PHC Digital Ltd AI usage policy

Summary

“PHC Digital uses AI to improve efficiency and delivery speed, while retaining human oversight and accountability. All AI tools are configured to minimise data sharing, and client data remains protected at all times.”

Artificial Intelligence (AI) Usage Policy

Last updated: 12th January 2026

Policy key definitions:

• “I”, “our”, “us”, or “we” refer to the business PHC Digital Ltd, 7 The Close, Norwich, Norfolk NR1 4DJ.
• “you”, “the user” refer to the person(s) using this website.
• GDPR means General Data Protection Act.
• ICO means Information Commissioner’s Office.
We are registered with the ICO under the Data Protection Register: Number ZA337228

PHC Digital Ltd uses Artificial Intelligence (AI) tools to support the delivery of software development and related services. This policy explains how AI is used, the controls in place, and how we protect client data.

1. Our Approach to AI

PHC Digital operates an AI-first, developer-led delivery model.

AI is used to improve efficiency, quality, and speed, but human judgement, accountability, and oversight are always retained. AI does not replace responsibility for work delivered to clients.

2. Approved AI Tools

PHC Digital currently uses the following AI platforms as part of its internal delivery processes:

  • OpenAI
  • Anthropic
  • Microsoft Copilot
  • Atlassian Rovo
  • Jetbrains AI
  • Amazon AI
  • Google AI

Where available, all tools are configured with settings that prevent data from being used to train AI models, in order to minimise data sharing.

No unapproved AI tools may be used for PHC Digital work.

3. How AI Is Used

AI tools may be used to assist with:

  • Software development and code generation
  • Testing, documentation, and refactoring
  • Summarisation and analysis
  • Drafting internal or client communications
  • Administrative and repetitive tasks

AI outputs are treated as assistive drafts and are reviewed before use.

4. Human Oversight and Accountability

  • All AI-generated output is reviewed by a qualified team member before being delivered or deployed.
  • AI-generated code is subject to the same quality, security, and testing standards as all other code.
  • PHC Digital does not deploy autonomous AI systems that act without human review unless explicitly agreed with a client.

Responsibility for all deliverables remains with PHC Digital.

5. Data Protection and Confidentiality

PHC Digital takes data protection seriously.

We do not knowingly:

  • Input sensitive personal data unnecessarily into AI tools
  • Input credentials, private keys, or secrets
  • Upload confidential client documents without approval
  • Rely on AI tools to store or retain sensitive information

Where AI is used with client-related data, data is minimised and handled in line with our Privacy Policy.

This policy operates in compliance with the UK GDPR and the Data Protection Act 2018.

6. Client Data and Intellectual Property

  • Client data and intellectual property remain the property of the client at all times.
  • AI tools are used only as assistive tools in the delivery of services.
  • PHC Digital does not grant AI providers ownership or rights over client intellectual property.

Where requested, we will explain how AI has been used within a project.

7. Prohibited Uses

AI must not be used to:

  • Make legal, financial, or compliance decisions without human oversight
  • Generate misleading, deceptive, or inaccurate information
  • Bypass agreed security or approval processes
  • Replace professional judgement
  • Act outside agreed client instructions

Any use of AI that introduces legal, ethical, or reputational risk is prohibited.

8. Accuracy and Limitations

AI systems can produce incorrect or incomplete outputs.

PHC Digital recognises that:

  • AI outputs may contain errors
  • AI does not inherently understand business context
  • Verification is required before use

AI tools do not replace professional expertise or responsibility.

9. Training and Awareness

PHC Digital ensures that team members using AI tools:

  • Understand their limitations and risks
  • Follow this policy
  • Handle data responsibly
  • Apply appropriate review and validation

Failure to comply with this policy may result in disciplinary action.

10. Policy Review

This policy is reviewed periodically to reflect changes in technology, regulation, and best practice.

11. Contact

If you have questions about this policy or our use of AI, please contact PHC Digital directly.