AI Usage & Customer Protection Policy

Reviewed: 27 April 2024
Next Review Due: April 2026

1. Introduction

At Constant Control, we embrace the potential of artificial intelligence (AI) to enhance efficiency, insight and value for our clients - while ensuring it is only introduced when fully discussed and expressly approved. AI is a powerful tool, not a replacement for human judgment. We integrate AI thoughtfully—underpinned by rigorous governance, transparent processes and robust safeguards—to ensure that our clients reap the benefits without compromising on security, privacy or quality.

Zero Personal Data Policy
We do not handle, use or enter any personal information into AI systems - ever. This absolute prohibition safeguards privacy and eliminates the risk of inadvertent exposure of sensitive personal data.

2. Principles for Ethical AI Use

  • Client-First Integration
    AI functionality is incorporated into our services only after we’ve engaged in a clear discussion with the client and obtained explicit approval. This ensures alignment with each organisation’s unique needs and risk appetite.

  • Human Centricity
    Every AI-enabled solution is designed to augment human expertise, not replace it. Final decisions remain with our qualified specialists, ensuring accountability and ethical oversight.

  • Transparency & Explainability
    We disclose when and how AI is employed in our services. Clients receive clear, plain-language explanations of AI-driven insights, models and recommendations, so they understand the factors shaping outcomes.

  • Fairness & Bias Mitigation
    We actively test AI models for unintended bias. By using diverse, representative data sets and regular audits, we guard against discriminatory or inaccurate outputs.

3. Data Privacy and Security

  • Strict Data Handling
    All client data ingested by AI systems is managed under our existing information-security framework, aligned with the New Zealand Privacy Act 2020 and, where relevant, international standards such as GDPR.

  • Encryption & Access Control
    Data is encrypted both at rest and in transit. Access to AI training environments and model outputs is restricted to authorised personnel, with role-based permissions and multifactor authentication.

  • Anonymisation & Minimisation
    We apply data-minimisation principles and WE DO NOT HANDLE OR ENTER PERSONAL INFORMATION INTO AI SYSTEMS, EVER. This reduces risk and honours client confidentiality.

4. Governance, Oversight and Quality Assurance

  • AI Governance Board
    Our internal Governance reviews new use cases, assesses potential risks and approves deployment only when policies are fully met.

  • Continuous Monitoring
    AI models are subject to ongoing performance reviews. We monitor accuracy, detect drift, and recalibrate models proactively to maintain reliability and integrity.

  • Incident Response
    Any unexpected AI behaviour triggers our incident - management protocol. We investigate root causes, notify affected clients, and enact corrective actions swiftly to restore trust.

5. Client Empowerment and Support

  • Customisable Controls
    Clients can define their own thresholds for AI decision - making, select which data sources to include, and request manual overrides at any stage.

  • Training and Documentation
    We provide comprehensive guides, tutorials and workshops so that client teams fully understand how AI tools work and how to interpret and act on AI generated outputs.

  • Ongoing Dialogue
    Regular review sessions ensure that any AI capabilities continue to align with evolving business needs, regulatory changes and the client’s authorised use cases.

6. Summary

Constant Control is committed to harnessing AI in a way that is secure, transparent and ethical - and only when our clients have been fully consulted and have approved its use. By embedding human oversight, stringent data protections and rigorous governance at every stage, we safeguard our clients’ interests and uphold the highest standards of trustworthiness and accountability.