Legal
Legal and policies.
The policies and statements that govern how Adliora operates and how we look after your data, gathered in one place.
Privacy policy
Version 1.0 | Last updated: June 2026
This policy applies to: www.heraclescs.com and all related subdomains
This Privacy Policy explains how Heracles CS Limited collects, uses, stores, and protects personal data. We are committed to handling your personal data responsibly and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this policy carefully. It applies whenever you visit our website, contact us, receive our services, or otherwise interact with us.
1. WHO WE ARE
Heracles CS Limited is an AI strategy and management consultancy. We are the data controller for the personal data described in this policy. Our contact details are:
19-23 Stamford New Road, Altrincham WA14 1BN
Email: dpo@adliora.com
Website: www.heraclescs.com
ICO Registration Number: ZC138723
If you have any questions about this policy or about how we handle your personal data, please contact us at the email address above.
2. WHAT PERSONAL DATA WE COLLECT
We collect and process the following categories of personal data:
| Category | Examples | Source |
|---|---|---|
| Identity data | Name, job title, employer, professional background | Directly from you |
| Contact data | Email address, telephone number, postal address | Directly from you, your employer |
| Communications data | Content of emails, enquiry forms, meeting notes | Directly from you |
| Technical data | IP address, browser type, device type, time zone, pages visited, referring URL | Automatically via our website |
| Usage data | Information about how you use our website and services | Automatically via our website |
| Marketing preferences | Your preferences for receiving communications from us | Directly from you |
| Contract data | Details of services provided, payment information, correspondence | Directly from you or your employer |
We do not intentionally collect Special Category Data (such as data about health, race, religion, or political views) in the ordinary course of our business. If you provide such data to us voluntarily, we will treat it with the highest level of care and process it only with your explicit consent or as otherwise required by law.
We do not knowingly collect personal data from children under the age of 18.
3. HOW WE USE YOUR PERSONAL DATA
The table below sets out the purposes for which we process personal data, the lawful basis relied upon, and our legitimate interest where that basis applies.
| Purpose | Lawful Basis | Legitimate Interest (where applicable) |
|---|---|---|
| Responding to your enquiries and providing information about our services | Legitimate interests / Pre-contract steps | To respond to potential clients and grow our business |
| Providing consultancy services under a contract | Contract performance | N/A |
| Sending marketing communications (where you have opted in or are an existing client) | Consent / Legitimate interests | To promote our services to contacts likely to be interested |
| Administering our website and improving user experience | Legitimate interests | To maintain a functional and effective website |
| Complying with legal obligations (e.g. tax, accounting, AML) | Legal obligation | N/A |
| Protecting our legal rights and interests, including debt recovery | Legitimate interests | To protect the business and enforce our contractual rights |
| Conducting and improving our business operations | Legitimate interests | To run an efficient consultancy and improve our services |
We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis on which we do so.
4. WHO WE SHARE YOUR DATA WITH
We do not sell, rent, or trade your personal data. We may share your personal data with the following categories of recipient, where necessary:
- IT and technology service providers (e.g. cloud storage, email platforms, CRM systems) acting as our data processors under written agreements.
- Professional advisers, including solicitors, accountants, and insurers, where necessary in connection with our legal and financial obligations.
- Associates and subcontractors engaged to assist in the delivery of services to you, who are subject to confidentiality obligations.
- HM Revenue and Customs, regulators, and other authorities where required by law.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or assets, in which case personal data may be transferred as part of that transaction.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.
Where you book a conversation through our website, we use Microsoft Bookings, part of our Microsoft 365 subscription, to manage the appointment. Microsoft acts as our processor and the booking details, your name, email address and any message you provide, are held within our Microsoft 365 environment. Microsoft's processing is governed by the Microsoft Products and Services Data Protection Addendum.
5. WHERE WE HOLD YOUR DATA
Adliora holds and processes each client's personal data within that client's own country and does not move it across borders. For clients in the United Kingdom, that data is held and processed in the United Kingdom. Where we work with a client based in another country, their data remains in its host country.
Some of the technology providers named in this notice, such as Microsoft 365, process limited data under their own data-protection terms. Where any processing takes place outside your country, we rely on the safeguards required by law, including UK International Data Transfer Agreements and, for the United States, the UK Extension to the EU-US Data Privacy Framework.
You can ask for more detail on how your data is held by emailing us at dpo@adliora.com.
6. HOW LONG WE KEEP YOUR DATA
We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by applicable law. Our general retention periods are:
- Client data: seven years from the end of the engagement.
- Prospective client data: two years from the date of last meaningful contact, unless you ask us to stop contacting you sooner.
- Website enquiry data: 12 months from the date of the enquiry.
- Marketing contact data: until you withdraw consent or object, or two years from the date of last meaningful engagement.
- Financial and accounting records: seven years as required by HMRC.
When the retention period expires, your personal data will be securely deleted or anonymised.
7. YOUR RIGHTS
Under UK GDPR, you have the following rights in relation to your personal data:
- Access: to request a copy of the personal data we hold about you.
- Rectification: to request that we correct any inaccurate or incomplete personal data.
- Erasure: to request that we delete your personal data in certain circumstances.
- Restriction: to request that we restrict the processing of your personal data in certain circumstances.
- Portability: to receive your personal data in a structured, machine-readable format and to transfer it to another organisation, where technically feasible.
- Objection: to object to our processing of your personal data where we rely on legitimate interests, including an absolute right to object to direct marketing.
- Automated decision-making: to not be subject to a decision based solely on automated processing that produces a significant legal or similarly significant effect on you.
To exercise any of these rights, please contact us at dpo@adliora.com. We will respond within one calendar month. We do not charge a fee for exercising your rights, unless a request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or decline to act.
You also have the right to complain to the Information Commissioner's Office (ICO) at any time. The ICO can be contacted at: ico.org.uk, by post at Wycliffe House, Water Lane, Wilmslow, SK9 5AF, or by telephone on 0303 123 1113.
8. COOKIES
Our website uses cookies and similar technologies. A cookie is a small text file placed on your device by a website. For full information about the cookies we use and how to control them, please read our Cookie Policy, available at www.heraclescs.com/cookies.
9. AUTOMATED DECISION-MAKING
We do not use automated decision-making processes, including profiling, which produce legal or similarly significant effects on individuals.
10. LINKS TO OTHER WEBSITES
Our website may contain links to third-party websites. This Privacy Policy does not apply to those websites. We encourage you to read the privacy policy of any website you visit.
11. SECURITY
We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorised way. These measures include encryption, access controls, and regular security assessments. We will notify you and the ICO of any data breach where we are legally required to do so.
12. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of the policy. Where changes are material, we will take reasonable steps to bring them to your attention. We encourage you to review this policy periodically.
Registered in England and Wales | Company Number: 17155734 | ICO Registration: ZC138723
www.heraclescs.com | dpo@adliora.com | Privacy Policy Version 1.0 | Last updated: June 2026
Cookie policy
Version 1.0 | Last updated: June 2026
This policy applies to: www.heraclescs.com and all related subdomains
This Cookie Policy explains what cookies are, which cookies we use on our website, why we use them, and how you can control them. It should be read alongside our Privacy Policy, available at www.heraclescs.com/privacy.
Heracles CS Limited (company number 17155734) is the data controller for this website. Our registered office and business address is 19-23 Stamford New Road, Altrincham WA14 1BN. For any question about cookies or your personal data, contact our data protection lead at dpo@adliora.com.
1. WHAT ARE COOKIES
Cookies are small text files that are placed on your device (computer, tablet, or smartphone) when you visit a website. They allow the website to recognise your device on subsequent visits and to remember certain information about your preferences or actions.
Cookies are widely used to make websites function efficiently, to provide analytical information to website owners, and to deliver personalised content. Some cookies are essential for a website to work at all; others are optional and require your consent before they are set.
Alongside cookies, we may also use similar technologies such as web beacons, pixel tags, and local storage. References to "cookies" in this policy include those similar technologies unless the context requires otherwise.
2. WHO SETS COOKIES ON OUR WEBSITE
Cookies on our website are set by two categories of party:
- First-party cookies: set directly by Adliora in connection with the operation of our website.
- Third-party cookies: set by third-party services that we use on our website, such as analytics providers. Those third parties control those cookies and are subject to their own privacy and cookie policies.
3. CATEGORIES OF COOKIES WE USE
We categorise the cookies on our website as follows. You will be asked for your consent to categories 2, 3, and 4 when you first visit our website. You may withdraw consent at any time using the cookie preference centre accessible via the link in the footer of every page.
Category 1: Strictly Necessary
These keep the website working and cannot be switched off. The only item we hold in this category is a record of your cookie choice, stored in your browser's local storage so the banner does not reappear on every visit. We set no other strictly necessary cookies, and no consent is required for this under the Privacy and Electronic Communications Regulations 2003 (PECR).
| Item | Provider | Purpose | Duration |
|---|---|---|---|
| Cookie choice record | Adliora | Remembers your cookie preference so the banner does not show again | Held locally until you clear your browser data |
Category 2: Functional (requires consent)
We set no functional cookies at present. If we add a feature that needs one, we will list it here and ask for your consent first.
Category 3: Analytics and Performance (requires consent)
If you allow analytical cookies, we load Plausible Analytics to see in aggregate how the site is used so we can improve it. Plausible is privacy-friendly, sets no cookies, stores nothing on your device and collects no personal data. Nothing analytical loads unless you allow it.
| Item | Provider | Purpose | Duration |
|---|---|---|---|
| Plausible Analytics | Plausible Insights OU | Aggregated, cookieless measurement of site usage, loaded only with your consent | No cookie set |
Category 4: Marketing and Targeting (requires consent)
We set no marketing or advertising cookies at present. If that changes, we will list them here and ask for your consent before any are set.
4. HOW TO MANAGE YOUR COOKIE PREFERENCES
You have several options for managing and controlling cookies:
Our cookie preference centre
When you first visit our website, a cookie consent banner will appear. You can accept all cookies, reject all optional cookies, or customise your preferences by category. You can change your preferences at any time by clicking the "Manage cookies" link in the footer of our website.
Your browser settings
Most web browsers allow you to control cookies through their settings. You can typically find these settings in the "Options", "Tools", or "Preferences" menu of your browser. The following links explain how to manage cookies in the most widely used browsers:
- Google Chrome: support.google.com/chrome/answer/95647
- Mozilla Firefox: support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Apple Safari: support.apple.com/en-gb/guide/safari/sfri11471/mac
- Microsoft Edge: support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge
Please note that restricting cookies may affect the functionality of our website. Blocking strictly necessary cookies in particular may prevent the website from working as intended.
Our analytics
Our analytics is cookieless and stays off until you allow it, so there is nothing to opt out of through a third-party add-on. Use the cookie button in the corner of any page to change your choice at any time.
Do Not Track
Some browsers include a "Do Not Track" feature that signals to websites that you do not wish to be tracked. There is currently no industry standard for how websites should respond to this signal, and our website does not currently respond to Do Not Track signals specifically. Our cookie preference centre provides a more reliable mechanism for controlling tracking on our site.
5. COOKIES AND CONSENT UNDER UK LAW
The use of cookies in the United Kingdom is regulated by the Privacy and Electronic Communications Regulations 2003 (PECR) as well as the UK GDPR. PECR requires that we obtain your prior consent before storing or accessing non-essential cookies on your device. Consent must be freely given, specific, informed, and unambiguous, and must be obtained before the cookies are set.
Strictly necessary cookies are exempt from this consent requirement. All other categories of cookies on our website require your consent before they are activated. We do not pre-tick consent boxes or use cookie walls (walls that prevent you from accessing the site unless you accept all cookies).
Where we rely on consent for cookies that also involve the processing of personal data, that consent also serves as the lawful basis for processing under Article 6(1)(a) UK GDPR. You may withdraw consent at any time through our cookie preference centre, and we will cease the relevant processing as soon as reasonably practicable.
6. THIRD-PARTY COOKIES AND EXTERNAL SERVICES
Some third-party services that we use, including social media sharing buttons and embedded content, may set cookies or use similar technologies. These are controlled by those third parties and subject to their own privacy and cookie policies. We recommend reviewing those policies directly:
- LinkedIn: linkedin.com/legal/cookie-policy
- Google (Analytics, Fonts, Maps): policies.google.com/technologies/cookies
We do not control these third-party cookies and accept no responsibility for them. The inclusion of a third-party service on our website does not constitute an endorsement of that third party's privacy practices.
7. UPDATES TO THIS POLICY
We update this Cookie Policy from time to time to reflect changes in the cookies we use, changes in applicable law, or for operational reasons. When we update this policy, we will revise the "Last updated" date at the top. Where changes are material, we will refresh the consent banner on our website so that you are given a fresh opportunity to review and update your preferences. We encourage you to review this policy periodically.
8. CONTACT US
If you have any questions about the cookies we use or about this policy, please contact us:
19-23 Stamford New Road, Altrincham WA14 1BN
Email: dpo@adliora.com
Website: www.heraclescs.com
You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data protection rights have not been respected in relation to cookie-related personal data processing.
