Book Consultation
Client Portal Coming Soon

Your hub for projects, resources, and updates — launching soon.

Legal

AI Tools Acceptable Use Policy

Acceptable use of AI notetakers, generative AI tools, and AI-generated work product · Effective May 28, 2026 · Version 1.0

Streamline. Unify. Scale.

Breakthrough Advancement LLC
An Arizona limited liability company · One South Church Ave, Suite 1200, Tucson, AZ 85701
Effective date: May 28, 2026 · Version: 1.0 · Counsel-reviewed

1. Purpose & scope

This Acceptable Use Policy (“AUP” or “Policy”) governs the use of artificial intelligence tools — including AI meeting notetakers, transcription services, generative AI assistants, and code-generation tools — in connection with services provided by Breakthrough Advancement LLC (“BA,” “we,” “our”) and its contractors, partners, and clients.

(a) This Policy applies to:

  • BA personnel and contractors performing services on behalf of BA;
  • Clients receiving services from BA;
  • Vendors and sub-processors engaged by BA to deliver services;
  • Any meeting, communication, or work product produced in connection with a BA engagement.

(b) This Policy may be referenced and incorporated by reference into BA’s Master Service Agreement, Standalone NDA, Independent Contractor Agreement, BreakTruVerify Terms of Service, and BreakTruVerify Privacy Policy. Where this Policy conflicts with a signed agreement, the signed agreement controls. Where a signed agreement is silent, this Policy controls.

(c) BA may modify this Policy from time to time. The version posted at the address below as of the date of a meeting, engagement, or communication is the version that applies.

2. Definitions

“AI Tool” means any software, service, model, or system that uses artificial intelligence, machine learning, or large language models to process, transform, or generate content. AI Tools include but are not limited to: AI meeting notetakers, transcription services, AI meeting assistants, generative AI chatbots, code-generation tools, AI-powered search assistants, and AI image / audio / video generators.

“Notetaker Tool” means an AI Tool that joins, records, transcribes, summarizes, or extracts content from live meetings or recorded communications.

“Generative AI Tool” means an AI Tool that generates new content — text, code, images, audio, or video — in response to user prompts, including but not limited to ChatGPT, Claude, Gemini, Microsoft Copilot, and similar services.

“Meeting Artifact” means any recording, transcript, summary, action-item extract, speaker-identification record, or other AI-generated output produced from a meeting subject to this Policy.

“Approved Vendor” means an AI Tool vendor and tier listed in §7 below, or any other AI Tool vendor and tier that BA has approved in writing.

“Confidential Information” has the meaning set forth in the applicable BA Master Service Agreement, Independent Contractor Agreement, or Standalone NDA. Where no such agreement is in effect, Confidential Information means any non-public information that a reasonable business would treat as confidential, including but not limited to client data, financial information, business plans, source code, customer lists, and personally identifying information.

3. AI meeting notetakers

3.1 Mandatory disclosure

Any party using a Notetaker Tool during a meeting subject to this Policy shall:

  • (a) announce the presence of the Notetaker Tool at or before the start of the meeting;
  • (b) identify the vendor name on request; and
  • (c) honor any participant’s objection by disabling the Notetaker Tool before substantive Confidential Information is discussed.

3.2 Multi-state consent compliance

Where any meeting participant is physically located in a two-party or all-party consent jurisdiction (including California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Oregon, Pennsylvania, Vermont, and Washington), no recording or AI transcription shall commence without affirmative, on-the-record consent from all participants.

3.3 Illinois BIPA carveout

Where any participant is physically located in the State of Illinois, no Notetaker Tool that generates biometric voiceprints (including speaker-identification or voice-recognition features) shall capture that participant’s voice without written biometric-data consent compliant with the Illinois Biometric Information Privacy Act, 740 ILCS 14. Any participant may unilaterally require the Notetaker Tool to be disabled for the duration of a meeting with Illinois participants.

3.4 Approved vendor tier required

Only Approved Vendors at the enterprise-tier or paid business-tier may be used as Notetaker Tools on meetings subject to this Policy. Consumer free-tier Notetaker Tools are prohibited. This prohibition expressly includes — but is not limited to — Otter Free, Fathom Free, Fireflies Free, and any other free-tier consumer offering that captures meeting content from third parties.

