Policy

Ethical AI Policy

Version 1.0 — Last Updated: 27 February 2026


1. Our Commitment

At Adaptiv HR, our mission is to put people at the centre of the AI revolution. We believe that artificial intelligence, when applied thoughtfully and ethically, has the power to create more fulfilling, fair, and effective workplaces. However, we recognise that this power comes with significant responsibility — to our clients, to the employees whose working lives are affected by the advice we give, and to the broader society in which we operate.

This policy outlines our commitment to the ethical and responsible use of AI across all of our consulting services, internal operations, and the bespoke solutions we design and build for clients. It serves as a guide for our team and a transparent statement of intent to our clients and the people their organisations employ.

Our approach is aligned with the five principles set out in the UK Government's AI Regulation: A Pro-Innovation Approach White Paper (2023), and with the guidance published by the Information Commissioner's Office (ICO) on AI and data protection. We are not a regulatory body, and this policy does not constitute legal advice — but it reflects our genuine commitment to doing the right thing with the technology we use and recommend.

2. Who This Policy Applies To

This policy applies to:

  • All members of the Adaptiv HR team in their professional activities.
  • All AI tools, platforms, and systems used internally by Adaptiv HR to deliver its services.
  • All bespoke AI solutions designed, built, or recommended by Adaptiv HR for its clients.
  • Any third-party partners or suppliers engaged by Adaptiv HR in the delivery of its services.

3. Our Five Guiding Principles

We have adopted five core principles, drawn directly from the UK Government's AI regulatory framework, to govern how we develop, use, and recommend AI.

3.1 Safety, Security & Robustness

AI systems should function reliably, securely, and safely throughout their entire lifecycle. We commit to assessing the risks associated with any AI tool or solution we use or recommend, and to designing solutions that are resilient against misuse, failure, or unintended consequences. We do not recommend or deploy AI systems that we believe pose an unacceptable risk to the people who interact with them.

3.2 Appropriate Transparency & Explainability

We are committed to being clear and open about how and why AI is being used in any engagement. Where AI contributes to a recommendation, a decision, or an output, we will explain this in plain language. We do not present AI-generated outputs as purely human judgement, and we do not use AI in ways that are hidden from the people it affects. Clients will always know when AI has played a role in the work we deliver.

3.3 Fairness

AI systems must not discriminate unfairly, undermine the legal rights of individuals, or produce outcomes that are biased against particular groups. In the context of HR and people strategy, this principle is especially important. We actively consider the potential for bias in any AI tool we use or recommend — particularly in areas such as recruitment, performance assessment, and learning and development. We will not recommend or build AI solutions that we believe are likely to produce discriminatory outcomes, and we will raise fairness concerns with clients where we identify them.

3.4 Accountability & Governance

Clear lines of responsibility must exist for every AI system. While AI can support and enhance human decision-making, it cannot replace human accountability. We maintain that all significant decisions affecting people — particularly in an employment context — must ultimately be made by a human being who can be held responsible for that decision. For every bespoke AI solution we build, we will establish clear governance arrangements, including defined roles, oversight processes, and documentation of how the system works and who is accountable for its outputs.

3.5 Contestability & Redress

Individuals who are affected by AI-influenced decisions must have a meaningful route to question, challenge, or appeal those decisions. We build this principle into every solution we design. Where an AI system produces a recommendation that affects an individual — for example, in a recruitment process or a performance review — there must be a clear, accessible process by which that individual can raise a concern and receive a human review. We will advise clients on how to establish these processes and will not build systems that deny individuals this right.

4. Data Protection & Privacy

As a consultancy specialising in people-related matters, we treat data protection and privacy as foundational requirements, not optional extras. Our approach is fully aligned with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Minimisation. We only collect, use, and store the personal data that is strictly necessary to deliver our services or fulfil a project's specific objectives. We do not collect data speculatively or retain it beyond the period for which it is needed.

Purpose Limitation. Client data — including any employee personal data shared with us in the course of an engagement — is used only for the specific, explicit, and legitimate purposes agreed at the outset. It is never used for any other purpose without explicit consent.

Confidentiality. All client information and data is treated with the strictest confidence. Access is limited to the Adaptiv HR team members who require it to perform their specific duties on a given project. We do not share client data with third parties without explicit written consent, except where required by law.

Data Processing Agreements. For any project involving the processing of personal data on behalf of a client, we will enter into a formal Data Processing Agreement (DPA) with that client before work begins. This agreement will clearly define our respective roles as data controller and data processor, and will set out the technical and organisational measures in place to protect the data.

