Most UK businesses have no AI policy. Staff paste client data into free tools, share commercially sensitive information with chatbots, and nobody has written down what is and is not acceptable. That is a data incident waiting to happen.
Get the AI Policy Pack, £97 See all optionsA 2025 global study found 58% of employees use AI tools at work regularly. Only 40% of their employers have any policy or guidance in place. The gap between those two numbers is where GDPR incidents happen, where clients lose confidence, and where insurers start asking difficult questions.
A usable AI policy does not need to be complicated. It needs to exist, cover the tools your team actually uses, and be clear enough that someone can follow it without asking you first.
One Word document. Fill in your company name, check the tools list, share it with your team. Under an hour, start to finish.
The Pack suits most small teams with straightforward data. If you are in a regulated sector, handle sensitive data, or need something a regulator could scrutinise, the managed options go further.
£97
One-off, instant download
You complete it in under an hour. A suitability check at the start confirms this is the right level for your business before you spend anything.
We build it for you, 2 to 3 days
Discovery call, then we produce a finished policy scoped to your actual tools, team size, and data. Core rules without the full operational depth of Standard.
We build it for you, 3 to 4 days
Everything in Foundation plus named ownership, a staff training requirement, and a defined incident-reporting process. The difference between a document on file and a control someone is accountable for.
All three options reference UK GDPR, the Data Protection Act 2018, and the Data (Use and Access) Act 2025. Not suitable for businesses operating under EU, US, or other jurisdictions' law without local legal advice.
Most are US-focused or generic to the point of being useless. What you will not get from a free template is the actual tools your team uses today already mapped to what they are allowed to do with them, at the right account tier, scoped to UK GDPR. The Pack is finished and correct from day one.
It is a genuine internal policy document. Having one in place is exactly what a regulator expects to see. It is not a substitute for legal advice in regulated sectors, and the document says so clearly. No policy at all is the actual risk.
The Pack works for most small teams with straightforward data. If you are in a regulated sector such as financial services, healthcare, or legal, if a client or insurer has asked for evidence of AI governance, or if you handle health data or legal case files, the managed tiers are more appropriate. The Pack itself includes a three-question suitability check at the start so you know before you pay.
You are redirected to a download page immediately. The file is a Word document. Open it, follow the completion guide on page one, and you're done. If you have any trouble, email team@hilbreintelligence.com and we will send it to you directly.
The review checklist inside the Pack flags exactly when a managed tier would serve you better, when the team grows significantly, when a partner asks for formal evidence, or when you start handling more sensitive data. Get in touch and we will scope the right option.
Under an hour. One document. Instant download.
Buy the AI Policy Pack, £97