriate consent.

11. Data Protection & Privacy Online

  • Collect only what is necessary (e.g., competition entries); provide a link to Privacy Notice.

  • Do not publish personal data (addresses, contact details) without a lawful basis and editorial justification.

  • Handle DMs/inbox data as personal data: restrict access, apply retention (e.g., 12 months unless needed longer), and delete securely.

  • Do not export platform data to personal devices; use approved systems; encrypt downloads; lock screens.

  • Ensure website links and pixels comply with PECR consent rules.

12. Live Content & Breaking News

  1. Risk assess before going live; identify legal/safety risks (minors, locations, ongoing court cases).

  2. Two‑person rule: presenter + moderator; have a ‘kill switch’ plan to end live if needed.

  3. Avoid filming private spaces or identifying details without consent; blur plates/house numbers when possible.

  4. Do not solicit user submissions that may encourage risky behaviour or trespass.

  5. Post‑live: review comments; remove harmful content; archive recording with notes.

13. Escalation & Crisis Communications

  • High‑risk triggers: credible threats, doxxing, legal letters, viral misinformation, data breaches, child safety incidents.

  • Immediate actions: pause scheduling; lock down access; capture evidence; inform Editor‑in‑Chief and DSL.

  • Holding statement template (Appendix C); spokesperson: Editor‑in‑Chief (backup: Head of Digital).

  • Legal: consult adviser for defamation/contempt/privacy risks; do not speculate; correct factual errors quickly with transparent updates.

14. Corrections, Takedowns & Right of Reply

  • Material errors corrected prominently with time/date stamp; keep an audit trail.

  • Takedown requests assessed by Editor/Legal/DSL; balance public interest and safety; record rationale.

  • Offer fair right of reply where appropriate; include responses in updates where relevant.

15. Staff Personal Use & Conduct

  • Staff must not present personal opinions as KLYN views; add disclaimers where relevant.

  • Do not disclose confidential information or identify minors/service‑users.

  • No harassment, discrimination or bullying; follow Code of Conduct; report conflicts of interest.

  • If approached by media/commenters about organisational issues, refer to Comms Lead/Editor.

16. Security & Incident Response

  • MFA enforced; password manager required; quarterly password hygiene checks.

  • Compromise protocol: revoke sessions; change passwords; notify platforms; inform IT/DSL; assess data breach duties under UK GDPR.

  • Phishing awareness for admins; verify links/apps; restrict third‑party tool permissions.

17. Records, Retention & Audit

  • Keep an editorial log of significant posts (date/time/copy/approver) for 24 months.

  • Retain moderation incident logs and evidence for at least 12 months (or longer if legally required).

  • Quarterly compliance audit against this policy with action plan; report summary to Board.

18. Breaches of Policy

Breaches may result in removal of access, retraining, disciplinary action or termination of contracts. Illegal activity will be reported to the police and platforms.

19. Training & Onboarding

  • Mandatory induction covering this policy, legal basics, safeguarding online and platform tools.

  • Annual refreshers; additional training before live streaming or managing high‑risk topics.

  • Keep attendance logs and competence sign‑off records.

20. Policy Review

This policy is reviewed annually or sooner if there are material changes to UK law, platform rules, or KLYN’s operations.

Appendix A – Platform Settings Checklist

Area

Minimum Standard

Security

MFA on; two senior admins; remove leavers within 24h; password manager.

Privacy

Limit DMs; comment filters on; age‑gating where available; profanity filters enabled.

Safety

Blocked keywords; comment limits on high‑risk posts; links to reporting routes in bios.

Content

Captions/subtitles; alt text; licensed music only; consent logged.

Records

Editorial log; moderation log; consent & rights folder.

Appendix B – Moderation Decision Tree (Summary)

  1. Is content illegal or an immediate safety risk? → Remove, report to platform/police, capture evidence, escalate to DSL.

  2. Does it breach House Rules (hate, doxxing, harassment, misinformation)? → Remove/hide; warn or block user; log incident.

  3. Borderline but potentially lawful? → Escalate to Editor/DSL for decision; consider limiting comments.

  4. Legitimate criticism/complaint? → Keep; respond politely or signpost to complaints process.

Appendix C – Holding Statement (Template)

“We’re aware of concerns raised about [issue]. We’re reviewing the situation and will update this page when we have verified information. If you are affected, please contact [contact email]. If anyone is at risk of harm, call 999.”

Appendix D – Competition/Promotion Terms (Summary Template)

  • Promoter: King’s Lynn Youth News (contact details).

  • Eligibility and age limits; geographic restrictions.

  • Opening/closing dates and times; how to enter; no purchase necessary.

  • How winners are chosen; verification; prize details; alternative prize if unavailable.

  • Announcement method; how to claim; time limits; publicity consent.

  • Data protection notice; how long data is kept; link to Privacy Notice.

  • Platform‑specific rules (Instagram/Facebook/TikTok disclaimers).

Appendix E – Consent & Rights Log (Template)

Asset

Subject(s)

Consent type/date

Notes/Restrictions

Owner/Licence

Expiry/Review

Photo – outreach session

[Initials]

Parent consent dd/mm/yyyy

No public tags; KLYN channels only

KLYN

Review after 2 years

Video – interview

[Initials]

Young person (13+) consent dd/mm/yyyy

Blur school badge

KLYN

Review after 2 years

Appendix F – Incident/Take‑Down Log (Template)

Date/Time

Platform/URL

User/ID

Summary

Action taken

Escalated to

Ref No.

[dd/mm/yyyy hh:mm]

Instagram Reel

@handle

Defamatory allegation in comments

Removed; blocked; evidence saved

Editor/DSL

KLYN‑SM‑0001

bottom of page