How Your Answers Shape Your Policy
Every question in our questionnaire directly affects what appears in your generated AI policy. Here's exactly what each one does.
About Your Business
These questions help us understand the context your AI policy needs to address — your industry, scale, and where regulations apply.
Why do you ask what industry I'm in?
Your industry determines which section of the policy addresses industry-specific commitments. For example, game developers get language about AI-generated art assets and platform disclosure requirements, while marketing agencies get FTC guideline references. Selecting "Other" omits the industry-specific section entirely.
How does team size affect my policy?
Team size helps us tailor the language and scope of your policy. A solo freelancer's policy reads differently from a 100-person company's — the obligations, review processes, and governance structures scale with your team. It also informs future features like acknowledgment tracking.
Why do you need to know where my business is based?
Your operating jurisdictions determine which regulatory frameworks your policy references. EU-based businesses get EU AI Act language, US businesses get NIST AI RMF references, UK businesses get the Pro-Innovation AI Framework, and so on. This directly shapes the "Regulatory Compliance" section of your policy.
Why do client locations matter?
Many AI regulations apply based on where your clients are, not just where you are. If you're based in the US but serve EU clients, your policy may still need to address EU AI Act requirements. Client jurisdictions are combined with your business jurisdictions to build a comprehensive regulatory picture.
Your AI Usage
These questions identify what you're using AI for, so your policy accurately describes your practices and addresses the right risks.
Why do you need to know which AI tools I use?
The specific tools you use are listed by name in your policy's "AI Tools & Services" section. This gives your policy concrete credibility — instead of vague language about "AI tools," it names exactly what you use (ChatGPT, Midjourney, GitHub Copilot, etc.).
How do my AI use cases affect the policy?
Your use cases populate the "How We Use AI" section with specific descriptions of how AI supports your work — content drafting, code generation, design, research, etc. This tells your clients and stakeholders exactly what AI does and doesn't do in your workflow.
What happens if I say I use AI with client data?
Answering "Yes" adds an entire "Data & Privacy" section to your policy that addresses how client data is handled when used with AI tools — covering data minimization, processing safeguards, and privacy commitments. Answering "No" omits this section entirely.
What does "build or deploy AI systems" mean for my policy?
If you build or deploy AI systems (not just use third-party tools), your policy gets a "Risk Assessment" section covering impact assessments, risk categorization, and mitigation strategies. This applies if you train models, fine-tune systems, or embed AI into products you ship.
Your Risk Posture
These questions shape the governance and oversight language in your policy, reflecting how carefully you manage AI-related risks.
What counts as a "high-stakes decision" and why does it matter?
High-stakes decisions include hiring, financial assessments, healthcare recommendations, or legal advice — areas where AI errors can cause serious harm. Answering "Yes" adds a "Risk Assessment" section to your policy with stronger guardrails, impact assessment requirements, and human oversight mandates.
How does mandatory human review change the policy?
This directly controls the language in the "Human Oversight" section. If mandatory, your policy states that all AI outputs undergo human review before reaching clients. If not, the language is softer — review is "appropriate to context" rather than mandatory for everything.
How does my IP stance affect the policy?
Your intellectual property approach shapes two sections: "Human Oversight" and "Intellectual Property." The three options produce distinctly different commitments — from "all AI outputs are reviewed and substantially edited" to "AI is used for drafts only" to a context-dependent mixed approach.
Disclosure Preferences
These questions control how transparent your policy commits you to being about AI usage.
What's the difference between the three transparency levels?
This controls the "Transparency & Disclosure" section. "Minimum" commits you only to legally required disclosures. "Proactive" adds voluntary disclosure language that builds client trust. "Full" commits to documenting and disclosing all AI usage — maximum transparency with maximum accountability.
What are client-facing AI disclosure statements?
Enabling this adds language to your policy committing to include AI disclosure statements in client-facing materials — contracts, proposals, or deliverables. This signals to clients that you're transparent about when and how AI was involved in their work.
What are project-level AI disclosures?
Project-level disclosures go further than general client statements — they commit you to documenting AI usage on a per-project basis. This is useful if different projects have different levels of AI involvement and you want to be specific about each one.
How does the detail level affect my policy?
This controls the verbosity and depth of every section in your generated policy. "Concise" produces short, direct statements — ideal if you want a policy that's easy to read and fits on a page or two. "Standard" balances thoroughness with brevity — professional and complete without being lengthy. "Comprehensive" produces maximum detail, covering every nuance explicitly — best if you need to satisfy detailed compliance reviews or want to leave nothing to interpretation.
