AI Usage Policy

This document was updated 2nd April 2025

This policy outlines the principles and guidelines for the responsible and ethical use of Artificial Intelligence (AI) within Peak Signal (the “Company”). The goal of this policy is to ensure that AI is used in a manner that aligns with our commitment to data privacy, security, fairness, transparency and accountability.

This policy aims to balance the benefits of AI with the need to mitigate potential risks to individuals, the Company, its shareholders and our customers. All shareholders and associates acting on behalf of the Company are expected to adhere to this policy.

SCOPE

This policy applies to all AI systems and AI-powered tools or solutions including AI used, developed, or deployed by the Company, regardless of whether they are created internally or provided by third parties. This includes, but is not limited to, AI used for decision-making, customer service, data analysis, content generation, and process automation.

CORE PRINCIPLES FOR AI USE

All use of AI within the Company must adhere to the following principles:

Lawfulness and data protection: AI systems must be used in compliance with all applicable laws and regulations, including data protection legislation such as the UK GDPR. Personal data processed by AI systems must be handled according to our data protection policies, ensuring a lawful basis for processing.
Fairness and non-discrimination: AI systems should be used in a way that is fair and does not lead to unjustified discrimination against individuals or groups. We will strive to identify and mitigate potential biases in AI systems and their data.
Transparency and explainability: Where appropriate and feasible, we will seek to understand how AI systems make decisions and provide explanations. We will maintain an inventory of AI systems used within the Company, documenting their purpose.
Accountability and oversight: The Company is accountable for the use of AI systems. Clear roles and responsibilities for the development, deployment, and oversight of AI systems will be defined. Shareholders are responsible for decisions about AI risks.
Safety and robustness: AI systems should be developed and deployed with consideration for their safety, security, and resilience. Measures should be taken to protect against unintended consequences, errors and vulnerabilities.
Privacy: We are committed to protecting the privacy of individuals and customer information when using AI systems. Data privacy principles should be embedded in AI system development, solution development and deployment.

SPECIFIC GUIDELINES FOR AI USE

Data governance: Ensure that all data used is kept private and is not made available to train AI models.
Risk assessment: Before deploying a new AI system that processes personal data or makes decisions with significant impact, a Data Protection Impact Assessment (DPIA) must be conducted to identify and mitigate potential risks to individuals’ rights and freedoms. This assessment should consider the necessity and proportionality of the AI system.
Human oversight: Implement human-in-the-loop approaches where appropriate, especially for high-risk AI applications, allowing for human review and intervention in AI-assisted decisions.
Transparency and communication: Identify when AI is being used to make decisions in a clear and accessible manner.
Third-party AI tools: When using third-party AI tools, carefully review their terms and conditions, particularly regarding data privacy, security, and intellectual property rights. Ensure that their use aligns with this policy and our overall data protection and security standards. Be aware of potential risks associated with third-party AI.
Intellectual property: Be mindful of intellectual property rights when using AI to generate content. Avoid prompting AI systems to create content that infringes upon existing copyrights or other intellectual property.
Training and awareness: The Company will participate in training and accessing resources on the responsible use of AI, including data protection, ethical considerations, and this policy.
Acceptable use: AI systems must not be used for purposes that are illegal, unethical, discriminatory, or contrary to the Company’s values and policies.
Monitoring and review: The use of AI systems will be regularly monitored and reviewed to ensure compliance with this policy and to identify any potential issues or unintended consequences. This policy will be updated as needed to reflect changes in AI technology and best practices.
Incident reporting: Any concerns or incidents related to the use of AI, including potential data breaches, biases, or misuse, must be reported to the shareholders immediately.

RESPONSIBILITIES

All shareholders and associates are responsible for understanding and adhering to this policy in their use of AI.

REVIEW

This policy is a living document and will be reviewed and updated periodically to reflect the evolving landscape of AI and best practices.

CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to hello@peaksignal.io

© 2025 Peak Signal. All Rights Reserved. Peak Signal Ltd is registered in the England & Wales No. 10500955 | Registered address: Peak Signal Limited, 5 Giffard Court, Millbrook Close, Northampton, Northamptonshire, United Kingdom, NN5 5JF