We value your privacy

    We use cookies to enhance your browsing experience, serve personalised content, and analyse our traffic. By clicking "Accept All", you consent to our use of cookies.

    Call Us
    Group Training Available
    Brity

    AI and Data Ethics Statement

    Last updated: February 2026

    1. Our Commitment to Ethical AI

    Brity Group Limited (trading as "Brity") is committed to the responsible and ethical development and deployment of Artificial Intelligence (AI) technologies. As a leading training provider in the UK, we recognise the transformative potential of AI to enhance our services, improve efficiency, and deliver exceptional value to our customers. However, we also acknowledge the critical importance of ensuring that AI is used in a manner that is fair, transparent, accountable, and respects the rights and privacy of individuals.

    This AI and Data Ethics Statement outlines our principles and practices for the ethical use of AI within our organisation. It serves as a public declaration of our commitment to integrate AI responsibly, aligning with UK legal frameworks, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and adhering to the principles of the UK government's approach to AI regulation and guidance from the Information Commissioner's Office (ICO).

    Our AI strategy is built upon core ethical principles:

    • Fairness: Ensuring AI systems do not perpetuate or amplify unfair biases.
    • Transparency: Making our use of AI clear and understandable to our customers and staff.
    • Accountability: Establishing clear lines of responsibility for AI system outcomes.
    • Human Oversight: Maintaining human control and intervention capabilities over AI systems.
    • Privacy and Data Protection: Safeguarding personal data processed by AI systems.
    • Safety and Security: Designing AI systems to be robust, secure, and reliable.

    This policy applies to all Brity staff, contractors, and third parties involved in the development, deployment, or management of AI systems used by Brity.

    2. How We Use AI

    Brity leverages AI to enhance operational efficiency, improve customer experience, and support our staff in delivering high-quality training services. Below are specific examples of how AI is integrated into our operations:

    Brity Bot (Customer Support Chatbot)

    What it does: Provides instant answers to frequently asked questions, guides users through our website, assists with course enquiries, and directs complex queries to human support staff. It operates 24/7, offering immediate assistance outside of business hours.

    Data Processed: Processes user queries (text input), website navigation data, and potentially user-provided contact details if explicitly given for follow-up. It does not store personal data persistently for model training.

    Decisions Informed: Informs users about course availability, pricing, booking procedures, and general company policies. It helps customers make informed choices about our services and directs them to the appropriate human contact when necessary.

    Call Recording Summarisation

    What it does: Transcribes and summarises customer service calls, extracting key topics, actions required, and customer sentiment. This helps our support team quickly review past interactions and ensure continuity of service.

    Data Processed: Audio recordings of customer service calls (with explicit consent obtained at the start of the call), which are then converted to text for summarisation. Personal data within the call is processed transiently for summarisation purposes.

    Decisions Informed: Assists human agents in understanding customer needs, prioritising follow-up actions, and improving the efficiency of our customer support operations. It does not make decisions about customer outcomes.

    CRM Company Intelligence Scoring

    What it does: Analyses publicly available company information (e.g., industry, size, news) and historical interaction data within our CRM to provide a 'score' indicating potential interest in Brity's services. This helps our sales and marketing teams prioritise outreach.

    Data Processed: Publicly available company data, anonymised and aggregated interaction data from our CRM (e.g., website visits, email opens). It does not process individual personal data for scoring.

    Decisions Informed: Guides our sales and marketing teams on which companies might be most receptive to our offerings, improving the efficiency of our business development efforts. All outreach decisions remain human-led.

    Policy Document Generation

    What it does: Assists our governance and compliance team in drafting and refining internal and external policy documents, ensuring consistency, clarity, and adherence to legal and regulatory standards. It acts as a drafting aid.

    Data Processed: Existing policy documents, legal and regulatory guidance, and internal company information provided by staff for drafting purposes. No customer personal data is processed.

    Decisions Informed: Supports the creation of robust and compliant policy documents, ensuring our operational frameworks are up-to-date and legally sound. Final policy approval is always by human review and sign-off.

    Receipt Parsing

    What it does: Extracts key information (e.g., vendor, date, amount, VAT) from digital receipts submitted by staff for expense claims, automating data entry into our accounting system.

    Data Processed: Images or PDFs of receipts, which may contain vendor details, transaction specifics, and in some cases, staff names or payment card details (which are not stored). This data is processed transiently.

    Decisions Informed: Streamlines the expense claim process, ensuring accurate and efficient financial record-keeping. All parsed data is subject to human review and approval before final processing.

    3. Fairness and Bias Prevention

    Brity is committed to ensuring that our AI systems are fair and do not perpetuate or amplify unfair biases. We recognise that AI models can reflect biases present in their training data, and we take proactive steps to mitigate this risk.