3.5 No model training

No party shall use, or permit a Notetaker Tool vendor or any sub-processor to use, Meeting Artifacts for AI model training, fine-tuning, dataset creation, benchmarking, or product improvement, without the prior written consent of all meeting participants.

3.6 Retention

Meeting Artifacts shall be retained no longer than eighteen (18) months after the conclusion of the engagement to which they relate, unless (i) a longer retention is required by law, (ii) the parties agree in writing to a longer period, or (iii) the Meeting Artifact is reasonably necessary to a pending or threatened legal proceeding.

3.7 Treatment as confidential information

All Meeting Artifacts constitute Confidential Information under any applicable BA agreement and are subject to the same handling, access-control, and destruction obligations.

4. Generative AI tools (chatbots, code assistants, agents)

4.1 Approved tier required

Only Approved Vendor enterprise / business / API-tier Generative AI Tools may be used to process Confidential Information. Free-tier consumer chatbots (including free-tier ChatGPT, free-tier Claude, free-tier Gemini, and similar) shall not be used to process Confidential Information, because their default terms typically permit vendor training on user inputs.

4.2 No submission of sensitive data without safeguards

The following categories of information shall not be submitted to any Generative AI Tool — including Approved Vendors — without an explicit written contractual no-training guarantee and equivalent confidentiality protections in place:

  • (a) Personal Data subject to GDPR, CCPA, or similar regimes;
  • (b) Protected Health Information (PHI) subject to HIPAA;
  • (c) Cardholder data subject to PCI-DSS;
  • (d) Credentials, API keys, private keys, or production secrets;
  • (e) Source code subject to client IP assignment under a BA Contractor Agreement or Master Service Agreement;
  • (f) Information that a reasonable business would consider trade-secret or competitively sensitive.

4.3 Human review of AI-generated content

AI-generated code, written deliverables, and analytical outputs produced for a BA engagement shall be reviewed by a competent human before delivery to a client or commit to a client repository. Direct passthrough of AI-generated output without human review is prohibited.

4.4 Disclosure of AI use on request

BA personnel and contractors shall disclose on a client’s reasonable request whether AI Tools were used in the production of a deliverable, and which categories of tools.

5. AI-generated work product

5.1 Ownership

All AI-generated content produced by BA personnel or contractors in connection with a BA engagement constitutes Work Product under the applicable Master Service Agreement, Independent Contractor Agreement, or Statement of Work, and is owned by BA or the applicable client as set forth in that agreement.

5.2 Third-party IP and copyright

BA personnel and contractors shall not submit copyrighted source material to a Generative AI Tool for the purpose of producing derivative work for a client unless (i) BA or the client owns or has properly licensed the source material, or (ii) the use clearly qualifies as fair use under applicable law. When in doubt, escalate.

5.3 Open-source license compliance

AI-generated code shall be reviewed for incorporation of recognizable open-source patterns. Where AI-generated code closely resembles known open-source projects, the applicable license terms must be honored or the code rewritten.

6. Prohibited AI tools and uses

The following are expressly prohibited in connection with any BA engagement:

  • (a) Consumer free-tier Notetaker Tools (Otter Free, Fathom Free, Fireflies Free, and similar);
  • (b) Submitting Confidential Information to free-tier consumer Generative AI Tools;
  • (c) Using AI Tools to impersonate a real person without their consent;
  • (d) Using AI Tools to generate content that infringes a third party’s intellectual property;
  • (e) Using AI Tools to generate content that violates applicable law, including securities, employment, advertising, and consumer-protection law;
  • (f) Using AI Tools to circumvent client-imposed restrictions on AI usage;
  • (g) Using AI Tools to generate biometric profiles of meeting participants without BIPA-compliant consent where required.

7. Approved AI vendors (as of effective date)

The following vendor / tier combinations are Approved Vendors under this Policy as of the Effective Date. BA may add or remove vendors from this list at any time by posting an updated Policy. Users must verify that vendor terms in effect at the time of use continue to satisfy §3.5 (no model training) and §4.1 (training restrictions).

