Legal
Tenex Business Performance uses artificial intelligence as a working tool — to research, draft, analyse and synthesise information more efficiently. We are transparent about this. We are also clear about the boundaries: AI assists our work; it does not replace the professional judgement that sits behind every piece of advice we give.
This statement explains how we use AI in our own operations, how we approach AI when working with clients and what we will not do with client information.
For our own research, drafting and analysis, we use Claude, developed by Anthropic, accessed exclusively via the Anthropic API and Claude Code — a professional development environment. This is a deliberate choice: API access operates under materially stronger data protections than consumer-facing AI interfaces.
We use it to:
All AI-assisted outputs are reviewed by the lead consultant on the engagement before being relied upon or shared. Review means checking for accuracy against source material, identifying known AI failure modes including factual errors and outdated information, and confirming that conclusions are supported by evidence rather than inference. We do not treat AI outputs as authoritative without that check.
Many businesses and individuals use AI through free or consumer-tier interfaces — pasting documents, management accounts or client information into a standard prompt window. The underlying model may be the same, but the terms governing what happens to that data are fundamentally different.
On consumer tiers, data may be used to train future versions of the model, may be reviewed by human staff for quality and safety purposes, and is subject to limited retention controls. There is no data processing agreement and no contractual recourse. The physical servers may be identical; the legal and operational framework surrounding them is not.
When Tenex processes information via the API under Commercial Terms, none of those risks apply. Our data is not used for model training and is not subject to human review for quality purposes. Tenex operates under a Zero Data Retention (ZDR) agreement with Anthropic, active from May 2026. Under ZDR, API inputs and outputs are not retained at rest after the response is returned — there is no seven-day default retention period and no storage of prompts or outputs on Anthropic’s systems. This is a contractual commitment under Anthropic’s Commercial Terms, not a configuration option. Tenex does not separately retain AI inputs or outputs beyond what is required for the immediate task.
Anthropic, the developer of Claude, holds independent third-party certification across two internationally recognised standards, both audited by Schellman Compliance, LLC and accredited by UKAS:
Anthropic also holds a SOC 2 Type II report — an independent audit of security, availability and confidentiality controls carried out over an observed period of live operations, not a point-in-time review.
All Tenex API usage operates under Anthropic's Commercial Terms of Service, which incorporate a Data Processing Agreement with UK Addendum and Standard Contractual Clauses, providing UK GDPR-compliant data transfer protections as defined by the ICO's Approved Addendum. Tenex is the data controller; Anthropic acts as processor under our instructions. Processing takes place within the UK and EEA under these transfer mechanisms.
Copies of the ISO 27001 and ISO 42001 certificates are held on file and shared proactively at the outset of any engagement involving sensitive or regulated data. Clients may request copies of current certifications, a summary of any relevant DPIA findings, and written confirmation of Tenex's current AI tooling and data processing arrangements at any stage for due diligence or audit purposes. Contact info@tenexbp.co.uk.
In addition to Anthropic, three further services process operational data as part of how Tenex runs its business. Each operates under documented data processing terms and holds independent security certifications.
| Processor | Risk level | Data scope | Primary control | Transfer mechanism |
|---|---|---|---|---|
| Anthropic (Claude API) | Very low | Client-sensitive permitted | Zero Data Retention active from May 2026 | DPA with UK Addendum and SCCs; UK/EEA processing confirmed |
| Google Workspace | Low | Client-sensitive permitted | Standard enterprise cloud under formal DPA | DPA with UK GDPR commitments; 180-day deletion |
| Wispr Flow | Managed | Internal operational only | Privacy Mode always on; restricted to internal content only | UK IDTA and UK Addendum to EU SCCs confirmed via DPA; UK users routed to Europe region (AWS) |
| Apple iCloud | Managed | Internal operational only | Data classification; no sensitive client data in iCloud Drive | SCCs via Apple Ireland (EEA controller); no E2E encryption available to UK users |
Wispr Flow (Wispr AI, Inc.)
