Legal, Risk & Compliance
The formal policies that keep TechAbout and its people protected — confidentiality, intellectual property, anti-bribery, whistleblowing, data privacy, and responsible use of AI.
Responsible & Acceptable Use of AI
This policy sets out how TechAbout people may use generative-AI tools — chatbots, coding assistants, and image or copy generators — in their work. It applies to everyone who builds or delivers anything for TechAbout or its clients, and it is public so our clients and candidates can see exactly how we handle their information.
Purpose
AI tools can help us work faster and better: drafting, brainstorming, debugging, researching, and summarising. We encourage that. But these tools also create real risks — leaked data, plagiarised or improperly licensed output, confident-sounding errors, and hidden bias. This policy exists to let you take the upside while protecting our clients, our work, and the company.
Use AI to do better work — never to hand over what isn't yours to share, and never to skip the judgement you are paid for.
Scope / Who This Applies To
- All TechAbout employees, contractors, and anyone working on TechAbout or client deliverables.
- All generative-AI tools, whether free or paid, public or self-hosted, used on any TechAbout or client project.
- All of our work: web and WordPress development, SEO, link building and guest posts, cybersecurity, graphic and brand design, Express services, and internal operations on ERPNext.
The Policy
Never put sensitive data into public AI tools
- Do not paste client confidential information, unreleased work, or anything covered by an NDA into a public AI tool.
- Do not paste secrets or credentials — passwords, API keys, tokens, private repository code, server details, or database contents.
- Do not paste personal data — names, contact details, CVs, applicant or employee records, or customer information — into a public tool.
- Assume anything typed into a public tool may be stored, reviewed by humans, or used to train future models. If you would not email it to a stranger, do not paste it.
- When in doubt, anonymise, use a placeholder, or ask before proceeding. See Data Security, Devices & Passwords for what counts as protected and how to handle it.
Treat AI output as a draft, not the truth
- AI produces confident text that can be wrong, outdated, or invented. Verify every fact, figure, quote, citation, and line of code before it leaves your hands.
- Never publish, ship, or send AI output you have not read, understood, and checked against a reliable source.
- For code, cybersecurity work, and anything client-facing, this checking step is not optional.
Respect IP, licensing, and originality
- AI output can reproduce someone else's copyrighted text, code, or imagery. Do not pass off AI-generated material that is not genuinely original — this creates plagiarism and licensing exposure and can harm clients through duplicate content and SEO penalties.
- Check the licence and terms of any generated code, images, or fonts before using them in deliverables.
- Ownership of work made with AI can be legally uncertain; treat client IP and our own IP with the same care as always. Specifics here are subject to review by qualified local counsel and current law.
Watch for bias and errors
- AI models carry the biases of their training data. Review generated copy, imagery, hiring-related text, and recommendations for stereotyping, unfairness, or exclusion before use.
Be honest about AI assistance
- Disclose AI assistance to clients where honesty requires it — for example, where a client expects original human work, or asks directly. Never misrepresent AI output as bespoke human effort when the difference matters.
A human is always accountable
- You own everything you deliver, whether or not AI helped. "The AI wrote it" is never a defence for an error, a leak, or a breach of policy.
What To Do / How To Report
- Unsure whether a tool or an input is safe? Ask before you paste. Route data-handling questions and security concerns to security@techabout.com.
- If you have already put sensitive data into a public tool, or you suspect AI output caused a leak, IP problem, or client-facing error, report it promptly to security@techabout.com. Early reporting is treated as responsible, not blameworthy.
Consequences
Misuse — especially exposing client data, credentials, or personal data, or knowingly shipping unverified or plagiarised output — is a serious matter and may lead to disciplinary action, up to and including termination. Where conduct involves the unauthorised access, transmission, or disclosure of protected data or systems, it may also carry legal consequences under applicable law, including Pakistan's Prevention of Electronic Crimes Act 2016. Any specific legal assessment is subject to review by qualified local counsel and current law.
Questions? Contact ethics@techabout.com (data and security questions: security@techabout.com).
Have a compliance question?
When in doubt, ask before you act. Email ethics@techabout.com for anything sensitive.