AI Usage Guidelines

1 1. Purpose
2 2. Data Protection & Privacy
- 2.1 2.1. Client Data Usage
- 2.2 2.2. Subscription and Data Privacy
3 3. Client Empathy and Transparency
4 4. Human in the loop
5 5. Acceptable Usage Guidelines
- 5.1 AI tools may be used for the following (with adherence to privacy and ethics):
6 6. ❌ Prohibited Use Cases
- 6.1 Restrictions When Client Withholds Permission
- 6.2 Generic Guidelines
  - 6.2.1 What Not to Do (Client-Specific Query)
  - 6.2.2 How to Reformulate (Generic Version)
  - 6.2.3 What Not to Do (Code With Identifiers)
  - 6.2.4 How to Reformulate (Generic Code)
  - 6.2.5 What Not to Do (Client-Specific Business Logic)
  - 6.2.6 How to Reformulate (Generic Version)
7 Follow up Reading

1. Purpose

To ensure ethical, secure, and responsible use of AI technologies across all functions at Axelerant, aligning with our AI-first vision to drive innovation across design, data, engineering, marketing, and artificial intelligence services.

If you are interested on how we use AI at Axelerant read Tool-Specific Considerations and Project Adoption checklist, guidelines and use cases

2. Data Protection & Privacy

2.1. Client Data Usage

Respect regional data protection regulations (e.g., GDPR for EU clients).
Avoid sharing any identifiable client information with AI tools.
Comply with contractual clauses that restrict the use of AI platforms for specific accounts.

2.2. Subscription and Data Privacy

Only use Axelerant-approved AI tools via company-managed subscriptions.
Do not use personal or free-tier AI accounts for work-related queries or content creation.
Ensure tools have verified data privacy and non-training commitments from vendors.

3. Client Empathy and Transparency

Disclose AI-assisted contributions when relevant in client interactions or deliverables.
Acknowledge client concerns about privacy, ethics, and reliability.
Communicate clearly that AI augments human work, not replaces it.

4. Human in the loop

Maintain human oversight on all AI-driven workflows.

For every use case, identify clear checkpoints where humans review, validate, or modify AI-generated outputs.
Use AI as a co-pilot, not an autonomous actor.

5. Acceptable Usage Guidelines

AI tools may be used for the following (with adherence to privacy and ethics):

Engineering: Code snippets, architecture guidance, API usage clarification
Data & AI: Exploratory analysis, ML concept validation, feature engineering ideas
Design & UX: UX writing, wireframe suggestions, heuristic analysis
Marketing: Draft copy, content ideas, A/B test variants, email subject suggestions
Operations: Automating summaries, meeting notes, research digests

6. ❌ Prohibited Use Cases

* Client expressly disallows AI usage in their projects.

Queries contain client-specific code, credentials, or business logic.

AI outputs are used uncritically, especially in production environments.

Intellectual property or sensitive data is exposed to third-party tools.

Restrictions When Client Withholds Permission

If a client denies permission for AI usage:

Do not use AI tools to process, analyze, or assist with the codebase.
Do not submit queries containing client-specific information.

Generic Guidelines

Reformulate queries to be generic and anonymized without exposing client context.

Below are some examples

What Not to Do (Client-Specific Query)

“We’re working for Acme Corp on a Drupal 10 multisite setup. Their site breaks when using hook_entity_presave() on the product content type with a custom field field_acme_sku. Can you help?”

How to Reformulate (Generic Version)

“In Drupal 10, how do I implement hook_entity_presave() to modify a custom field value before saving, particularly for a content type with a field like field_custom_sku in a multisite setup?”

What Not to Do (Code With Identifiers)

function acme_product_presave(EntityInterface $entity) {
  $sku = $entity->get('field_acme_sku')->value;
  // custom logic here
}

How to Reformulate (Generic Code)

function custom_entity_presave(EntityInterface $entity) {
  if ($entity->bundle() === 'product') {
    $sku = $entity->get('field_custom_sku')->value;
    // generalized logic here
  }
}

If changing the code as above takes considerable amount of time, consider divide and conquer approach were you divide the problem into multiple smaller issues and instead of sharing the code share the context to get potential solutions (like in example above and below).

What Not to Do (Client-Specific Business Logic)

“We have a client in the healthcare industry that needs to restrict access to a custom patient node type using role-based access for doctors and admins. We're using node_access() and it’s not working.”

How to Reformulate (Generic Version)

“In Drupal 10, how can I implement role-based access control for a custom content type so that only users with specific roles (e.g., 'manager', 'editor') can view or edit the content? I’m using hook_node_access().”

Follow up Reading

Project Adoption checklist, guidelines and use cases

Tool-Specific Considerations