Testlio Artificial Intelligence
Acceptable Use Policy

EFFECTIVE DATE: February 11, 2025

Purpose

The purpose of this Artificial Intelligence Acceptable Use Policy (“Policy”) is to highlight the issues raised by the use of artificial intelligence (“AI”) and establish guidelines and recommended practices for the responsible use of AI systems at Testlio. This Policy seeks to help Testlio employees, contractors, and freelancers (“TestLions”) understand our guidelines for responsible AI usage, protecting Testlio’s (and its clients’) confidential information, trade secrets, and intellectual property; ensuring a values-aligned company culture and commitment to diversity while addressing potential AI biases; and setting the bar high for accuracy and appropriateness of AI-generated outputs. 

Testlio is committed to using AI throughout the company to work as efficiently and effectively as possible for our stakeholders, including our clients. Further, Testlio often performs software testing services for our clients’ AI-powered applications. The Policy aims to promote the broad and ethical use of AI tools, while minimizing the risk of intentional or unintentional misuse that may result in harm to individuals, our company, our clients, or other Testlio stakeholders. 

Scope

This Policy applies to Testlio’s use of any third-party, AI-powered tools, available stand-alone and/or via other Testlio interfaces such as the Platform. These include services or APIs that mimic human intelligence to generate answers or perform certain tasks. In addition to this Policy, Testlio maintains an internal list of preferred tools for specific situations.  

General Guidance

At Testlio, we divide AI Tool usage into three categories with guidance on each:

1. Third Party Confidential Information: for situations where client or other stakeholder confidential information is used, ensure that any use of AI tools is subject to appropriate permissions, agreements, and restrictions (if any).
2. No Confidential Information: for situations (such as sales prospect research) where there is no Testlio nor third party confidential information used as inputs into tools, TestLions are generally free to use public AI tools such as ChatGPT unless they are otherwise prohibited via internal company communications.
3. Testlio Confidential Information: for situations where information confidential to Testlio is provided, use limited tools with specific guidance outlined below.

Specific Guidelines

DO:

1. Know that AI tools are useful but are not a substitute for human judgment and creativity. 
2. Understand that many AI tools are prone to hallucinations, false answers or information, or information that is stale, and therefore responses must always be carefully verified.
   • Exercise due diligence and critical thinking on AI outputs.
   • Verify the accuracy of AI-generated outputs by cross-checking with reliable sources, human judgment, or other relevant methods.
   • Establish a system of checks and balances involving multiple reviewers to minimize the risk of errors or inappropriate content.
   • Verify that any response from an AI tool that you intend to rely on or use is accurate, appropriate, not biased, not a violation of any other individual or entity’s intellectual property or privacy, and consistent with other Testlio policies and applicable laws and regulations. 
3. Use broad AI-powered tools without pre-approval for general research providing only non-confidential and non-proprietary information as inputs to the tools. Treat every bit of information you may provide to these tools as if it will go viral on the Internet, attributed to you or Testlio, regardless of the settings you have selected within the tool (or the assurances made by its creators). For example, if you are using ChatGPT for general research on companies, please adhere to these guidelines.
4. Ensure all AI tools are used in a manner consistent with this policy and the mission, values, and objectives of Testlio. For a proposed new preferred AI-powered tool, highlight anticipated usage, and ask any questions, by emailing the internal AI Policies email alias.

DO NOT:

1. Do not upload or input any confidential or proprietary information belonging to Testlio clients into any AI tool, including the AI capabilities of the Testlio Platform, without obtaining prior client approval. Approval of specific use for managed software testing services is provided in the standard Testlio MSA, but may be updated via an Amendment or other form of mutual agreement between Testlio and our client. 
2. In general, do not upload or input Testlio confidential information into any AI tools. This includes passwords, credentials, personnel records, and content from documents marked “Confidential” or “Highly Confidential”. In some cases, limited use of confidential information with specific AI tools may be appropriate, but this should only be done with explicit guidance. If you have any questions or are unsure whether your intended use of an AI Tool follows these guidelines, we encourage you to reach out to the internal AI Policy team by emailing the internal AI Policy alias (ai-policy@testlio.com). 
3. Do not upload or input any personally identifiable information (such as social security number, full name, addresses, email address, phone number, etc.) about any person into any AI tool without express agreement and validated, specific use case. 
4. Do not represent work generated by an AI tool as being your own original work. If AI-generated content is used, its use must comply with Testlio`s policies and client agreements. Always ensure transparency regarding the involvement of AI tools in creating any deliverables or outputs.
5. Do not incorporate outputs generated by AI tools into content or deliverables that Testlio or its clients intend to own or assert intellectual property rights over without fully understanding license and ownership terms as such outputs may be subject to third-party rights or restrictions. Additionally, ensure that the use of AI-generated material aligns with any applicable client agreements and expectations. If you are unsure about the appropriate use of AI-generated material, consult the internal AI Policies team for guidance.
6. Do not integrate any AI tool with internal Testlio software without first receiving specific written permission from your supervisor and the AI Policies team.
7. Do not use any form of AI (or other) Recorders or note takers (Read.ai, etc.) when attending confidential company meetings. The host of the meeting is responsible for any meeting recordings and sharing summaries. Any meeting Recordings must align with this Policy.  Any meeting recorders that you are using must not be set to record all meetings by default. If you are not the host and if any AI recorder inadvertently captures a confidential meeting, delete the recording immediately and ensure that any distributed summaries are retracted or recipients are informed to delete them.

Training and Awareness

All TestLions that use AI must undergo appropriate training to ensure the responsible and ethical use of these tools. This includes:

1. Familiarizing with this Policy and any other relevant policies, guidelines, and best practices, inclusive of internal Confluence documentation.
2. Participating in regular training sessions and workshops to stay updated on AI-related developments, risks, and mitigation strategies.

Unintentional Misuse

Unintentional misuse of AI refers to situations where TestLions, without malicious intent, use AI tools in ways that lead to negative consequences or harm. This can occur due to a lack of understanding, insufficient training, or an oversight in the use of AI technology. Some examples of unintentional misuse include:

1. Privacy violations: TestLions might unintentionally expose personal information through AI systems, either by providing the AI with restricted data or by failing to anonymize or encrypt the data properly before use. This could lead to breaches of privacy regulations and harm to individuals whose data is exposed.
2. Incorrect outputs: TestLions may unknowingly rely on AI-generated outputs that are incorrect, outdated, or misleading, which could lead to poor decision-making, financial losses, or reputational damage for Testlio.
3. Overreliance on AI: TestLions may unintentionally rely too heavily on AI, neglecting to apply their own judgment, expertise, or common sense. This could lead to the adoption of suboptimal solutions, overlooking valuable human insights, or exacerbating existing issues.

It is up to all TestLions to help each other with any unintentional misuse. Please see below for guidance on what to do if you believe you, or someone else, has misused AI.

Reporting Misuse

TestLions are encouraged to report any suspected misuse of AI, whether intentional or unintentional, to their supervisor and to the AI Policies team. Reports can be made anonymously and will be handled confidentially. Please also read and follow the Whistleblower Policy.

Enforcement

Violating this Policy may result in disciplinary action, including termination of your relationship with Testlio. If you are concerned that someone has violated this Policy, please report the situation per above.  

Review and Updates

This Policy will be reviewed annually, or as needed based on changes in technology, regulation, or organizational needs. Updates will be communicated to TestLions and tracked here.

If you are an outside party and have any questions or concerns, please refer to the appropriate Contact at Testlio.