At Tender Response Limited, we believe in the ethical, transparent and responsible use of artificial intelligence to enhance our services and support SME growth in the UK public sector. In line with our values of clarity, integrity and accountability, we ensure all AI tools and applications are used under human oversight, with a clear purpose, fairness and accuracy. We commit to keeping our clients informed when AI is used in their projects, maintaining data privacy and security in compliance with UK GDPR. We avoid opaque or biased AI outputs, safeguard against harm and welcome questions or challenges to our use of AI. Our goal is to use technology to empower, not replace, human expertise and to uphold trust at every stage of our engagement.

In this policy, ‘Artificial Intelligence’ refers to software systems capable of generating text, images, analysis or decision support based on pattern recognition, such as language models and machine learning tools.

Scope of AI Use

Permitted Use of AI
Artificial intelligence may be used, with human oversight, to support the efficient and ethical delivery of services at Tender Response Limited. Permitted use includes:

• Helping in the creation of content relating to business administration, sales, marketing and training courses
• Supporting research and idea generation for tenders, market analysis and client strategies
• Searching for reference information within client knowledge bases
• Automating internal processes such as formatting, editing or summarising draft documents
• Drafting templates or checklists for use in client engagements and tender submission checklists
• Enhancing knowledge resources, such as building mini-guides or FAQs

All permitted uses must comply with UK GDPR, reflect our brand values and include a final human review before client delivery.

Non-Permitted Use of AI
AI must not be used in the following contexts:

• To make final decisions without human validation (e.g., bid/no-bid decisions, client strategy recommendations)
• To process or store sensitive client data on unverified or insecure AI platforms
• To produce final content that is submitted without human review
• To generate responses that could be interpreted as legal, financial or compliance advice without qualified oversight
• To create deceptive, misleading or non-transparent content
• To analyse or predict individual client behaviour beyond declared consent

This ensures AI is used as a tool to support human expertise, not replace it, and that trust and accuracy remain central to all work delivered.

Accountability and Contact
Tender Response Limited takes full responsibility for the accuracy, fairness and ethical standards of any work assisted by AI. All AI-generated content or insights are reviewed and approved by a human expert before being shared externally.

Any queries, concerns or complaints regarding our use of AI should be directed to:
vic@tenderresponse.co.uk

This point of contact ensures transparency and provides clients with a clear route to raise questions or request clarification on AI-supported processes.

Data Security and GDPR Compliance

Tender Response Limited ensures that all use of artificial intelligence is fully compliant with the UK General Data Protection Regulation (UK GDPR). Our approach to data security within AI processes includes:

• Minimal Data Exposure: We do not input personal, sensitive or client-identifiable information into public or unverified AI tools.
• Tool Vetting: AI platforms used are assessed for GDPR alignment, data handling policies and secure data storage practices.
• Secure Handling: Only authorised personnel may use AI systems, and they follow strict access and handling protocols.
• Human Oversight: All outputs are reviewed by a qualified team member before use, ensuring no inappropriate or non-compliant data use.
• Client Confidentiality: We do not use AI to store or learn from client files unless explicit consent has been given.
• Procurement Standards: All AI software undergoes a thorough vetting process to assess GDPR compliance, including data processing, storage and user control provisions.

Client Confidentiality and Transparency
We are transparent about AI use in client work and never use your data for model training or unauthorised secondary purposes.

Further Information
Our detailed practices are outlined in our company’s Data Policy, which is available on request or accessible via our website. Www.tenderresponse.co.uk

Procurement of AI Tools

Tender Response Limited applies a careful and thorough procurement process before adopting any artificial intelligence tools into business use. This ensures all platforms align with our values and legal obligations, particularly regarding data protection, transparency and accountability.

Procurement Process Includes:

• Needs Analysis: AI tools are only considered if they clearly support business goals such as improving content generation, workflow efficiency or insight delivery.
• Legal & Ethical Review: Each platform is reviewed against UK GDPR requirements, including data access, processing, storage, and opt-out options.
• Security Assessment: We evaluate the supplier’s data security credentials, privacy practices and model training policies.
• Functionality Testing: Tools are trialled internally to validate output quality, usability and risk mitigation using only Tender Response Data.
• Approval Protocol: Final selection is approved by the company director and recorded for audit purposes.