Registered in England and Wales | Company Number: 17155734 | ICO Registration: ZC138723
www.heraclescs.com | Cookie Policy Version 1.0 | Last updated: June 2026
Accessibility statement
www.heraclescs.com
| Document reference | HCSL-ACC-001 |
|---|---|
| Version | 1.0 |
| Last reviewed | June 2026 |
| Applies to | www.heraclescs.com and all digital content published by Heracles CS Limited |
| Legal basis | Equality Act 2010. This statement is published voluntarily. The Public Sector Bodies (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018 do not apply to Adliora as a private sector organisation. |
| Review cycle | Annual, or following any material change to the website |
1. About This Statement
Heracles CS Limited is committed to making its website and digital content accessible to all users, including people with disabilities. We recognise our obligations under the Equality Act 2010, which requires us as a service provider to make reasonable adjustments to ensure that disabled people are not placed at a substantial disadvantage when accessing our services.
This statement describes the current accessibility of the Adliora website at www.heraclescs.com, the standard against which it has been assessed, what we know does not yet meet that standard, and how to contact us if you experience a problem or need content in an alternative format.
The Public Sector Bodies (Websites and Mobile Applications) (No. 2) Accessibility Regulations 2018 apply to public sector bodies and do not impose mandatory obligations on Adliora as a private company. We have chosen to align our approach with those Regulations and with the Web Content Accessibility Guidelines (WCAG) 2.1 published by the World Wide Web Consortium (W3C) because they represent the recognised current standard for web accessibility, and because our clients and users deserve a website that works for everyone.
2. Our Commitment
We want as many people as possible to be able to use the Adliora website. Our aim is that you should be able to:
- navigate the site using a keyboard only, without requiring a mouse;
- use a screen reader to access all substantive content;
- zoom in to 200% without content overlapping or becoming unreadable;
- read all text against a background that provides sufficient colour contrast;
- understand the purpose of all links and buttons from their label alone; and
- access all content without time limits that would disadvantage users who take longer to read or navigate.
AbilityNet (abilitynet.org.uk) provides free advice on making your device easier to use if you have a disability. My Computer My Way (mcmw.abilitynet.org.uk) offers step-by-step guides for adjusting your device settings to suit your needs.
3. Compliance Status
We are working towards full compliance with WCAG 2.1 at Level AA. The Adliora website was launched in 2026 and was designed with accessibility as a consideration from the outset. At the date of this statement, we believe the website is partially compliant with WCAG 2.1 Level AA. The known issues and the areas where we believe we meet the standard are described in the sections below.
| WCAG 2.1 principle | Status | Notes |
|---|---|---|
| Perceivable | Substantially compliant | All images have alternative text descriptions. Colour is not used as the sole means of conveying information. Text is resizable without loss of function. |
| Operable | Substantially compliant | All navigation is accessible by keyboard. No content flashes more than three times per second. Skip navigation links are provided. |
| Understandable | Substantially compliant | Page language is declared in HTML. Error messages on contact forms identify the field in error and describe the correction required. |
| Robust | Partially compliant | The website is built to current HTML and CSS standards. Some third-party embedded components (including analytics and consent management tools) may introduce accessibility issues outside our direct control. These are identified in section 4. |
4. Known Accessibility Issues
The following issues are known and are being addressed. We will update this statement as issues are resolved.
| Issue | WCAG criterion | Our response |
|---|---|---|
| Third-party cookie consent banner | 4.1.2 Name, Role, Value | The consent management platform used on the website may not fully expose its controls to all screen readers. We are reviewing alternative providers and will update the banner to meet 4.1.2 compliance. Target resolution: within six months of the date of this statement. |
| PDF documents available for download | 1.1.1 Non-text Content | Some downloadable PDF documents may not be fully tagged for screen reader use. If you require a document in an accessible format, please contact us using the details in section 6 and we will provide the content in an alternative format within five working days. |
| Video content | 1.2.2 Captions (Pre-recorded) | Where video content is published on the website, we aim to provide accurate closed captions. Captions on existing video content are being reviewed and updated. All new video content published after the date of this statement will include captions at the point of publication. |
| Colour contrast on secondary text | 1.4.3 Contrast (Minimum) | Some secondary text elements on the website, including footer text and form placeholder labels, have been identified as not meeting the minimum 4.5:1 contrast ratio. These are being updated in the next scheduled website release. |
5. Content Outside the Scope of This Statement
The following categories of content are not covered by this statement.
- Content on third-party websites linked to from the Adliora website. We are not responsible for the accessibility of third-party websites and encourage users to review the accessibility statements of those sites directly.
- PDF and other documents published before June 2026 that have not yet been reviewed and updated. We will progressively review and update these documents. In the meantime, please contact us if you need any document in an accessible format.
- Live or archived video content streamed from or embedded via third-party platforms, where the accessibility of the player is outside our control. We will note such limitations where content is published.
6. Feedback and Contact
If you experience any difficulty accessing content on the Adliora website, or if you need any information in an alternative format such as large print, audio recording, or plain text, please contact us using the following details.
| accessibility@adliora.com | |
|---|---|
| Postal address | Heracles CS Limited, 19-23 Stamford New Road, Altrincham WA14 1BN |
| Response time | We will respond to accessibility requests within five working days. Where we are unable to provide content in the requested format within that time, we will acknowledge your request and provide a date by which the accessible version will be available. |
We welcome feedback on the accessibility of the Adliora website. If you find something that you believe should be covered by this statement and is not, or if you identify an issue we have not described, please tell us. We take all accessibility feedback seriously and will assess and respond to every report we receive.
7. Enforcement
Heracles CS Limited is a private sector organisation. The enforcement route for the Public Sector Bodies Accessibility Regulations 2018 through the Cabinet Office does not apply to us. If you are unhappy with our response to an accessibility request or complaint, the following options are available to you.
- You may contact the Equality and Human Rights Commission (EHRC), which enforces the Equality Act 2010. The EHRC can be contacted at equalityhumanrights.com or by calling 0808 800 0082.
- If you are a disabled person who believes that Adliora has failed to make a reasonable adjustment in breach of the Equality Act 2010, you may be entitled to bring a claim under that Act. We would encourage you to contact us in the first instance so that we can seek to resolve the issue directly.
- The Citizens Advice Bureau (citizensadvice.org.uk) provides free guidance on your rights under the Equality Act 2010.
We aim to respond to all accessibility complaints within ten working days of receipt. Where an issue requires a longer resolution, we will keep you informed of progress.
8. Technical Information
The Adliora website relies on the following technologies to function and to support the accessibility features described in this statement: HTML5, CSS3, JavaScript. Where JavaScript is required for accessibility features such as keyboard navigation or screen reader announcements, the website has been tested to confirm that those features function correctly with JavaScript enabled in modern browsers.
