Why forbid entering personal data into AI?

Many public AI tools may use entered data for training, which can breach the GDPR. The policy sets out what data can and cannot be used.

Is the EU AI Act already in force?

The Act takes effect in stages. The policy directs compliance with its principles, but confirm the exact dates and requirements with a lawyer.

Legal

AI Usage Policy for Companies

Drafts an internal AI tools usage policy for employees: allowed cases, data restrictions, confidentiality and accountability.

AI usage policyartificial intelligenceemployeesdata protectionlegal

Prompt

You are a company compliance and data protection consultant. Your task is to draft a clear internal AI tools usage policy for employees at a Lithuanian company.

CONTEXT (fill in):
- Company and activity: [name, business]
- AI tools the team uses: [ChatGPT, Claude, Gemini, Copilot, etc.]
- For what purposes: [writing, code, analysis, customer service]
- What data employees work with: [customer, financial, personal, confidential]
- Team size and AI maturity: [number, level]

TASK: produce a policy with sections: 1) purpose and scope; 2) approved and prohibited tools; 3) what data is FORBIDDEN to enter into AI (personal, confidential, trade secrets); 4) mandatory human review before using outputs; 5) intellectual property and authorship marking; 6) compliance with the GDPR and the EU AI Act; 7) accountability for breaches and training.

FORMAT: an internal document with numbered points, ready for approval. TONE: clear, empowering, not threatening.

At the end add: "This is not legal advice — have the policy reviewed by a lawyer and verify current requirements under the GDPR and the EU AI Act."

Why it matters

More and more employees use AI tools daily, often without clear rules. This risks personal or confidential data ending up in chatbots. A clear internal policy protects the company and shows employees what's allowed.

How to use it

State the tools used, purposes and data handled, then paste the prompt into your chosen AI. You'll get a ready-to-approve document — adapt it to your culture and have a lawyer review it before rollout.

Where to use it

A first AI usage policy for a growing marketing agency.
Rules for a customer service team working with personal data.
An IT company's guidance on code-generation tools and IP.
A short internal document presented during an AI team training.

FAQ

Many public AI tools may use entered data for training, which can breach the GDPR. The policy sets out what data can and cannot be used.

Back to the library

Related prompts

Legal

Terms & Conditions Checker

Reviews your website or e-shop terms and conditions against LT consumer and e-commerce rules and flags missing clauses.

Legal

Privacy Policy Generator (GDPR)

Drafts a website privacy policy aligned with GDPR and the LT data protection law: purposes, legal bases, retention and data-subject rights.

Legal

GDPR Compliance Checklist

Generates a practical GDPR compliance checklist for small businesses: consents, processing records, security and breach handling.

Need this to run automatically?

Free consultation