Risk Mitigation and Quality Assurance

At Tender Response Limited, we recognise the potential risks associated with the use of artificial intelligence, particularly in sectors involving compliance, data privacy and public procurement. To uphold our standards and client trust, we implement strict risk mitigation processes to ensure both security and qualityin all AI-supported outputs.

Key Risk Controls Include:

• Human-in-the-Loop Oversight: No AI-generated content is used in client work without manual review, editing and approval by an experienced team member.
• Data Safeguards: AI tools are only used in secure environments, with no input of confidential client identifiers, sensitive commercial data or personally identifiable information.
• Output Validation: All AI-generated outputs are checked for factual accuracy, alignment with objectives, tone of voice, and specific requirements.
• Issue Escalation Protocol: Any uncertainty, anomaly or error identified in AI outputs is escalated immediately to a director-level review before action is taken.
• Tool Monitoring: We periodically review the performance and data policies of third-party AI tools to ensure they remain compliant and effective.
• Data Removal: All data will be removed from the application once its use or action has been completed.

Adherence by Staff, Subcontractors and Third Parties

To ensure consistent, ethical and secure use of AI across all activities, Tender Response Limited requires all personnel involved in our operations to understand and comply with this AI Policy.

Compliance Measures Include:

• Onboarding Agreement: All staff, subcontractors and third-party collaborators are required to read, understand and agree to this AI Policy before using any AI tools in connection with Tender Response work.
• Contractual Terms: Freelancers and partners working with us on bids, marketing or internal projects must accept clauses confirming compliance with our AI, data protection and confidentiality policies.
• Training & Guidance: We provide practical guidance on the permitted uses of AI, including examples of compliant vs. non-compliant activities, and reinforce our human-in-the-loop requirement.
• Monitoring & Audit: We monitor AI usage on shared platforms and conduct periodic reviews to ensure outputs and processes remain aligned with our standards.
• Disciplinary Action: Misuse or unauthorised use of AI tools will lead to corrective action, including possible contract termination or disciplinary review.

Adherence to UK Copyright Laws

Tender Response Limited is committed to ensuring all AI-generated or AI-assisted content complies with UK copyright law, particularly as it applies to computer-generated works under the Copyright, Designs and Patents Act 1988.

Our Compliance Approach Includes:

• Human Authorship Oversight: We treat AI as a tool for assistance, not authorship. All outputs are curated, edited and finalised by a human team member, establishing clear human authorship rights.
• Originality Assurance: AI-generated content is always reviewed to ensure it does not copy, replicate or remix protected works without proper rights or attribution.
• Tool Terms Compliance: We only use AI platforms whose licensing terms allow commercial use and do not claim ownership over our outputs.
• Attribution Policy: Where open-source or third-party content is used alongside AI (e.g., templates, datasets), appropriate credit and licensing terms are observed.
• Client Ownership Clarity: Final deliverables provided to clients are original, human-authored and free from unresolved copyright issues, unless otherwise disclosed.

AI Policy Review Cycle

To ensure our AI Policy remains relevant, legally compliant and aligned with industry best practice, Tender Response Limited conducts a formal review of this policy every six months.

Review Process Includes:

• Scheduled Biannual Review: The policy is reviewed in January and July of each year by the Director or delegated policy lead.
• Regulatory Update Check: We assess new guidance or legislation from UK regulators, including the ICO, DCMS and CMA, to ensure compliance.
• Operational Relevance: We evaluate whether AI tools or practices have changed within our operations and update the policy accordingly.
• Stakeholder Input: Feedback from staff, subcontractors, and clients is considered to address any practical or ethical concerns arising from AI usage.
• Communication of Updates: Any changes to the policy are communicated to all staff and relevant third parties, who must re-confirm agreement as part of ongoing compliance.

Date of last review – 16/7/2025

Reviewed by Vicky Poole, Director

Date of next review – Jan 2026