The website has been assessed against WCAG 2.1 Level AA using the following methods: self-assessment by the development team against WCAG 2.1 success criteria; manual keyboard navigation testing; testing with a screen reader (NVDA on Windows and VoiceOver on macOS); and automated scanning using Lighthouse and axe accessibility tools. We aim to commission independent accessibility audit by an accredited assessor within 12 months of the date of this statement.
9. Review and Updates
This statement was prepared in June 2026. It will be reviewed at least annually and will also be updated promptly following any of the following: a material change to the website design or content management system; the resolution of a known accessibility issue described in section 4; receipt of a report of an accessibility issue not covered by this statement; or a significant change in WCAG guidance or applicable legislation.
The version history of this statement is maintained internally. The most recent version is always published at www.heraclescs.com/accessibility.
| Version | 1.0 |
|---|---|
| Prepared by | Heracles CS Limited |
| Date | June 2026 |
| Next review | June 2027 |
Terms of use
Website Terms of Use
www.heraclescs.com
| Published by | Heracles CS Limited, a company incorporated in England and Wales, Company No. 17155734, registered office at 19-23 Stamford New Road, Altrincham WA14 1BN |
|---|---|
| Version | 1.0 |
| Effective date | June 2026 |
| Contact | legal@adliora.com |
1. Acceptance of These Terms
By accessing or using the Adliora website at www.heraclescs.com (the "Website"), you confirm that you have read, understood, and agree to be bound by these Terms of Use. If you do not agree to these Terms, you must not use the Website.
These Terms apply to all visitors, users, and others who access or use the Website, whether for personal or professional purposes. They apply in addition to, and do not replace, any other terms that govern a specific service or commercial relationship between you and Adliora.
Adliora reserves the right to amend these Terms at any time. The revised Terms will be posted on the Website with an updated effective date. Your continued use of the Website after the posting of revised Terms constitutes your acceptance of those revisions.
2. About Adliora
Heracles CS Limited is an AI consultancy and strategy firm. The Website provides information about the firm, its services, and its publications. The Website is not intended to constitute, and does not constitute, legal advice, financial advice, or any other form of regulated advice. Nothing on the Website should be relied upon as professional advice specific to your circumstances.
Adliora is not regulated by the Solicitors Regulation Authority, the Financial Conduct Authority, or any other regulatory body in connection with the content published on this Website. Where you require professional advice, you should consult an appropriately qualified and regulated professional.
3. Permitted Use
You may use the Website for lawful purposes only. You are permitted to access and browse the Website, to read and download publications made available on it for your personal or professional reference, and to contact Adliora using the contact details or forms provided.
You must not use the Website in any way that is unlawful, fraudulent, or harmful to Adliora or any third party. In particular, you must not:
- attempt to gain unauthorised access to the Website, its hosting infrastructure, or any connected server, system, or database;
- transmit any unsolicited commercial communications, malicious code, viruses, or harmful data;
- scrape, harvest, or systematically extract content from the Website using automated tools without prior written consent;
- reproduce, republish, or commercially exploit any content on the Website without the prior written consent of Adliora; or
- use the Website to make or publish any statement that is defamatory, offensive, discriminatory, or otherwise unlawful.
4. Intellectual Property
The Website and all content on it, including text, articles, publications, graphics, logos, the Adliora name and brand, and the overall design and appearance of the Website, are owned by or licensed to Heracles CS Limited and are protected by copyright, trade mark, and other intellectual property laws.
You may print or download a single copy of any page on the Website for your own personal or internal business reference, provided you do not modify the content, remove any copyright or attribution notices, or use it for any commercial purpose without prior written consent. No other right is granted.
If you wish to use any Adliora content, brand materials, or publications for any purpose beyond personal or internal reference, including republication, training materials, or commercial use, you must obtain prior written permission from Adliora. Requests should be sent to legal@adliora.com.
5. Accuracy of Content
Adliora takes reasonable care to ensure that the information on the Website is accurate and up to date at the time of publication. However, the AI and technology landscape changes rapidly, and information that was accurate at the date of publication may subsequently become outdated.
Adliora makes no warranty, express or implied, as to the accuracy, completeness, or fitness for purpose of any content on the Website. You use the Website content at your own risk. Adliora does not accept liability for any loss or damage arising from your reliance on any content published on the Website.
6. Thought Leadership and Publications
The Website contains articles, commentary, opinion pieces, and other thought leadership content produced by Adliora and its contributors. This content represents the views of the authors at the time of writing and is provided for general information and professional discussion purposes only. It does not constitute advice on any specific matter and should not be treated as a substitute for professional advice tailored to your circumstances.
Adliora retains all intellectual property rights in its published content. Where content is attributed to a named author, that attribution does not constitute an endorsement of, or responsibility for, any third-party material cited or linked.
7. Third-Party Links
The Website may contain links to third-party websites, publications, or resources. These links are provided for convenience and information only. Adliora does not control, endorse, or accept responsibility for the content of any third-party website. The inclusion of a link does not imply any affiliation with, approval of, or association between Adliora and the linked site.
You access third-party websites at your own risk and subject to the terms and conditions of those websites. Adliora accepts no liability for any loss or damage arising from your use of or reliance on any third-party website.
8. Website Availability
Adliora does not guarantee that the Website will be available at all times or that access to it will be uninterrupted or error-free. The Website may be unavailable from time to time for maintenance, updates, or reasons beyond Adliora's control. Adliora accepts no liability for any loss or inconvenience caused by any period of unavailability.
The Website is provided on an "as is" basis. Adliora makes no warranty that the Website is free from viruses or other harmful code. You are responsible for ensuring that your device and connection are protected by appropriate security measures before accessing the Website.
9. Privacy and Cookies
Your use of the Website is subject to the Adliora Privacy Policy and Cookie Policy, both of which are published on the Website and are incorporated into these Terms by reference. The Privacy Policy explains how Adliora collects, uses, and protects your personal data. The Cookie Policy explains what cookies the Website uses and how you can manage your cookie preferences.
10. Limitation of Liability
To the fullest extent permitted by applicable law, Adliora excludes all liability for any loss or damage arising out of or in connection with your use of, or inability to use, the Website, including any loss of profits, revenue, business, data, goodwill, or anticipated savings, whether arising in contract, tort, breach of statutory duty, or otherwise.
Nothing in these Terms excludes or limits Adliora's liability for: (a) death or personal injury caused by its negligence; (b) fraud or fraudulent misrepresentation; or (c) any other liability that cannot lawfully be excluded or limited.
