top of page

Responsible AI Usage Policy 

Version 2.0

Last Updated: 2025.01.18
 

Key Updates in Version 2.0:

  • Integration of a Data Classification Framework delineating Public Data, B2B Prospect Data, Client Data, and Internal Proprietary Data.

  • Formalized Client AI Opt-Out procedure.

  • Introduction of Monitoring & Auditing processes, including quarterly audits and annual security reviews.

  • Detailed Incident Response protocol for AI-related breaches or policy violations.
     

1. Purpose & Scope

Experience Innovation Consulting Inc. ("we," "us," or "our") embraces Artificial Intelligence's (AI) transformative potential to enhance productivity, innovation, and client value. However, we acknowledge the ethical, security, and privacy responsibilities of AI usage. This Responsible AI Usage Policy outlines how our team uses AI tools transparently, securely, and ethically, reflecting our core values and commitments to our clients, partners, employees, and subcontractors. ​This policy applies to all employees, subcontractors, partners, and any party authorized to use our data or systems in connection with Experience Innovation Consulting Inc.

 

2. Our Data Classification Framework

We classify all data we handle into four categories, each with specific guidelines on whether and how AI tools may process it.
 

  1. Public Data

    • Definition: Freely accessible or published data (e.g., public websites, market research).

    • AI Usage: Generally permissible with minimal restriction, provided it does not violate intellectual property rights or platform terms.
       

  2. B2B Prospect Data

    • Definition: Information about potential clients collected via lead-generation platforms (e.g., Clay) used for business outreach.

    • AI Usage: Permitted with approved AI tools only. Personal data must be handled in compliance with anti-spam/marketing laws (e.g., CASL, CAN-SPAM) and stored for a maximum of two years (unless earlier deletion is requested or required).
       

  3. Client Data

    • Definition: Confidential or proprietary information provided to us by clients (e.g., project briefs, financial documents).

    • AI Usage:

      • Must use only approved AI tools.

      • Explicit client consent is required if the data is highly sensitive (e.g., financial data, personal employee data).

      • If a client opts out (see Section 5), no AI usage is allowed on their data.
         

  4. Internal Proprietary Data

    • Definition: Our intellectual property or trade secrets (e.g., unpublished research, confidential frameworks).

    • AI Usage: Strictly limited to approved AI tools in a secure environment.

    • Prohibited from public model training unless authorized explicitly by leadership.

 

3. AI Tools & Software Selection

We maintain a list of approved AI tools to ensure data privacy and security standards are met. No unapproved AI software may be installed or used on company devices or for company-related work without explicit, written authorization from our Security Lead.
 

Approved AI Tools & Platforms that make use of AI in their software:


Last updated: 2025.01.18
 

  1. ChatGPT (Including ChatGPT Agent Builder + API Integrations)

  2. Claude (Including Claude Projects + API Integrations)

  3. Perplexity.ai

  4. Journey.io

  5. HubSpot

  6. Miro

  7. Asana

  8. SurveyMonkey

  9. Fireflies.ai (Fred)

  10. Loom

  11. Zoom

  12. Harvest

  13. MidJourney

  14. Google Big Query

  15. Mistral.ai

  16. Hugging Face

  17. PineCone Databases

  18. LangChain, LangSmith, LangGraph

  19. Docker

  20. Visual Studio

  21. Microsoft Suite

  22. Google Business Suite - including Gemini

  23. LinkedIn

  24. GitHub

  25. Clay

  26. DMARCLY

  27. Cookieeyes

  28. Julius.ai

  29. Bitly

  30. Hotjar

  31. Wix

  32. Google Analytics

  33. Google Search Console

  34. GitHub

  35. Instantly.ai

  36. Coursera

  37. Adobe
     

Custom AI Agents

We also develop custom AI agents using ChatGPT, Claude, and LangChain platforms. These agents are configured not to feed client or proprietary prompts into underlying model training. Any logs these agent frameworks retain are stored securely and purged per LLM provider data retention timelines.

 

4. Responsible AI Usage Guidelines

​

  1. Transparency & Human Oversight

    • We disclose when AI is used for content generation, data analysis, or deliverable creation.

    • No deliverable is ever solely AI-generated; a human reviews and refines AI outputs for quality, accuracy, and bias.
       

  2. Accountability

    • Employees and subcontractors are responsible for any work produced or decisions made with the assistance of AI.

    • AI does not replace human judgment or creativity; it is a tool to augment our capabilities.
       

  3. Bias & Fairness

    • AI models can inadvertently reflect biases in training data. Our team is trained to review outputs for potential bias, stereotype reinforcement, or harmful content.

    • We report and correct any biased or harmful AI output immediately.
       