Industry-Specific Questions
Depending on your industry, you'll see additional questions that tailor the policy to your field's specific AI risks and practices.
Game Development
How does the development AI usage grid affect my policy?
This grid directly populates the "Industry-Specific Commitments" section of your policy. Areas marked "Yes" are listed as places where your studio uses AI tools, with a commitment that all AI-assisted work undergoes human review. Areas marked "No" are explicitly called out as relying entirely on human talent. Areas left unanswered are omitted — useful when your studio hasn't established a clear policy for that area yet.
Why does runtime generative AI matter for my policy?
This is a critical distinction for game developers. If your shipped products use generative AI at runtime (LLM-driven dialogue, ML-generated content, neural network NPC behavior), your policy needs to disclose this to players and platforms. Answering "No" adds a clear statement that any AI-like behavior in your games uses traditional techniques (state machines, behavior trees, scripted systems), not generative AI — an important distinction for platform compliance and player trust.
How does the runtime AI grid affect my policy?
Similar to the development grid, this populates your policy's industry section with specific runtime AI disclosures. Areas marked "Yes" are disclosed as using generative AI at runtime, with a commitment to player disclosure and platform compliance. Areas marked "No" are explicitly stated as not using generative AI. This level of specificity is increasingly required by platforms like Steam.
Why do you ask which platforms I publish on?
Different platforms have different AI disclosure requirements. Steam, for example, requires developers to declare AI-generated content. Your platform selections help the policy reference the right platform-specific obligations.
Software Development
Why does AI-generated code in production matter?
AI-generated code in production carries unique risks — license compliance, security vulnerabilities, and liability. Your answer shapes the industry commitments section to address code review standards and quality assurance practices specific to AI-assisted development.
How does license compliance review affect the policy?
AI coding tools can inadvertently reproduce open-source code with specific license requirements. If you review for license compliance, your policy highlights this practice as a safeguard. If not, it's an area the policy can flag for improvement.
Why ask about AI in CI/CD pipelines?
AI in automated testing and deployment pipelines affects how deeply embedded AI is in your software delivery process. This shapes the policy's description of your AI usage scope — whether AI is just a developer tool or part of your automated infrastructure.
Graphic Design / Creative
Why does AI imagery in deliverables matter?
Using AI-generated imagery in client deliverables raises questions about copyright ownership, originality, and client expectations. Your answer helps the industry section address how your studio handles AI-assisted creative work in final outputs.
How does using AI for concepts only change things?
If AI is only used for exploration and mood boards (not final work), your policy can make a stronger distinction between AI-assisted ideation and human-created deliverables. This is a meaningful commitment that many clients value.
Why ask about AI distinction in my portfolio?
Distinguishing AI-assisted work in your portfolio is increasingly expected in creative industries. If you do this, your policy highlights it as a transparency practice. It's also relevant to copyright considerations for displayed work.
Marketing / Advertising
How does AI-generated ad copy affect the policy?
AI-generated ad copy has specific regulatory implications, particularly around FTC truth-in-advertising requirements. Your answer helps the industry section address disclosure obligations and quality controls for AI-assisted marketing content.
Why does AI audience targeting matter?
AI-powered audience targeting and personalization raises questions about data privacy, algorithmic bias, and discriminatory advertising. Your answer shapes policy language about safeguards against these risks.
Why ask about FTC guideline awareness?
FTC guidelines on AI-generated content disclosure are directly relevant to marketing. Your awareness level helps calibrate the policy — if you're already aware, the policy reinforces compliance. If not, the policy serves as a starting point for understanding these obligations.
Consulting / Professional Services
How does AI in client reports affect the policy?
Using AI to draft client reports raises questions about accuracy, professional standards, and disclosure obligations. Your answer shapes the industry section to address quality assurance for AI-assisted advisory work.
Why does putting client data into AI tools matter?
Inputting client-confidential information into AI tools creates data privacy and confidentiality risks — many AI services retain input data for training. Your answer strengthens the policy's data handling commitments and may trigger additional safeguards in your data privacy section.
How does professional liability concern affect the policy?
Professional liability related to AI-assisted advice is a growing concern in consulting. If you're concerned about this, the policy addresses it with language about professional standards, accuracy commitments, and the role of human judgment in final recommendations.