Where you are a consumer, nothing in these Terms affects your statutory rights.
11. Contact and Enquiries
If you submit an enquiry through the Website, Adliora will use your contact details to respond to that enquiry. Submitting an enquiry does not create a contractual relationship between you and Adliora. Any engagement of Adliora services will be subject to a separate agreement and Adliora's standard terms of business.
Adliora does not guarantee a response to every enquiry and is under no obligation to respond to any particular request for information.
12. Governing Law
These Terms are governed by and construed in accordance with the law of England and Wales. Any dispute arising out of or in connection with these Terms or your use of the Website is subject to the exclusive jurisdiction of the courts of England and Wales.
If you are a consumer resident in Scotland or Northern Ireland, you may also have the right to bring proceedings in the courts of your country of residence under applicable consumer protection law.
13. Contact Us
If you have any questions about these Terms or about the Website, please contact Adliora at:
| legal@adliora.com | |
|---|---|
| Address | Heracles CS Limited, 19-23 Stamford New Road, Altrincham WA14 1BN |
| Website | www.heraclescs.com |
Modern slavery statement
Modern Slavery and Human Trafficking Statement
Financial Year 2026/27
| Document reference | HCSL-MSS-001 |
|---|---|
| Version | 1.0 |
| Financial year | 2026/27 |
| Publication basis | Voluntary publication. Heracles CS Limited does not currently meet the mandatory reporting threshold of £36 million annual turnover under section 54 of the Modern Slavery Act 2015. This statement is published voluntarily as a matter of good governance and in recognition of the firm's obligations to its clients and supply chain. |
| Approved by | Board of Directors |
| Approval date | June 2026 |
| Review date | June 2027 |
1. Introduction and Commitment
Adliora is the trading name of Heracles CS Limited, an AI consultancy and strategy firm incorporated in England and Wales. We provide advisory, strategy, and implementation services to small and medium-sized enterprises, with a particular focus on the legal sector and professional services markets. We operate from the United Kingdom, with planned offices in London, New York, and Dubai.
We are committed to acting ethically and with integrity in all our business dealings and relationships. We recognise that modern slavery, which encompasses slavery, servitude, forced and compulsory labour, and human trafficking, is a serious global crime and a gross violation of fundamental human rights. This statement sets out the steps Adliora has taken, and will continue to take, to ensure that modern slavery is not present in our business or supply chains.
Whilst Adliora does not currently meet the turnover threshold that would make publication of this statement a mandatory requirement under section 54 of the Modern Slavery Act 2015, we believe that transparency on this issue is a matter of good governance and reflects the standards we expect of ourselves and of those we work with. As the business grows, this statement will be updated annually and will in due course form part of our mandatory compliance obligations.
2. Our Organisation, Business, and Supply Chains
Heracles CS Limited is a private limited company registered in England and Wales. The firm is led by its directors and delivers consultancy services directly to clients. At this stage of the firm's development, operations are conducted by a small team of senior professionals. As the firm grows, it will engage subcontractors and associates to support delivery on specific client engagements.
Our supply chain is currently limited in scope and risk profile. The principal categories of third-party supplier we engage are as follows.
| Supplier category | Examples | Modern slavery risk assessment |
|---|---|---|
| Technology and software | Cloud platforms, AI tools, productivity software, cybersecurity tools | Low. Suppliers are predominantly established technology companies in the UK, US, and EU operating in regulated markets with published modern slavery compliance programmes. |
| Professional services | Solicitors, accountants, insurance brokers, and specialist advisers | Low. UK-regulated professional service firms subject to their own professional obligations and regulatory oversight. |
| Office and facilities | Co-working space, stationery, equipment | Low to moderate. Standard commercial suppliers in the UK. Higher risk items such as electronic equipment and printed materials are subject to supplier selection review. |
| Subcontractors and associates | Specialist consultants engaged for specific client projects | Low. Individuals engaged directly under written agreements that incorporate compliance obligations. Identity and right-to-work checks conducted at onboarding. |
| Marketing and design | Graphic design, web development, content production | Low. UK-based suppliers engaged through standard commercial arrangements. |
3. Policies in Relation to Modern Slavery
Adliora maintains the following policies that are directly or indirectly relevant to the prevention of modern slavery and human trafficking.
- This Modern Slavery and Human Trafficking Statement, which is reviewed annually and published on the Adliora website.
- The Adliora Responsible AI Policy, which includes provisions on ethical business conduct and the protection of individuals in the use of AI tools.
- The Adliora Expense Policy, which includes provisions on compliance with the Bribery Act 2010 and the conduct expected of all personnel in commercial relationships.
- Subcontractor and supplier engagement terms, which include contractual obligations on compliance with applicable law, including the Modern Slavery Act 2015 and the associated guidance issued by the Home Office.
Adliora does not tolerate modern slavery or human trafficking in any form within its business or supply chain. Any supplier, subcontractor, or associate found to be in breach of this position will have their engagement terminated.
4. Due Diligence Processes
We take a risk-proportionate approach to due diligence, focused on the areas where the risk of modern slavery is most likely to arise given the nature of our business and supply chain.
For subcontractors and individual associates, our onboarding process includes identity verification, right-to-work checks, confirmation of eligibility to work in the relevant jurisdiction, and review of the proposed working arrangement to ensure it reflects a genuine and freely entered commercial engagement. We do not use recruitment intermediaries without first satisfying ourselves as to their compliance practices.
For technology suppliers, we review the publicly available modern slavery statements and compliance documentation of significant suppliers before entering material commercial relationships. Where a supplier cannot demonstrate a credible approach to modern slavery compliance, we will seek an alternative.
For office and facilities suppliers, we apply standard due diligence proportionate to the value and risk profile of the supply. We do not procure goods or services from suppliers whose business practices are inconsistent with our ethical standards.
5. Risk Assessment and Management
We have assessed the risk of modern slavery within our business and supply chains as low, for the following reasons.
- Our business is a professional services firm. Our workforce consists of qualified professionals engaged under transparent commercial arrangements at market rates. There are no features of our direct operations that are associated with elevated modern slavery risk, such as labour-intensive manufacturing, low-wage shift work, or the use of temporary agency labour in vulnerable employment categories.
- Our supply chain is small, primarily UK-based, and concentrated in regulated professional services and established technology industries. The suppliers we engage are predominantly subject to their own statutory modern slavery compliance obligations.
- Our planned international operations in the United Arab Emirates and the United States will be reviewed for jurisdiction-specific risk as those operations develop. The UAE in particular has received attention in relation to migrant labour practices, and we will apply heightened due diligence to any supplier or subcontractor engaged in that jurisdiction.