Tenex uses Wispr Flow for voice dictation — converting spoken notes and drafts to text for review and refinement. Wispr AI, Inc. acts as a data processor in this context, processing voice audio and transcribed text on Tenex's behalf.
Wispr Flow holds ISO 27001 (information security management) and SOC 2 Type II certification (security, availability and confidentiality), both independently audited.
The critical control is Privacy Mode, which Tenex operates with enabled at all times. With Privacy Mode active, dictation audio and transcribed text are processed in real time and immediately discarded — no data is retained on Wispr's servers, and data is not used for model improvement or AI training. Dictation content may pass through Wispr's sub-processor infrastructure during processing; under Privacy Mode, this processing is transient and nothing is stored at rest. Wispr has confirmed that this transient processing is governed by the SCCs and IDTA with supplementary technical measures, including TLS 1.2+ encryption in transit and server-side stripping of dictation content on arrival.
Wispr AI, Inc. has confirmed that transfers from UK-based users are covered by the UK International Data Transfer Addendum (IDTA) and the UK Addendum to the EU Standard Contractual Clauses, incorporated in their Data Processing Agreement. Wispr is not certified under the EU-US Data Privacy Framework; the applicable transfer mechanism is the SCCs and IDTA route. UK users route to Wispr's Europe region, hosted on AWS infrastructure. A Transfer Impact Assessment supporting reliance on these mechanisms is available on request from security@wispr.ai. Tenex continues to limit its use of Wispr Flow to internal operational content: research, drafts, notes and planning. Client-specific data, personally identifiable information and commercially sensitive material are not processed through the tool. This is a deliberate operational position maintained regardless of transfer mechanism confirmation.
Google Workspace (Google LLC)
Tenex operates its business communications and collaboration infrastructure — email, calendar, document storage and video calls — on Google Workspace. Google Drive additionally serves as the primary store for AI-generated outputs and operational workspace data arising from client engagements, including engagement records, task data and interaction logs. Google LLC acts as a data processor under a formal Cloud Data Processing Addendum, with Tenex as the data controller.
Google's processing of Workspace data is contractually limited to service provision, security monitoring and technical support. Google does not use Workspace customer data for advertising or AI model training.
Google Workspace holds certifications across internationally recognised standards, each independently audited:
The Cloud Data Processing Addendum incorporates UK GDPR data transfer commitments. Tenex is the data controller; Google processes data only per Tenex's instructions. Customer data is deleted within 180 days of instruction or upon end of term. Google's full sub-processor list for Workspace is published at workspace.google.com/terms/subprocessors.html.
Apple iCloud (Apple Distribution International Limited)
Tenex stores its operational workspace — internal notes, research files, workspace configuration and temporary downloads — in iCloud Drive, synced across Mac and iPhone. Apple Distribution International Limited (Ireland) acts as the data controller for UK users; Apple Inc. (United States) processes data on its behalf.
International data transfers from the UK are governed by Standard Contractual Clauses, confirmed in Apple's published privacy terms. The controller entity is established in Ireland, within the EEA.
iCloud Drive operates under standard encryption: files are encrypted in transit and at rest, but Apple holds the encryption keys. Advanced Data Protection — which would provide end-to-end encryption with keys held only on trusted devices — is not available to UK users. Apple withdrew the feature from the UK in February 2025 rather than comply with a Technical Capability Notice issued by the UK Home Office under the Investigatory Powers Act 2016, which required a mechanism for government access to encrypted iCloud data. Apple is understood to be challenging the notice at the Investigatory Powers Tribunal. This encryption position applies to all UK Apple users; it is not specific to Tenex's configuration and cannot be changed by any individual user or organisation.
