100% offline
Pupil photos do not need to be uploaded to a cloud image-processing service during normal use.
Trust
Clear answers about privacy, control and offline use
Anonemo is designed to help schools share genuine school moments without sending pupil photos to an online service. The aim is simple: keep the workflow 100% offline, 100% on-premises and under staff control.
What this page covers
What schools and families usually want to know
This page explains what stays offline, what staff still review themselves, and what the product does and does not claim to do. If you want supplier-style DPIA wording, use the dedicated DPO summary page.
What this means in practice
The core reassurance is straightforward
100% on-premises
The normal workflow runs on a school-controlled device rather than a third-party online system.
Staff stay in control
The product is there to support staff judgement, not replace it or approve publication automatically.
Clear claims, not inflated ones
The promise is reduced identification risk and a safer workflow, not blanket guarantees or shortcuts.
How we are approaching this
Clear about the benefits, clear about the limits
Anonemo is being developed with the most relevant UK guidance in mind, including current government AI safety guidance and ICO guidance on AI and data protection.
That does not mean pretending a tool removes school responsibilities. It means schools should be able to understand the design choices, the controls and the limits clearly before deciding whether it is right for them.
Before launch
What is still being finalised
The core model is already clear: offline, on-premises, school controlled. Alongside that, a few parts of the product are still being finished before public release.
- Keeping the guidance and evidence tracker up to date alongside release work
- Extending reviewer controls so schools can set clearer default privacy choices
- Continuing safety, export and cleanup testing as the product moves toward release
Questions people often ask
The important questions should be easy to answer
These are some of the practical questions schools, trusts and governors are likely to ask.
Can the normal workflow stay on a school-controlled device?
Can staff still review, approve and reject images rather than relying on automation?
Does it talk honestly about reduced risk, rather than pretending it guarantees safety?
Is the product being developed with privacy, testing and guidance in mind as it moves toward release?
For DPOs
A structured summary is available for DPIA and procurement review
Schools often want a cleaner statement-based supplier summary they can use in a DPIA, governance note, or procurement file. That summary is available separately and explains data categories, controller / processor position, third parties, and residual risks more directly.
Open DPO / DPIA summaryImportant boundaries
What the product helps with, and what schools still need to decide
Does this remove the need for consent or lawful basis?
No. Schools still need an appropriate lawful basis, clear transparency, and image-publication rules that reflect actual practice.
Does this remove the need for safeguarding review?
No. Anonymisation supports safeguarding review; it should never be treated as a replacement for it.
Is the product claiming to make publication automatically safe?
No. The safer and more honest position is that it reduces one important category of risk, while human judgement and school policy still matter.
Why is a 100% offline workflow easier to explain to schools and parents?
Because one of the biggest worries disappears straight away: during normal use, sensitive school images do not need to be sent away to a third-party online image service at all.
Is Anonemo already claiming to be fully compliant?
No. The more responsible position is that Anonemo is being developed against current guidance and that evidence is being tracked as the product moves toward release.