We will review our risk assessment annually and will update it promptly if there is a material change in our business model, supply chain, or the jurisdictions in which we operate.
6. Measuring Effectiveness
As a firm at an early stage of development, our approach to measuring effectiveness reflects our current size and the limited complexity of our supply chain. We will track the following indicators and report on them in each subsequent annual statement.
| Indicator | Target |
|---|---|
| Subcontractors and associates onboarded with completed compliance checks | 100% |
| Significant new suppliers reviewed for modern slavery compliance documentation | 100% of new suppliers in elevated-risk categories |
| Modern slavery training completed by all directors and senior personnel | 100% annually |
| Modern slavery incidents identified or reported | Zero. Any incident identified will be reported to the relevant authorities and documented in the following annual statement. |
| Annual statement reviewed, updated, and published | By 30 September each year, covering the preceding financial year |
7. Training and Awareness
All directors and senior personnel of Adliora complete modern slavery awareness training on joining the firm and at intervals not exceeding 12 months thereafter. The training covers the definition and forms of modern slavery and human trafficking, how to recognise indicators that a person may be a victim, how to raise a concern, and the reporting channels available including the Modern Slavery Helpline (operated by Unseen UK at 08000 121 700).
Subcontractors and associates engaged on client delivery work are made aware of this statement and of Adliora's expectations regarding ethical conduct as part of their onboarding.
8. Reporting Concerns
Any member of personnel, subcontractor, associate, client, or supplier who has a concern about modern slavery or human trafficking in connection with Adliora's business or supply chain is encouraged to raise that concern promptly. Concerns may be raised directly with any director of Adliora or by contacting the Modern Slavery Helpline on 08000 121 700 or by email to modernslavery@unseenuk.org.
Adliora will not penalise or disadvantage any person who raises a concern in good faith. Where a concern is raised and substantiated, we will take appropriate action, which may include termination of the relevant commercial relationship and referral to the National Referral Mechanism or other relevant authority.
9. Looking Ahead
As Adliora grows and its supply chain develops, we will take the following steps to strengthen our approach to modern slavery compliance.
- Formalise a supplier code of conduct incorporating our modern slavery expectations, to be provided to all significant suppliers and incorporated into supplier agreements.
- Conduct targeted due diligence on suppliers in the UAE and US as those operations develop, with particular attention to any labour-intensive or lower-wage supply relationships in those jurisdictions.
- Review our training programme annually to reflect updates to statutory guidance and best practice.
- Engage with the Government's Modern Slavery Act review process and update our practices to reflect any legislative developments.
10. Director Approval
This statement has been approved by the Board of Directors of Heracles CS Limited and is made pursuant to section 54 of the Modern Slavery Act 2015. It covers the first financial year ending 30 April 2027 and will be reviewed and updated by 30 September 2027.
| Signed for and on behalf of Heracles CS Limited Signature: ____________________________ Name: ________________________________ Title: Director Date: June 2026 | This statement is published on the Adliora website at www.heraclescs.com and will remain publicly accessible for a period of not less than five years from the date of publication. For further information or to raise a concern, please contact: Heracles CS Limited 19-23 Stamford New Road, Altrincham WA14 1BN governance@adliora.com |
|---|
Responsible AI policy
| Policy reference | HCSL-RAI-001 |
|---|---|
| Version | 1.0 |
| Status | Active |
| Effective date | June 2026 |
| Applies to | All personnel of Heracles CS Limited and any contractors acting on its behalf |
| Policy owner | Chief Executive Officer |
| Review cycle | Annual, or following any material change in AI tools or regulatory guidance |
1. Purpose
Heracles CS Limited is an AI consultancy and strategy firm. Artificial intelligence tools are central to how we work, and how we advise clients on working. That dual position, as both a practitioner and an adviser, means our own conduct in using AI is not an internal matter only. It is part of the service we sell and part of the professional credibility on which that service depends.
This Policy sets out the standards we apply to AI use across the firm. It defines which AI tools we use and for what purposes, where we draw boundaries, how we protect client information when AI tools are engaged, and what our position is on the reliability and ownership of AI-generated content. Every person working for or with Adliora must read, understand, and follow this Policy.
2. Scope
This Policy applies to all employees, directors, consultants, and contractors of Heracles CS Limited, regardless of seniority or location. It applies whenever an AI tool is used in connection with any work carried out for or on behalf of Adliora, whether that work involves client delivery, business development, internal administration, marketing, or research.
This Policy sits alongside the Adliora Data Protection Policy and the Record of Processing Activities. Where AI use involves the processing of personal data, both this Policy and the Data Protection Policy apply. In the event of any inconsistency, the more protective provision governs.
3. Definitions
In this Policy, the following terms carry the meanings set out below.
| Term | Meaning |
|---|---|
| AI Tool | Any software or service that uses machine learning, large language model, generative AI, or similar automated reasoning technology to produce, summarise, translate, classify, or otherwise process content. This includes but is not limited to large language model assistants, AI-assisted research tools, automated drafting tools, and AI-integrated productivity platforms. |
| AI-Generated Output | Any content, analysis, document, code, or recommendation produced in whole or in material part by an AI Tool, regardless of the extent to which a human has subsequently reviewed or edited it. |
| Client Data | Any information, whether personal data or otherwise, provided by or relating to a client, including information about the client's business, personnel, strategy, operations, or legal and regulatory position. |
| Approved AI Tool | An AI Tool that has been assessed and approved under clause 8 of this Policy for use in Adliora work. |
| Restricted Use Case | A category of work identified in clause 6 as requiring elevated caution or specific authorisation before an AI Tool is engaged. |
| Prohibited Use Case | A category of work identified in clause 6 as one in which AI Tools must not be used. |
4. How Adliora Uses AI Tools in Delivery Work
4.1 General principle
We use AI Tools to make our work better, faster, and more rigorous. We do not use AI Tools to replace professional judgement. Every output produced with AI assistance is reviewed, assessed, and owned by a qualified human before it reaches a client or is relied upon in any professional context.
4.2 Approved uses in client delivery
Adliora uses Approved AI Tools across the following categories of delivery work.
- Research and market analysis, including the rapid synthesis of publicly available information to support strategic recommendations.
- Drafting and document production, including the preparation of reports, policies, frameworks, and written advice, subject to full human review before issue.
- Process mapping and workflow analysis, including the use of AI Tools to identify inefficiency patterns and model alternative process designs.
- Gap analysis and compliance assessment, including comparison of a client's documented practices against relevant legal, regulatory, or industry standards.
- Training and educational content production, including the preparation of written materials, presentations, and e-learning content for client staff.