Approved notetaker tools

  • Fireflies.ai Business or Enterprise (paid plans)
  • Otter.ai Business
  • Fathom Team or Enterprise
  • Zoom AI Companion (Zoom Workplace paid tier)
  • Google Meet “Take notes for me” (Google Workspace)
  • Microsoft 365 Copilot (paid Microsoft 365 tier)
  • Read.ai Enterprise
  • Granola Enterprise

Approved generative AI tools

  • OpenAI ChatGPT Enterprise, ChatGPT Team, or API with zero-retention configuration
  • Anthropic Claude for Work, Claude Enterprise, or API
  • Google Gemini for Workspace (paid)
  • Microsoft 365 Copilot (paid Microsoft 365 tier)
  • GitHub Copilot Business or Enterprise
  • Cursor (Business plan)
  • Perplexity Enterprise

7A. BA authorized domains

BA’s approved sender domains are: breakthroughadvancement.com (primary), breakthruadv.com, breakthruadvancement.com, and brkthruadv.com. Contractors and employees shall not impersonate or send communications purporting to be from BA from any other domain. Approved AI notetaker vendors must be invited to BA-hosted meetings from accounts on one of these four domains. Any communication, invoice, notice, or other written instrument from a sender at any of these four domains is deemed an authorized BA communication for all purposes under this Policy and any underlying agreement.

8. Reporting & breach

(a) Reporting. Suspected violations of this Policy shall be reported to legal@breakthroughadvancement.com or directly to the BA Founder & CEO.

(b) Breach. A material violation of this Policy by a BA contractor or partner constitutes a material breach of the applicable underlying agreement and grounds for termination for cause under that agreement.

(c) Client notification. Where a violation of this Policy may have resulted in unauthorized disclosure of client Confidential Information or Personal Data, BA shall notify the affected client without undue delay and in accordance with §7 (Security Incidents) of the applicable DPA.

9. Modification

BA may modify this Policy from time to time. Material changes will be communicated to active counterparties by email at least thirty (30) days before they take effect. Continued participation in BA engagements after the effective date of a modification constitutes acceptance of the modified Policy.

10. Governing law

This Policy is governed by the laws of the State of Arizona without regard to its conflict-of-laws provisions. Any dispute arising under this Policy that is not subject to a different forum-selection clause in an underlying signed agreement shall be brought exclusively in the state or federal courts located in Pima County, Arizona.

Attorney review notes

  • §3.2 multi-state consent list reflects 2026 statute survey; counsel should confirm against current law in each named state.
  • §3.3 Illinois BIPA carveout is conservative given pending Cruz v. Fireflies.AI Corp. and Fricker v. Fireflies.AI Corp. (N.D. Ill. 2026); counsel should track outcomes and adjust.
  • §3.6 18-month retention is set within Arizona’s six-year written-contract SOL (A.R.S. § 12-548) but should be reconciled against any client-side regulatory retention requirements (HIPAA, FINRA, SOX, GDPR).
  • §4.2(b) PHI / §4.2(c) PCI-DSS submissions are absolute prohibitions; counsel should confirm whether any clients require even stricter prohibitions (e.g., HIPAA BAA-only AI tools).
  • §7 vendor list reflects vendor terms as of May 2026; counsel and BA operations should refresh annually.
  • §8(c) client-notification timeline should be reconciled against DPA breach-notification timelines and any state-law breach-notification statutes.

Contact

Breakthrough Advancement LLC
One South Church Ave, Suite 1200
Tucson, AZ 85701
Legal / policy questions: legal@breakthroughadvancement.com
General inquiries: consultations@breakthroughadvancement.com

Authorized domains: breakthroughadvancement.com · breakthruadv.com · breakthruadvancement.com · brkthruadv.com

Not legal advice. This document has been reviewed and approved by counsel and is published by Breakthrough Advancement LLC effective May 28, 2026. Nothing in this document constitutes legal advice with respect to any particular set of facts; clients should consult their own counsel for advice on application to specific circumstances.

Breakthrough Advancement LLC · One South Church Ave, Suite 1200, Tucson, AZ 85701 · consultations@breakthroughadvancement.com · breakthroughadvancement.com