    • Monitoring AI Outputs: We regularly monitor the outputs of our AI systems for any signs of unfair or discriminatory behaviour. This includes reviewing summaries, chatbot responses, and intelligence scores for consistency and neutrality.
    • Human Review Processes: All AI-generated content or insights that could have a significant impact on individuals or business decisions are subject to mandatory human review. Our staff are trained to identify and correct biased outputs.
    • Feedback Mechanisms: We encourage staff and customers to report any instances where they believe an AI system has produced a biased or unfair outcome. This feedback is crucial for continuous improvement.
    • Regular Audits: We conduct periodic audits of our AI systems, including their underlying data and algorithms where feasible, to assess for potential biases. This involves reviewing the data sources used for training and evaluating model performance across different demographic groups (where relevant and ethically permissible).
    • Diversity in Development: Where we are involved in the development or customisation of AI, we strive for diverse teams to bring varied perspectives and identify potential blind spots.
    • Data Minimisation: We adhere to data minimisation principles, only processing data that is necessary and relevant, thereby reducing the risk of introducing irrelevant or biased information into AI pipelines.

    Our goal is to ensure that AI enhances fairness and objectivity in our operations, rather than diminishing it.

    4. Transparency

    Transparency in AI Use

    Brity is committed to transparency regarding our use of AI. We believe that individuals have a right to know when they are interacting with an AI system and how AI influences decisions that affect them.

    • Clear Identification of AI: When you interact with our Brity Bot, it will clearly identify itself as an AI. Similarly, where AI has significantly contributed to content, we will endeavour to make this clear.
    • No Hidden AI Decision-Making: We do not use AI to make fully automated decisions that have legal or similarly significant effects on individuals without human intervention. All consequential decisions are made by human staff.
    • Understanding AI's Role: We aim to communicate what our AI systems do and, equally importantly, what they do not do. Our AI tools are designed to assist and augment human capabilities, not replace human judgment.
    • Right to Request Human Review: If you believe an AI system has made an error or if you wish to discuss an AI-generated output, you have the right to request a review by a human member of our team. Please refer to Section 10 for how to raise concerns.

    5. No Dynamic Pricing Commitment

    Explicit Commitment: No AI-Driven Dynamic Pricing

    Brity explicitly commits that Artificial Intelligence (AI) is never used to vary prices for our courses or services based on individual customer profiling, behaviour, or any other personal characteristic. Our pricing structures are transparent, consistent, and applied uniformly across all customers for the same product or service.

    We do not engage in practices such as:

    • Offering different prices to different individuals based on their browsing history or demographic data.
    • Adjusting prices in real-time based on perceived individual willingness to pay.
    • Using AI to analyse personal data to determine a personalised price.

    Any pricing adjustments or special offers are determined by business strategy, market conditions, and promotional campaigns, and are applied consistently and transparently, not through individualised AI profiling.

    6. No Model Training on Customer Data

    Commitment: No Customer Data for AI Model Training

    Brity is committed to protecting the privacy and confidentiality of our customers' data. We explicitly state that:

    • Customer data is never used to train or fine-tune AI models. This includes personal data, booking information, communication logs, or any other data collected from our customers.
    • Data is processed transiently: When customer data is input into an AI system (e.g., a query to Brity Bot, a call for summarisation), it is processed for the immediate purpose of generating a response or summary. This data is not retained by the AI model provider for the purpose of improving their models or for any other secondary use.
    • No persistent storage of personal data in model context: While AI models may temporarily hold context during an active interaction (e.g., a chatbot remembering previous turns in a conversation), this context is ephemeral and is not stored persistently or used to train the underlying AI model.

    Our use of AI is designed to leverage pre-trained models and apply them to our specific tasks, without contributing customer-specific data back to the model's learning process. This ensures that your data remains private and is not used to enhance the capabilities of third-party AI systems.

    7. Human Oversight and Escalation

    Brity firmly believes that AI should augment human capabilities, not replace human judgment. We maintain robust human oversight over all AI systems to ensure accountability, accuracy, and ethical outcomes.

    1

    AI Outputs are Advisory

    All outputs generated by our AI systems, including chatbot responses, call summaries, CRM intelligence scores, and policy drafts, are considered advisory. They are designed to assist and inform our staff, not to make final decisions.

    2

    Human Decision-Makers for Consequential Actions

    Any decision that has a significant impact on a customer, employee, or the business (e.g., course enrolment, financial transactions, disciplinary actions, policy changes) is always made by a human. AI may provide insights or recommendations, but the ultimate responsibility and authority rest with a human decision-maker.

    3

    Escalation Procedures

    Staff are trained to recognise when an AI output requires human review, validation, or intervention. Clear escalation paths are in place to ensure that complex, sensitive, or potentially erroneous AI-generated information is promptly reviewed by a qualified human expert.

    4

    Override Mechanisms

    Our systems are designed to allow human operators to easily override, modify, or disregard AI-generated suggestions or actions. This ensures that human judgment can always take precedence, especially in situations requiring nuanced understanding, empathy, or ethical consideration.

    5

    Continuous Training and Monitoring

    Our staff receive ongoing training on the capabilities and limitations of our AI tools, as well as on their responsibilities for human oversight. We continuously monitor the interaction between humans and AI to identify areas for improvement in both the AI systems and our operational procedures.