- Proposal preparation and business development collateral, including the drafting of scope documents and service proposals for prospective clients.
In every case, the AI Tool is a supporting instrument. The consultant responsible for the engagement retains full accountability for the quality, accuracy, and appropriateness of anything delivered to the client.
4.3 Internal uses
AI Tools are also used internally for tasks including the drafting of internal policies and procedures, the preparation of meeting notes and action logs, the management of scheduling and administrative correspondence, and the production of marketing and social media content. The same review obligation applies: no AI-generated internal document is finalised or distributed without human review.
5. Transparency with Clients
5.1 Disclosure
We will tell clients, in our standard Client Engagement Letter and in response to any direct inquiry, that we use AI Tools as part of our service delivery. We will not represent AI-generated content as the product of exclusively human effort.
5.2 Client instruction to restrict AI use
A client may instruct us in writing to restrict or prohibit the use of AI Tools in their engagement. We will honour that instruction. Where a restriction materially affects our ability to deliver the agreed scope within the agreed fee, we will notify the client and agree a revised approach before proceeding. The instruction to restrict AI use must be recorded in the engagement file and communicated to all personnel working on the matter.
5.3 AI-generated outputs in deliverables
Where a deliverable contains material that originated as AI-generated content and has been reviewed and edited by a consultant, that deliverable is treated as the professional output of Adliora. We do not disclose which individual sentences or paragraphs originated in an AI Tool. We do disclose, at an engagement level, that AI Tools were used in the production process.
6. Boundaries: Restricted and Prohibited Uses
6.1 Prohibited uses
The following uses of AI Tools are prohibited without exception.
- Inputting any client personal data, including names, contact details, financial information, health information, or legal matter details, into any AI Tool that is not an Approved AI Tool with a contractual data processing agreement in place.
- Inputting any client confidential information, including commercially sensitive strategy, unpublished financial information, or information subject to legal professional privilege, into any AI Tool whose data retention and training practices have not been reviewed and approved.
- Delivering AI-generated content to a client without human review, regardless of time pressure or the apparent routine nature of the task.
- Using AI Tools to generate legal advice intended to be relied upon as a substitute for qualified legal counsel. Adliora does not practise law. Where our advisory work touches legal questions, we refer clients to qualified solicitors and do not use AI Tools to substitute for that referral.
- Using AI Tools to fabricate, misrepresent, or impersonate any individual, organisation, or document.
- Using AI Tools to generate content that is discriminatory, defamatory, or in breach of any applicable law.
6.2 Restricted uses requiring senior approval
The following categories of work require prior approval from a director or the Chief Executive Officer before an AI Tool is engaged.
- Any engagement where the client is in the legal sector and the subject matter involves client-confidential legal matter information or information relating to third parties in litigation or regulatory proceedings.
- Any work involving the processing of special category personal data as defined under the UK General Data Protection Regulation, including health, criminal records, biometric, or political information.
- Any engagement where the AI Tool is to be used to produce a compliance or regulatory assessment that will be submitted to a regulator or relied upon in legal proceedings.
- Any engagement where the client has signalled, formally or informally, that they have concerns about AI use or data handling.
6.3 The legal sector
Legal sector clients operate under heightened duties of confidentiality, professional privilege, and regulatory oversight governed by the Solicitors Regulation Authority, the Bar Standards Board, the Chartered Institute of Legal Executives, and other applicable regulatory bodies. When working with legal sector clients, we treat all matter-related information as presumptively privileged until we have confirmed otherwise. We apply this Policy with corresponding strictness and do not use AI Tools to process any information that a legal professional would be required to treat as confidential without the express written consent of the client and a confirmed assessment that the AI Tool meets the data security standards required.
7. Protecting Client Data When AI Tools Are Used
7.1 Pre-use assessment
Before an AI Tool is used in connection with any client engagement, the responsible consultant must confirm that the tool is on the Approved AI Tools list maintained by the Policy Owner. If it is not on that list, the tool must be assessed under clause 8 before use. Use of an unapproved tool in a client engagement is a breach of this Policy.
7.2 Data minimisation
When using an AI Tool in connection with client work, personnel must apply the principle of data minimisation. This means providing only the information that is necessary for the specific task. Client names, personal details, and identifying information should be removed or anonymised before input into an AI Tool wherever it is practicable to do so without compromising the quality of the output. Where anonymisation is not practicable, the responsible consultant must document the reason and confirm that the tool has been approved for identifiable data processing.
7.3 AI Tools that retain or train on data
Adliora will not use any AI Tool that, by default, retains input data for the purpose of training its underlying models, in connection with client data, unless the client has given explicit informed consent and the relevant data processing terms have been reviewed and approved. Where an AI Tool offers a setting or configuration that disables training on user inputs, that setting must be activated before client data is processed.
7.4 Third-party AI processors
Where an AI Tool provider processes data on our behalf, that provider must be treated as a data processor under the UK General Data Protection Regulation. A Data Processing Agreement meeting the requirements of Article 28 UK GDPR must be in place before client personal data is processed. The AI Tool must be included in the Adliora Record of Processing Activities. Personnel must not use consumer-grade versions of AI tools, which typically do not offer data processing agreements, for any purpose involving client personal data.
7.5 International transfers
Many AI Tool providers operate infrastructure in the United States or other non-UK jurisdictions. Any transfer of client personal data to such a provider constitutes an international transfer under the UK GDPR and must be covered by an appropriate transfer mechanism. Approved AI Tools are assessed for transfer compliance as part of the approval process under clause 8. Personnel must not route client data through any AI service where the international transfer position has not been confirmed.
7.6 Breach or suspected breach
If a member of personnel suspects that client data has been processed through an unapproved AI Tool, or that an AI Tool has retained or transmitted client data in a manner not contemplated by this Policy, they must notify the Policy Owner immediately. The incident must be assessed under the Adliora Data Protection Policy and, where it constitutes a personal data breach, reported to the Information Commissioner's Office within 72 hours of confirmation.
