Editable Word doc · for SMBs

The AI Usage Policy Kit

A clear AI policy your team can actually follow — drafted, customizable, and built to be reviewed by your own counsel.

TL;DR

One editable Word document: a 20-section AI Acceptable Use Policy plus an approved-tools register, a do/don't one-pager, an acknowledgment form, and a rollout checklist. Fill the highlighted blanks, choose your stance, send to counsel.

instant download · lifetime updates · 30-day guarantee

A template, not legal advice. RedHub AI is not a law firm. This kit is a customizable starting point; have qualified legal counsel and HR review it before you adopt it. Laws vary by jurisdiction and industry.

The problem

Your team already uses AI. Your rules haven't caught up.

Staff are pasting customer data into chatbots, shipping unverified output, and guessing at what's allowed — because no one wrote it down. The risk isn't hypothetical; it's happening on personal accounts right now.

You don't need a 40-page legal tome. You need a clear, credible policy you can stand up quickly, hand to your team, and route past your counsel — which is exactly what this kit is.

36%

of companies have any AI policy at all

59%

of workers at sub-10-person firms have no AI policy — or aren't sure

28%

of employees would use AI even if it were banned

57%

of managers have already had to redo someone's AI work

Sources: Tech.co (2025); EisnerAmper (2025); Founder Reports 2026 AI in the Workplace survey.

What's inside

One editable document. Everything you need to launch a policy.

Delivered as a single Word file so it drops straight into your HR workflow — with every fill-in-the-blank highlighted.

The AI Acceptable Use Policy

A complete, plain-English policy in 20 numbered sections — scope, approved & prohibited tools and uses, data handling, disclosure, security, IP, bias & fairness, incident reporting, enforcement, and review cadence.

Appendix A — Approved AI Tools Register

A living table of the exact tools your team may use, with approved uses, account type, the maximum data classification allowed, owner, and review date.

Appendix B — Do / Don't Quick Reference

A printable one-pager your team can keep nearby — the whole policy distilled into a clear Always / Never list.

Appendix C — Employee Acknowledgment Form

A sign-and-date form so you have a record that each person has read and agreed to the policy.

Appendix D — Rollout Checklist

A simple step-by-step to customize, get legal review, approve tools, train your team, and collect sign-offs.

Why it's different

Built on a standard, not hype

Most AI guidance is “move fast, AI everything.” This kit does the opposite where it counts. Its core rule is human review and verification: AI output is a draft, and a named person is accountable for the accuracy, legality, fairness, and originality of anything they rely on.

That same honesty runs through the product itself. We tell you plainly that it's a template to be reviewed by counsel — because a tool that holds a standard and checks its own work is worth more than one that sounds confident and hopes.

AI output is a draft, never a final answer. The person who uses it is responsible for the result — exactly as if they had written it themselves.
From the policy — Section 7, Human Review & Verification

Try it

AI Policy Gap Check

Answer 9 questions about how your team uses AI. This is a readiness check, not legal advice.

  • Approved tools & shadow-AI rule

    A defined list of approved AI tools, and a rule against using unapproved ones?

  • Data-handling rules

    critical

    Clear rules on what data must NEVER be entered into AI tools (customer data, PII, regulated or confidential info)?

  • Human review & accountability

    critical

    A requirement that a named human reviews and owns AI-assisted output before it's used or sent?

  • Disclosure & attribution

    Rules for when AI-assisted work must be disclosed to clients or internally?

  • Confidentiality & IP

    Guidance protecting proprietary code, contracts, and IP from being entered into AI tools?

  • Prohibited & high-risk uses

    A list of prohibited or high-risk use cases (e.g., unreviewed legal, medical, financial, or hiring decisions)?

  • Vendor & data-retention review

    A check on whether each AI vendor trains on your data and where that data is stored/retained?

  • Incident & escalation path

    critical

    A documented path for reporting an AI data leak or harmful output, and who handles it?

  • Owner, training & review cadence

    A named policy owner, staff acknowledgment/training, and a scheduled review date?

2/9 sections covered · 22%Critical exposure

You're missing 2 critical safeguards: Data-handling rules, Incident & escalation path. That's where the real liability sits — fix these first.

Your gaps (7)

  • Data-handling rules

    The single biggest leak risk — what may and may not be pasted in.

    covered in the kit
  • Incident & escalation path

    Turns a quiet breach into a handled one.

    covered in the kit
  • Approved tools & shadow-AI rule

    Stops staff pasting company data into random unvetted tools.

    covered in the kit
  • Disclosure & attribution

    Protects trust and meets growing client/contract disclosure expectations.

    covered in the kit
  • Prohibited & high-risk uses

    Draws the line on uses that create legal or discrimination exposure.

    covered in the kit
  • Vendor & data-retention review

    Surfaces vendors that train on or retain your inputs.

    covered in the kit
  • Owner, training & review cadence

    Keeps the policy live and enforceable instead of a stale doc.

    covered in the kit

Already in place (2)

  • Human review & accountability
  • Confidentiality & IP

This is the live engine. This check resets when you reload, and it only names the gaps. The kit is all 9+ sections as editable, fill-in-the-blank policy language — a 12-page Word doc you can brand and ship today, plus the staff acknowledgment and review-cadence templates.

Get the kit — $129

A readiness check, not legal advice — the kit's templates should be reviewed against your jurisdiction and sector before adoption.

What you walk away with

A credible policy your team will follow.

A credible policy, fast

Fill the highlighted blanks and choose your stance in an afternoon — then send a clean draft to counsel.

Ahead of most peers

A clear set of rules already puts you ahead of the majority of small companies, who have none.

Not just a document — a system

An approved-tools register, an acknowledgment form, and a rollout checklist to actually put it live.

Protection you can point to

Clear rules on what never goes into AI, plus a record that your team has read and agreed.

Who it's for

Clear about the lane. No inflated promises.

Built for you if…

  • You run a small or mid-size business with no in-house legal team
  • You're a founder, ops lead, or HR lead who needs a policy this quarter
  • Your team uses AI and you want clear, sane rules before something goes wrong
  • You're an agency or consultant setting up AI policies for clients

Not for you if…

  • You need formal legal advice for a specific situation — talk to a lawyer
  • You're a large enterprise needing a managed governance/GRC platform
  • You want a policy you can adopt verbatim with no review or edits

Pairs well with

Set the policy, then tailor and maintain it.

This is the comprehensive policy document. The AI Acceptable-Use Policy Builder tailors the acceptable-use rules to your stack, the AI Governance & Acceptable-Use Kit adds the broader governance starter templates, and the AI Governance Maintenance Plan keeps it current as tools and law change.

Common Questions

The questions SMB leaders actually ask before adopting an AI policy.

No. This is a customizable template to help you create your own AI policy, not legal advice — RedHub AI is not a law firm. Laws and regulations vary by country, state, and industry and change quickly, so you should have qualified legal counsel and your HR team review and tailor the policy before you adopt it. Buying or using the kit doesn't create an attorney–client relationship or guarantee compliance with any law. We say this plainly because holding that standard is the whole point of the kit.

Get the kit

Give your team rules they can follow.

Instant download, fully editable, yours to reuse — with lifetime updates as AI and the rules around it keep changing.

  • 20-section policy + 4 appendices, one editable Word doc
  • Highlighted placeholders — easy to customize
  • Built to be reviewed by your counsel (not legal advice)
  • 30-day money-back guarantee · lifetime updates
$129

one-time

Secure checkout · instant access

← Browse all Quick Kits