AI Acceptable Use Policy Template — Free for UK Businesses

Copy-paste AI acceptable use policy template. Covers approved tools, prohibited uses, data handling, and accountability.

·4 min read
An AI acceptable use policy defines which AI tools employees may use, what data they can share, what uses are prohibited, and who is accountable. This free template covers the six essential sections every UK SME needs. Copy it, replace the placeholders, and publish.

The template

[YOUR COMPANY NAME] — AI Acceptable Use Policy

Version 1.0 | [DATE] | Owner: [NAME/ROLE]

1. Purpose

This policy sets out the rules for using artificial intelligence tools within [COMPANY NAME]. It applies to all employees, contractors, and third parties who access company systems or data.

2. Approved AI Tools

The following AI tools are approved for use with company data:

  • [Tool name] — [Approved use] — [Conditions]
  • [Tool name] — [Approved use] — [Conditions]

Any AI tool not on this list is not approved. To request approval for a new tool, contact [governance owner].

3. Prohibited Uses

The following uses of AI tools are prohibited:

  • Entering customer personal data into any AI tool without a data processing agreement
  • Sharing confidential commercial information (pricing, contracts, financial data) with consumer AI tools
  • Using AI to make employment decisions without human oversight
  • Presenting AI-generated content as original human work in client deliverables without disclosure
  • Granting AI tools access to company cloud storage (Google Drive, SharePoint) without IT approval

4. Data Handling Rules

  • Public data: may be used with any approved AI tool
  • Internal data: may be used with approved enterprise AI tools only
  • Confidential data: may not be entered into any AI tool without explicit approval from [governance owner]
  • Personal data: must comply with UK GDPR — do not enter personal data into AI tools without a lawful basis and appropriate safeguards

5. Employee Responsibilities

  • Only use approved AI tools for work purposes
  • Report any AI tool you discover or use that is not on the approved list
  • Do not install AI browser extensions without IT approval
  • Review AI-generated output before using it in business decisions
  • Complete annual AI awareness training

6. Policy Owner and Review

This policy is owned by [NAME/ROLE] and will be reviewed quarterly. The next review date is [DATE].

All employees must acknowledge they have read and understood this policy. Acknowledgement will be tracked via [method — e.g. Governably policy acknowledgement].

Next steps

Replace the bracketed placeholders, publish the policy, and send it to your team. Use Governably to automate employee acknowledgement tracking and ensure everyone has confirmed they've read it.

Can I use this as-is?

Yes — adapt the placeholders and it's ready to publish.

Do I need a lawyer?

For most SMEs, no. Regulated sectors should seek legal review.

How do employees acknowledge it?

Digital acknowledgement link — Governably automates this.