Created by: [Insert name]

Last reviewed: [Insert date]

1. Purpose

This policy sets out how artificial intelligence (AI) tools may be used safely, ethically, and legally within [Company Name] in line with UK employment law, data protection regulations (including UK GDPR), and company values.

It exists to encourage responsible exploration of AI while safeguarding personal data, business confidentiality, and employee wellbeing.

2. Scope

This policy applies to:

• All employees, contractors, and third-party partners
• All use of AI technologies in the workplace, including but not limited to:
  • Generative AI tools (e.g. ChatGPT, Claude, Copilot)
  • AI features embedded within HR, comms, analytics, or workflow tools
  • Automated decision-making systems

It applies whether tools are accessed via browser, desktop app, or integrated into other platforms.

3. Principles of Use

All AI use at [Company Name] must follow these principles:

• Transparency

  Clearly communicate when AI has been used to produce or inform an output—especially when decisions affect others.

• Human Oversight

  AI should support, not replace, human judgment. All final decisions remain the responsibility of the employee using the tool.

• Data Minimisation

  Never enter personally identifiable information (PII), sensitive personal data, or confidential business information into public AI tools.

• Security by Design

  Only use company-approved AI tools that meet our data security and legal standards.

• Bias Awareness

  Be aware that AI outputs may reflect societal or systemic biases. Always review outputs critically, particularly in people-related contexts.