HOW TO USE THIS TEMPLATE
This document provides a pre-filled Article 30 Record of Processing Activities entry for a HARBOUR AI deployment. Fields in italic grey must be completed by your organisation. Fields showing green fixed values are determined by HARBOUR AI's architecture and should not be changed. Add the completed record to your organisation's existing ROPA alongside other processing activities. Print or save as PDF using the button above.
PROCESSING ACTIVITY 1 — AI-ASSISTED PRODUCTIVITY (STAFF USE)
| Controller name & contact |
[YOUR ORGANISATION NAME] — [DPO NAME / DATA PROTECTION CONTACT] — [EMAIL] |
| Purpose of processing |
Provision of AI-assisted tools to employees for document drafting, analysis, research, compliance review, meeting transcription, and productivity tasks using locally-deployed AI models. |
| Description of data subjects |
[EMPLOYEES / CONTRACTORS / OTHER — complete as appropriate] |
| Categories of personal data |
Names and contact details (user accounts); content of queries and responses which may incidentally contain personal data depending on the user's use case; uploaded documents which may contain personal data; voice recordings (transcribed locally and discarded); meeting transcripts. The categories and sensitivity of personal data processed depend entirely on the content the user inputs — this is within the control of the deploying organisation.
|
| Categories of recipients |
[INTERNAL: admin users with access to the admin panel / audit trail. EXTERNAL: none — see below] |
| Third country transfers |
NONE. All data remains on the deploying organisation's hardware. No personal data is transferred to any third country or international organisation at any point in the HARBOUR AI processing workflow. |
| Retention periods |
Conversations: [SET IN HARBOUR AI RETENTION PANEL — e.g. 12 months] · Documents: [e.g. 24 months] · Audit logs: [e.g. 84 months / 7 years for legal compliance] · User accounts: [deleted on employee departure] |
| Security measures (technical) |
- All data stored in encrypted filesystem (organisation to enable full-disk encryption — BitLocker/LUKS)
- JWT authentication with configurable session expiry
- Optional TOTP two-factor authentication (RFC 6238)
- PII Auto-Redaction — 11 UK PII types stripped before reaching AI model
- Tamper-proof audit trail with SHA-256 chain hash (GENESIS anchor)
- No external network calls during AI inference — verifiable by independent security audit
|
| Security measures (organisational) |
- Role-based access control — admin, standard user, read-only roles
- Per-user message quotas configurable by admin
- All AI outputs are advisory only — human review required before action
- Staff training on acceptable use of AI tools (organisation to maintain)
|
| Lawful basis |
[Article 6(1)(b) — performance of employment contract / Article 6(1)(f) — legitimate interests: operational efficiency. Complete BALANCING TEST for legitimate interests if applicable.] |
| DPIA completed? |
[YES / NOT REQUIRED — document reasoning. Given sole-controller architecture and no third-party data transfer, residual risk is low. ICO guidance: DPIA required where processing "likely to result in a high risk". Assess against ICO criteria.] |
| Record last reviewed |
[DATE] — [NAME / ROLE] |
PROCESSING ACTIVITY 2 — SPECIAL CATEGORY DATA (COMPLETE ONLY IF APPLICABLE)
Complete this section only if your deployment will process Article 9 special category data (health, legal proceedings, biometric, etc.) via HARBOUR AI. For example: an NHS trust using HARBOUR AI to draft patient care notes; a law firm processing information about client criminal records.
| Special categories involved |
[Health data / Criminal convictions / Other — specify] |
| Article 9(2) condition |
[e.g. Art.9(2)(h) — health or social care purposes; Art.9(2)(f) — legal proceedings; Art.9(2)(j) — research. Specify and document.] |
| Impact of using HARBOUR AI |
No change to data controller obligations. Using HARBOUR AI does not introduce a new processor into the chain. The special category data remains on the deploying organisation's infrastructure throughout. The Article 9(2) condition already established by the organisation for the underlying processing activity continues to apply. |
| Additional safeguards applied |
[e.g. Compliance Autopilot mode enabled; PII Redaction enabled for relevant data types; access restricted to named clinical/legal staff; audit log reviewed weekly] |
PROCESSING ACTIVITY 3 — OPTIONAL CLOUD INTEGRATIONS (COMPLETE ONLY IF CONFIGURED)
HARBOUR AI includes optional integrations with Microsoft OneDrive/SharePoint, Google Drive, Xero, QuickBooks, and Twilio. These are not enabled by default. If your deployment configures any of these integrations, you must add appropriate entries to your ROPA and ensure the relevant sub-processor agreements are in place with those providers. Template entries are provided below.
| Microsoft OneDrive / SharePoint | If configured: files are fetched from Microsoft 365 and indexed locally. Microsoft is a sub-processor of your organisation for the underlying storage (your existing Microsoft 365 DPA covers this). HARBOUR AI Ltd is not a party to this transfer. |
| Google Drive | If configured: files are fetched from Google Drive and indexed locally. Google is a sub-processor of your organisation. Your existing Google Workspace DPA covers this. |
| Xero / QuickBooks / Sage | If configured: financial data is fetched from your accounting provider's API. The accounting provider is a sub-processor of your organisation under your existing service agreement. No financial data is sent to HARBOUR AI Ltd. |
| Twilio (phone receptionist) | If configured: Twilio processes inbound call audio and routes it to your HARBOUR AI instance. Twilio's DPA applies between your organisation and Twilio. Call transcription is performed locally by Whisper. |
| WhatsApp Business (Meta) | If configured: Meta routes inbound WhatsApp messages to your webhook. Meta's DPA and WhatsApp Business terms apply between your organisation and Meta. |
Important Notes for Your DPO
- No DPA with HARBOUR AI Ltd required — HARBOUR AI Ltd is not a data processor for your organisation. This record documents your organisation's own processing activity, not a controller-processor relationship.
- AI model training — Ollama is an inference-only runtime. The model weights are static files. Your data is never used to train or update any AI model, locally or externally.
- Automated decision-making — HARBOUR AI does not make legally significant automated decisions about individuals (Article 22). All outputs require human review. No profiling in the Article 4(4) sense takes place.
- Employees as data subjects — If you monitor employee use via the audit trail (e.g. review which employees asked which questions), this constitutes processing of employee personal data. Ensure your Employee Privacy Notice covers AI tool usage monitoring.
- Source code — The full source is at github.com/LOOSEKEY/HARBOUR-AI. Your IT security team can independently verify the data flows described in this template.
Version Control
| Template v1.0.105 | Initial release. Covers core deployment and optional integrations added in v1.0.105. |
| Organisation record version | [1.0 — DATE CREATED] / [1.1 — DATE LAST REVIEWED] / [etc.] |