8. AI Tool Selection and Approval
8.1 Assessment criteria
Before any AI Tool is added to the Approved AI Tools list, it must be assessed against the following criteria.
| Assessment area | Minimum requirement |
|---|---|
| Data retention | The provider must offer a configuration option that prevents input data from being used to train models, or must confirm by contract that it does not retain or train on customer inputs. |
| Data processing terms | A Data Processing Agreement compliant with Article 28 UK GDPR must be available and must be executed before use involving personal data. |
| International transfers | The international transfer basis must be identified. For US providers this will typically be the UK Extension to the EU-US Data Privacy Framework (UK-US Data Bridge) or UK-approved Standard Contractual Clauses. The basis must be confirmed and recorded. |
| Security standards | The provider should hold recognised security certifications (ISO 27001 or SOC 2 Type II as a minimum) or provide equivalent documented evidence of security controls. |
| Output reliability | The tool's known limitations, including tendencies to produce inaccurate, fabricated, or biased output, must be understood and factored into the review obligations applied to its outputs. |
| Contractual standing | The tool's terms of service must be reviewed to confirm compatibility with Adliora's obligations to its clients, including any confidentiality or intellectual property obligations. |
8.2 Approved AI Tools register
The Policy Owner maintains a register of Approved AI Tools. The register records the tool name, version or tier used, the assessment date, the data processing agreement reference, the approved use categories, and any restrictions on use. The register is reviewed when this Policy is reviewed and whenever a new tool is proposed or an existing tool materially changes its terms or functionality.
8.3 New tools and changes
Any member of personnel wishing to use an AI Tool that is not on the Approved AI Tools register must submit a request to the Policy Owner before use. The request must identify the tool, the intended use, the data involved, and the reason the request is being made. The Policy Owner will complete the assessment within five working days or, where the matter is time-critical, as soon as practicable. Use of an unapproved tool is not permitted pending assessment, regardless of the urgency of the underlying work.
9. AI-Generated Outputs: Our Position
9.1 Accuracy and reliability
AI Tools, including the most sophisticated large language models currently available, produce inaccurate output. They fabricate citations, misstate legal and regulatory requirements, confuse dates, figures, and names, and present confident-sounding assertions that are simply wrong. Adliora does not treat AI-generated content as reliable until a qualified human has reviewed it against primary sources or professional knowledge. The frequency and seriousness of AI errors varies by tool and by task type, and personnel must calibrate their review accordingly: a higher-risk task demands a more thorough review.
9.2 Human review obligation
No AI-generated output may leave the firm, whether in a client deliverable, a proposal, an email, or any other communication, without being read, assessed, and approved by a person with the competence to evaluate it. The review obligation is not satisfied by a superficial read. The reviewer must satisfy themselves that the content is accurate, that any claims are supportable, that any references or citations have been verified, and that the output is consistent with the professional standards expected of Adliora.
9.3 Intellectual property
The intellectual property position on AI-generated content is unsettled in the United Kingdom and internationally. Adliora does not make representations to clients about the intellectual property ownership of content generated with AI tool assistance beyond what is expressly agreed in the applicable services agreement. Personnel must not input any content owned by a third party into an AI Tool in a manner that would constitute an infringement of that third party's intellectual property rights. Where a client provides us with its own proprietary materials for use in our work, those materials must be handled in accordance with the confidentiality provisions of the applicable services agreement.
9.4 Professional accountability
Adliora takes professional accountability for every output it delivers, whether or not AI Tools were used in its production. The involvement of an AI Tool in producing a deliverable does not reduce, qualify, or displace our contractual or professional obligations to the client. A consultant who delivers inaccurate or damaging work on the basis that it was produced by an AI Tool will be held to the same standard as if they had produced it personally.
10. Human Oversight and the Role of Judgement
AI Tools do not understand context in the way that experienced professionals do. They do not exercise professional judgement. They are not subject to the professional obligations, regulatory duties, or ethical commitments that apply to Adliora and its people. Our use of AI is always in the context of professional engagements where those obligations apply, and we do not allow AI Tools to substitute for the application of professional judgement.
This means, in practice, that a consultant working on a client engagement does not simply prompt an AI Tool and pass the output to the client. The consultant uses the tool to accelerate or enhance their own work, reviews the output critically and thoroughly, applies their professional knowledge to identify errors and gaps, and issues the final product as their own professional work product for which they are fully responsible. The AI Tool is an instrument, not an author.
11. Staff Responsibilities
11.1 All personnel
Every person working for or with Adliora is responsible for reading this Policy before using any AI Tool in connection with Adliora work, for using only Approved AI Tools, for applying the data minimisation principle, for reviewing all AI-generated content before use or delivery, and for reporting any suspected policy breach or data incident to the Policy Owner immediately.
11.2 Directors and senior consultants
Directors and senior consultants are responsible for ensuring that junior personnel and subcontractors under their supervision understand and follow this Policy, for authorising Restricted Use Cases under clause 6.2, and for escalating any situation where AI use raises concerns that this Policy does not squarely address.
11.3 The Policy Owner
The Policy Owner is responsible for maintaining the Approved AI Tools register, conducting and recording tool assessments, responding to new tool requests under clause 8.3, reviewing and updating this Policy at each review cycle, and acting as the first point of contact for any question or concern about AI use within the firm.
12. Compliance and Consequences
Compliance with this Policy is a condition of working for and with Adliora. A breach of this Policy, including but not limited to the use of a prohibited or unapproved AI Tool with client data, the delivery of unreviewed AI-generated content to a client, or the failure to report a data incident, will be treated as a serious disciplinary matter. Where a breach causes or risks causing loss or damage to a client, Adliora will assess its obligations to that client and may be required to notify the client of the breach.
Contractors and subcontractors are required to comply with this Policy as a term of their engagement with Adliora. Adliora reserves the right to terminate an engagement with any contractor who breaches this Policy.
13. Monitoring and Review
The AI environment changes rapidly. New tools emerge, regulatory guidance develops, and the capabilities and risks of existing tools change. This Policy will be reviewed at least annually and will also be reviewed promptly following any of the following events: a material change in the AI Tools used by the firm; new or updated guidance from the Information Commissioner's Office, the AI Safety Institute, or any other relevant regulatory body; a significant AI-related incident within the firm; or a significant change in the firm's client sectors or delivery model.
The review will assess whether the Approved AI Tools list remains current, whether the boundaries in clause 6 remain appropriate, whether the data protection controls in clause 7 reflect current best practice, and whether any developments in law or regulation require amendment to the Policy.
Updated versions of this Policy will be issued with a new version number and effective date and communicated to all personnel before the effective date.
14. Related Documents
| Document | Reference |
|---|---|
| Data Protection Policy | HCSL-DP-001 |
| Privacy Policy (website) | HCSL-PP-001 |
| Cookie Policy (website) | HCSL-CK-001 |
| Record of Processing Activities | HCSL-ROPA-001 |
| Client Engagement Letter and Terms of Business | HCSL-TOB-001 |
| Consultancy Services Agreement | HCSL-CSA-001 |
15. Approval and Version History
| Version | Changes | Approved by | Date |
|---|---|---|---|
| 1.0 | Initial issue | Chief Executive Officer | June 2026 |
This Policy has been approved by the Chief Executive Officer of Heracles CS Limited and takes effect from the date shown in the document header above.