  4. Privacy & Security

    • We do not submit client-sensitive data or personally identifiable information (PII) to unapproved or public AI tools without redaction, anonymization, or explicit client consent.

    • Employees must follow our Data Classification rules and ensure each data category is labelled, stored, and handled correctly.
       

  5. Ethical Considerations

    • We do not use AI to impersonate individuals or generate misleading content.

    • No images of real people or voice analysis are created or manipulated using AI to avoid privacy and ethical concerns.

 

5. Client AI Opt-Out Procedure

We respect each client's preference regarding AI usage. If clients are uncomfortable with AI involvement in their project or data processing:
 

  1. Request Submission: Clients may submit an AI Opt-Out or Restriction request in writing or by completing our AI Usage Opt-Out Form.
     

  2. Acknowledgement & Assessment: We will acknowledge the request in writing within three business days and propose a feasible solution (e.g., partial or full restriction) within 15 business days.
     

  3. Implementation: Once agreed upon, our team will ensure that no AI tools are used on the client's data if they opt out fully. Partial restrictions will be documented and enforced.
     

  4. Monitoring: We periodically audit project deliverables to verify client request compliance.

 

6. Monitoring & Auditing

To maintain rigorous standards, we conduct:
 

  1. Quarterly Audits

    • Usage Logs & Tool Access Review: Confirm only authorized employees/subcontractors accessed approved AI tools.

    • Data Classification Spot Checks: Verify compliance with data handling rules.

    • Client AI Opt-Out Compliance: Ensure no AI usage where a client has opted out.

    • Prompt & Output Review: Random sampling of AI prompts/outputs to check for accuracy, bias, or improper data inputs.
       

  2. Annual Security & Privacy Checks

    • A comprehensive review of software inventories, access controls, and alignment with privacy regulations (PIPEDA, GDPR, CCPA/CPRA).

    • Endpoint scans to detect any unauthorized AI or browser plugins.
       

  3. Reporting & Documentation

    • Findings are summarized in internal audit reports.

    • Any violations or anomalies are escalated to leadership and addressed promptly.

 

7. AI Incident Response
 

  1. Definition

    • An AI-related incident includes unauthorized AI usage, data breaches involving AI tools, or the release of harmful/bias-laden AI outputs.
       

  2. Reporting

    • Suspected incidents must be reported immediately to our AI Policy Lead ([Name]) or designated manager.
       

  3. Triage & Containment

    • We temporarily suspend AI usage on the affected project or data, revoke unauthorized access, and investigate the scope and impact.
       

  4. Investigation & Notification

    • If client data is involved, we conduct root-cause analysis and notify affected clients and relevant authorities (as required by law, contract, and alignment with our responsible AI use policy).
       

  5. Remediation

    • Corrective actions may include reconfiguring AI tools, updating training, or strengthening security measures.

    • Post-incident reviews incorporate lessons learned into policy updates or additional safeguards.

 

8. Training & Enforcement
 

  1. Employee & Subcontractor Training

    • All personnel involved in AI-driven tasks complete an orientation on this policy, data classification, and incident response.

    • Refresher sessions occur periodically or when major policy updates are made.
       

  2. Enforcement & Disciplinary Measures

    • Non-compliance with this policy can lead to disciplinary actions, including contract termination for subcontractors or employees.

    • Our management team or AI Policy Lead handles investigations of suspected violations.

 

9. Employee & Subcontractor Acceptance

By working with or for Experience Innovation Consulting Inc., you agree to adhere to this Responsible AI Usage Policy. Subcontractors must sign our Subcontractor Agreement, which incorporates these AI usage standards, confidentiality, and data handling requirements.

 

10. Client Acknowledgment & Right to Opt-Out

We use AI responsibly to improve efficiency and quality. However, we respect any client's preference to limit or prohibit AI usage. If you wish to opt out or restrict how AI is used on your project, please get in touch with us at:

 

Email: AIpolicy@experienceinnovation.consulting
​

We will respond to your request within three business days and work with you to define an appropriate solution.

 

11. Changes to this Policy

We may update this Responsible AI Usage Policy from time to time to reflect evolving technology, legal requirements, or internal best practices. Any changes become effective upon posting the revised policy to our website. Significant modifications will be communicated to clients and employees via email or other official channels.

 

12. Contact Us

If you have questions or concerns regarding our Responsible AI Usage Policy, please contact:

We value transparency and are committed to ethical AI practices. Thank you for your trust and partnership as we continue innovating responsibly.

 

Disclaimer: Experience Innovation Consulting Inc. reserves the right to modify or update the policy at any time and will communicate the changes made via the change log at the top of this page and in written communications (email) to our clients, employees, and subcontractors as appropriate. Clients, employees, and subcontractors should periodically review the policy to view the latest version for up-to-date terms and conditions.

bottom of page