Tenex manages this through data classification discipline. Sensitive client deliverables, regulated engagement materials and confidential client data are handled within Google Workspace or delivered directly to clients; they are not stored in iCloud Drive. The iCloud environment holds internal operational content: notes, research, workspace configuration files and temporary downloads — typically reference documents, research materials and client-supplied files required for active work. Client-supplied files are treated as temporary working copies only and are not retained beyond the active task. Downloads are deleted when no longer required. Anything to be retained long-term is moved to Google Workspace before deletion from iCloud.
Tenex works in two distinct modes, depending on the engagement.
Advisory engagements cover AI readiness, governance frameworks, adoption strategy and responsible AI policy. In this mode, we help clients understand, plan for and build AI capability within their own infrastructure and team. We do not operate as a managed AI service provider, we do not retain access to client environments beyond the scope of the engagement, and clients remain in full control of their data, access permissions and governance arrangements throughout.
Advisory work typically covers:
Productised implementation — specifically the AI Chief of Staff service — operates differently. Here, Tenex designs, builds and configures an AI capability from the ground up within the client's own environment: identity, email, calendar, memory, governance framework and security layer. This is a hands-on implementation service with an active retainer. Access to the client's environment is maintained for the duration of the engagement, capability is expanded in deliberate stages as trust is established, and the governance boundaries are agreed and documented at the outset. The client owns the infrastructure throughout; Tenex's access is defined, supervised and can be revoked at any time.
In both modes, the data and confidentiality protections described below apply in full.
Client confidential information — including business data, financial information, personnel records and commercially sensitive material — is never entered into public AI tools or general-purpose large language models.
Where a client shares information with us for the purposes of an engagement, that information is used solely for the work agreed. It is handled in accordance with our Privacy Policy and any applicable confidentiality agreement. Any AI-assisted analysis of client information is conducted only within closed, client-controlled environments where that has been explicitly agreed.
The personal data we hold about contacts and clients is proportionate to the work we are doing together. We do not build data stores beyond what is necessary. For full details of what we collect, how we use it and your rights, see our Privacy Policy.
Where engagements involve the processing of personal data belonging to third parties via AI tools, those individuals retain their full rights under UK GDPR — including the right of access, rectification, erasure and objection. Requests should be directed to david@tenexbp.co.uk and will be responded to within the statutory timeframe.
Where an engagement involves the processing of personal data via AI tools, Tenex conducts a Data Protection Impact Assessment prior to that processing beginning. Where relevant, clients are provided with a summary of the DPIA and any residual risks identified. Engagements involving regulated data — including financial, health or personnel records — are assessed as standard.
If a data incident occurs in connection with AI-assisted work — including any unauthorised access, accidental loss or disclosure of personal data processed via AI tools — Tenex will notify affected clients promptly and without undue delay. Where the incident meets the threshold for regulatory notification under UK GDPR, Tenex will report to the Information Commissioner's Office within 72 hours of becoming aware of it. AI-related incidents are subject to the same response procedures as any other data incident.
To report a suspected data incident, contact david@tenexbp.co.uk.
AI assists our consultants; it does not replace them. Every engagement is led by a named practitioner who is accountable for the work delivered. We will not present AI-generated content as original professional opinion without disclosure, and we will not use AI to make or recommend decisions that require regulated professional judgement.
Tenex carries professional indemnity insurance covering the delivery of consultancy services, including AI-assisted work where outputs have been reviewed and verified by the lead consultant. Tenex also holds cyber and data insurance (Hiscox CyberClear, £100,000 limit, valid to 31 March 2027) covering data incidents — including unauthorised access or disclosure of personal data, GDPR regulatory investigations, breach notification costs and forensic analysis — whether arising from Tenex's own systems or from third-party sub-processor incidents. Clients may request written confirmation of current coverage at any stage.
The AI landscape changes quickly. We review this statement at least annually and update it when our practices or the tools we use change materially. The current version and its date are always shown at the top of this page.
Questions about our AI practices can be directed to info@tenexbp.co.uk.