AI Usage Policy

General Guidelines

AI tools should align with company values, regulatory obligations, and data privacy commitments. While tools like ChatGPT, GEMINI, and PERPLEXITY can boost productivity and creativity, they pose risks regarding privacy, accuracy, and brand reputation. These guidelines ensure AI use aligns with ecoPortal’s values and standards.

Users must evaluate the accuracy, fairness, and reliability of AI-generated outputs before using them in business decisions or customer-facing materials.

• Use AI to support, not replace: AI can assist with drafting, summarising, or brainstorming, but you are responsible for the final output. It must be reviewed, refined, and meet ecoPortal’s high standards.

• Be transparent: Be transparent about when AI has supported your work (writing, analysis, decision-making).

• Sense-check everything: AI can be outdated, biased, or incorrect. Always review the tone, facts, and details before publishing or sharing anything internally or externally.

Customer Data Handling

• Data Classification: It is your team lead's responsibility to classify data being processed and confirm if it includes customer information, PII, or sensitive content (including company confidential information). If uncertain, contact the DevOps team.

• Approval Requirement: Any AI tool, platform, or service that processes or accesses customer data must be approved in advance by the DevOps team. This includes, but is not limited to:

  • Data sent to external APIs

  • Tools integrated into workflows accessing customer information

  • AI-powered plugins or assistants interacting with PII or customer identifiers

  • Emails and conversation content between clients/ecoPortal

• Usages not including customer information, PII, or sensitive content are exempt from DevOps approval. Your team lead has the final say.

Tool Evaluation & Approval Process

Teams must submit an AI Tool Request to DevOps, including:

• Tool name and provider

• Description of intended use

• Types of data accessed or processed

• Data storage location

• Data collection/retention policy

The DevOps team will assess the tool for security, compliance, and data residency requirements.

Prohibited Practices

• Using unapproved AI tools to process customer data.

• Uploading customer files to public or consumer-grade AI services without encryption and prior approval.

• Allowing AI tools to make autonomous decisions that impact customers without human oversight.

• Don’t let AI make decisions: AI can support your thinking, but it shouldn’t be the final decision-maker. Use your judgment and experience.

• Don’t use AI content unedited: Always rework AI-generated content (or train your program on your tone of voice and other necessary parameters) so it reflects your voice and aligns with ecoPortal’s values and standards.

Enforcement

Violations of this policy may result in suspension of tool access, disciplinary actions, or other measures based on the severity of the breach 

Commonly used tools

• ecoPortal Gemini: Approved, ecoPortal accounts can be used with any client information. Your personal account on Gemini should not be used.

• ChatGPT: Usage is discouraged and should not include customer information, PII, or sensitive content. If you have a specific use case requiring processing of protected information, your team lead will need to issue a paid license for this tool. 

• Google Notebook LM: Approved, ecoPortal accounts can be used with any client information.

• If in doubt, check with your manager before using a new tool.

Questions & Contact

For questions or to initiate the tool approval process, contact the DevOps team via devops@ecoportal.com

Tools Currently Approved for AI usage