    8. Data Handling in AI Pipelines

    Brity adheres to stringent data protection principles when processing data through AI pipelines, in line with UK GDPR and the Data Protection Act 2018. Our approach focuses on data minimisation, security, and privacy by design.

    Anonymisation and Pseudonymisation

    Where feasible and appropriate, personal data is anonymised or pseudonymised before being processed by AI systems. For example, when generating CRM intelligence scores, only aggregated and non-identifiable company data is used.

    Data Minimisation in Prompts

    When interacting with AI models (e.g., for summarisation or content generation), staff are instructed to provide only the minimum necessary personal data required to achieve the desired outcome. Excessive or irrelevant personal data is actively excluded from prompts.

    Retention of AI Interaction Logs

    Logs of interactions with AI systems (e.g., chatbot conversations, summarisation requests) may be retained for a limited period for audit, quality improvement, and troubleshooting purposes. These logs are stored securely and are subject to our Data Protection Policy and Information Security Policy.

    Deletion Procedures

    Personal data processed transiently by AI systems is not persistently stored by the AI model providers. Any temporary storage of personal data within Brity's own systems for AI-related processing is subject to defined retention schedules and secure deletion procedures.

    No Persistent Storage of Personal Data in Model Context

    As detailed in Section 6, we ensure that personal data submitted to AI models is not used for model training and is not persistently stored within the model's context beyond the immediate interaction. This prevents the inadvertent retention or exposure of personal data.

    Security Measures

    All data processed through AI pipelines is protected by robust security measures, including AES-256 encryption at rest and TLS 1.2+ encryption in transit. Our cloud infrastructure (Supabase, Lovable Cloud) adheres to industry-leading security standards, as outlined in our Information Security Policy.

    9. Third-Party AI Providers and Sub-Processors

    Brity engages with reputable third-party AI providers and sub-processors to power some of our AI capabilities. We conduct due diligence on all third parties to ensure they meet our high standards for data protection, security, and ethical AI use.

    AI Provider/Sub-Processor AI Service(s) Used Data Processing Agreements (DPAs) Data Residency Commitment
    Google (Gemini models) Customer Support Chatbot (Brity Bot), Call Summarisation, Policy Document Generation In place, incorporating UK GDPR standard contractual clauses or equivalent safeguards. Data processed within the EU/EEA where possible, with robust transfer mechanisms for any international transfers.
    OpenAI (GPT models) Customer Support Chatbot (Brity Bot), Call Summarisation, Policy Document Generation In place, incorporating UK GDPR standard contractual clauses or equivalent safeguards. Data processed within the EU/EEA where possible, with robust transfer mechanisms for any international transfers.
    Supabase (PostgreSQL) Database for AI-powered CRM intelligence scoring, general data storage In place, ensuring UK GDPR compliance. Data hosted in the UK or EU.
    Lovable Cloud Cloud infrastructure for edge functions, general data storage In place, ensuring UK GDPR compliance. Data hosted in the UK or EU.

    Sub-Processor Notification Process: Brity maintains a list of its sub-processors and will notify customers of any significant changes to this list where required by our contractual obligations or data protection law. We ensure that all sub-processors are bound by data protection obligations equivalent to those in our own Data Protection Policy.

    10. Complaints and Queries

    Brity is committed to addressing any concerns you may have regarding our use of AI. We welcome feedback and are dedicated to resolving issues promptly and transparently.

    • How to Raise Concerns: If you have a complaint, query, or believe that our AI systems have produced an unfair, inaccurate, or biased outcome, please contact us using the details below. Please provide as much detail as possible about your concern, including the specific AI interaction or output in question.
    • Contact our Data Protection Lead (Chief Executive Officer):
      • Email: info@brity.co.uk
      • Post: Data Protection Lead, Brity Group Limited, [Company Address - Placeholder, as not provided in prompt]
    • Response Timeframes: We aim to acknowledge all complaints and queries within 5 working days and provide a substantive response within 30 calendar days. If we require more time to investigate, we will inform you of the delay and provide an estimated resolution date.
    • ICO Complaint Rights: If you are not satisfied with our response or believe that we have not handled your personal data or AI-related concerns in accordance with data protection law, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

    11. Review Cycle

    Given the rapid pace of development in Artificial Intelligence technologies and evolving regulatory landscapes, Brity is committed to regularly reviewing and updating this AI and Data Ethics Statement.

    • Scheduled Review: Reviewed at least every six months, or earlier where triggered by regulatory, operational, or technological change.
    • Trigger Events for Earlier Review: An earlier review may be triggered by, but not limited to, the following events:
      • Significant changes in UK AI regulation or guidance from the ICO.
      • Introduction of new AI systems or substantial changes to existing ones.
      • Identification of new ethical risks or biases in our AI systems.
      • Major incidents related to AI, data breaches, or security vulnerabilities.
      • Feedback from staff, customers, or regulatory bodies.
      • Changes in our business operations or strategic direction regarding AI.

    All revisions will be approved by senior management and communicated to relevant stakeholders.

    Policy Owner: Chief Executive Officer
    Next Review Due: February 2027
    Version: 2
    Date of Publication: 26 February 2026

    Back to top ↑