Retention & Deletion. We retain personal data only for as long as is necessary for the purposes for which it was collected, and in accordance with our data retention schedule. Upon completion of an engagement, we will securely delete or return client data as agreed.

5. Security: Our Approach & Its Limits

We believe in being completely transparent about our security capabilities. Adaptiv HR is a specialist HR and AI strategy consultancy. We are not a certified cybersecurity firm, and we do not hold formal security certifications such as Cyber Essentials, ISO 27001, or SOC 2. We are honest about this because we believe transparency is more valuable to our clients than overstating our credentials.

Here is how we manage security in practice, and how we ensure our clients are protected despite not holding formal certifications:

We build on certified infrastructure. Every solution we build is deployed on reputable, enterprise-grade cloud platforms — such as Google Cloud Platform, Amazon Web Services, or Microsoft Azure — that hold the highest industry security certifications (ISO 27001, SOC 2, PCI DSS, and others). By building on these platforms rather than managing our own servers, our clients automatically benefit from world-class physical and network security without us needing to be the primary security provider.

We follow secure development practices. Our team follows established best practices for application security, including the use of strong authentication, encrypted data transmission (HTTPS/TLS), secure management of API keys and credentials, and the principle of least privilege for access controls.

We use reputable AI tools. The AI tools and platforms we use internally and recommend to clients are selected in part on the basis of their security and privacy standards. We do not use AI tools that process sensitive personal data on servers outside the UK or EEA without appropriate safeguards in place.

We are transparent about risk. If a client's requirements involve a level of security complexity that goes beyond our expertise — for example, integration with highly sensitive regulated data, or deployment in a healthcare or financial services environment — we will say so clearly and recommend that they engage a specialist cybersecurity firm to review the solution.

Client responsibilities. While we ensure that the solutions we build are developed securely, the client retains responsibility for their own IT environment, user access management, employee training on security, and their overall data governance framework. We will always provide clear guidance on what the client needs to do on their side to maintain the security of any system we deploy.

What to do if you have a security concern. If you identify a potential security vulnerability in any system we have built or in this website, please contact us immediately at hello@adaptivhr.com. We will respond promptly and take appropriate action.

6. AI Tools We Use Internally

In delivering our services, we use a range of AI tools to support research, drafting, analysis, and solution development. These include large language model platforms and productivity tools. We commit to the following standards in our use of these tools:

  • We do not input identifiable personal data about your employees or candidates into third-party AI tools without your explicit consent and a clear understanding of how that data is processed and stored by the tool's provider.
  • We review and validate all AI-generated outputs before presenting them to clients. We do not present unreviewed AI output as professional advice.
  • We are transparent with clients about when AI tools have been used in the production of a deliverable.

7. Bias & Fairness in Practice

The risk of bias in AI systems applied to HR processes is one of the most important ethical challenges in our field. Biased AI can perpetuate or amplify discrimination in hiring, promotion, performance management, and development — with serious consequences for individuals and significant legal risk for organisations.

Our practical commitments in this area are as follows. Before recommending any AI tool for use in a people process, we will ask the provider for evidence of how the tool has been tested for bias, and what mitigation measures are in place. Where we build bespoke solutions, we will design fairness testing into the development process. We will advise clients to monitor the outputs of AI systems in people processes over time and to review them for patterns that might indicate unfair outcomes. We will never recommend an AI tool for use in a high-stakes people decision — such as shortlisting candidates or assessing performance — without first satisfying ourselves that appropriate fairness safeguards exist.

8. Governance & Review

This policy is owned by the leadership of Adaptiv HR. It will be reviewed at least annually, or more frequently in response to significant changes in technology, regulation, or best practice. The current version of this policy will always be available on our website.

We welcome questions, challenges, and feedback on this policy from clients, partners, and the broader community. If you have a concern about how we are applying these principles in practice, please contact us at hello@adaptivhr.com. We will take all such concerns seriously and respond thoughtfully.

9. A Note on the Limits of This Policy

This policy represents our genuine commitments and our current best understanding of responsible AI practice. It is not a legal guarantee, a certification, or a warranty. The field of AI ethics and regulation is evolving rapidly, and we will evolve with it. What we can promise is that we will always act in good faith, be honest about what we know and do not know, and put the wellbeing of your people at the centre of every decision we make.


For questions about this policy, please contact us at hello@adaptivhr.com or visit adaptivhr.com/contact.