Child safety standards.
YOLO has zero tolerance for child sexual abuse and exploitation (CSAE). This page is our published standard for preventing, detecting, and responding to CSAE on the platform, and explains how anyone — users, parents, regulators, or law enforcement — can reach us.
Our commitment
YOLO is a social bucket-list app published by Code Op (Pty) Ltd. We are committed to keeping children safe on our service. We take child sexual abuse and exploitation extremely seriously and cooperate fully with law enforcement and recognised child-protection partners. We comply with all applicable child-safety laws in the jurisdictions where YOLO is available, including the laws of South Africa (where our publisher is incorporated), the United States (where our infrastructure runs), the United Kingdom, and the European Union.
Minimum age
You must be at least 13 years old to use YOLO. Where local law sets a higher minimum age for online services that process personal data — such as 14 in Spain or 16 in parts of the EU — that higher minimum applies. We use age attestation at sign-up and act on credible reports that an account belongs to a user below the applicable minimum age.
YOLO is not directed at children. We do not knowingly create accounts for, or collect personal data from, anyone under the applicable minimum age. If we become aware that an account belongs to a user below the minimum age, we will remove that account and the associated data.
What is not allowed
Any of the following will result in immediate removal and account suspension, and may be reported to law enforcement:
- Child sexual abuse material (CSAM) of any kind — real, edited, animated, illustrated, or AI-generated.
- Sexualised content involving minors, including suggestive depictions in any medium.
- Grooming — befriending, coercing, manipulating, or otherwise attempting to engage a minor for sexual purposes.
- Solicitation of nude or sexually explicit imagery from a minor.
- Sextortion — threats to disclose intimate imagery to coerce a minor.
- Trafficking or facilitating the trafficking of a minor.
- Sharing personally identifying information (real name, school, address, contact details) of a minor in a manner that endangers them.
Prevention measures
- Account creation safeguards. Sign-up requires a valid Firebase identity (Google, Apple, or email/password). We block accounts that fail our minimum-age attestation and disable accounts that we identify as belonging to users below the applicable minimum age.
- Reporting in every surface. Every post, comment, and profile has a three-dot menu with a Report action. Reports go to our moderation queue.
- Block + audience controls. Users can block another account from any profile. YOLO's default audience for new posts is the user's friends circle — not a broadcast feed — limiting visibility to people the user has explicitly chosen.
- End-to-end encryption with no key escrow. Direct messages use libsignal end-to-end encryption. Because we cannot read message contents, child-safety reports involving DM content rely on a recipient device's report — we cannot proactively scan encrypted messages, but we act immediately on user reports and we cooperate with lawful requests.
- Human review. Reports flagged under "Illegal content" or matched by our moderation rules to child-safety concerns are routed to the human review team and prioritised over other report categories.
- Image and video hosting controls. Media is hosted on Google Cloud Storage with audit logging. Confirmed CSAM is preserved in a quarantined, access-restricted location for evidentiary purposes before deletion, in line with NCMEC guidance.
How to report a concern
If you encounter content or behaviour on YOLO that endangers a child, please report it immediately. We provide multiple paths so reports never get lost:
- Inside the app. Tap the three-dot menu on the offending post, comment, or profile and choose Report. Pick Illegal content (or the closest category) and add as much detail as you can.
- By email. Send the details to safety@codeop.io. Include any screenshots, URLs, account handles, dates, and approximate times.
- For imminent danger. Contact local emergency services first (e.g. 911 in the US, 999 in the UK, 112 across the EU, 10111 in South Africa) and then report to us so we can preserve evidence.
Reports are confidential. We do not share the reporter's identity with the reported account.
How we respond
- Triage. Reports involving minors are flagged on receipt and reviewed within 24 hours.
- Action. Confirmed CSAM is removed immediately. The offending account is suspended pending investigation; repeat or severe violations result in a permanent ban.
- Evidence preservation. We preserve removed content, account metadata, and access logs in a restricted quarantine for law-enforcement and child-protection-hotline review, retained for the period required by applicable law.
- Cross-account action. Where we identify multiple accounts operated by the same actor, those accounts are also suspended.
- No reinstatement on appeal for confirmed CSAE. Accounts suspended for confirmed CSAE-related violations are not eligible for reinstatement.
Reporting to authorities
We report confirmed child sexual abuse material to the relevant authorities:
- NCMEC CyberTipline (United States). We file CyberTipline reports with the National Center for Missing & Exploited Children (NCMEC) for confirmed CSAM, as required by 18 U.S.C. § 2258A.
- INHOPE-network hotlines (international). For reports originating outside the United States, we work with the relevant hotline in the INHOPE network — for example the Internet Watch Foundation (UK), Meldpunt Kinderporno (Netherlands), or Stop CSAM (Australia) — and with the relevant national child-protection authority.
- South Africa. As our publisher is incorporated in South Africa, we report to the Film and Publication Board (FPB) and to the South African Police Service (SAPS) for incidents requiring local action, in line with the Films and Publications Act and the Cybercrimes Act.
- Other lawful requests. We respond to validly served legal process from law enforcement and produce records to the extent required by applicable law.
Contact
For child-safety concerns, the designated point of contact at Code Op (Pty) Ltd is:
safety@codeop.io
Code Op (Pty) Ltd · Cape Town, South Africa
For general support questions unrelated to child safety, email support@codeop.io.