ProPolicyForge is a compliance-focused business and holds itself to the same standards it helps its customers meet. The documentation below sets out how ProPolicyForge operates as a responsible data controller, AI service provider and business-to-business supplier.
ICO Registered Data Controller
Registration number: ZC116446 · Registered: 6 April 2026 · Expires: 5 April 2027
This policy sets out how ProPolicyForge, operated as a sole trader by Andrew David Reilly and registered with the Information Commissioner's Office (ICO) under registration number ZC116446, fulfils its obligations as a data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as amended by the Data (Use and Access) Act 2025.
This policy applies to all personal data processed by ProPolicyForge in the course of operating the propolicyforge.com and propolicyforge.co.uk platforms and any associated business activities.
ProPolicyForge is committed to processing personal data in accordance with the six principles of UK GDPR. Personal data will be processed lawfully, fairly and transparently; collected for specified, explicit and legitimate purposes; limited to what is necessary; kept accurate and up to date; retained only as long as necessary; and processed with appropriate security.
For free and pay-per-document users, document content and inputs are not retained beyond the active session. For subscribed users, generated document content is stored in the Vault until the user deletes it. Payment records are retained for seven years in accordance with HMRC requirements. Contact form correspondence is retained for two years.
ProPolicyForge uses the following third party processors: Anthropic (AI model processing), Stripe (payment processing), Resend (transactional email), Vercel (hosting and analytics), Upstash (Redis data storage, London region), Google Analytics (anonymous usage analytics), and Namecheap (domain registration).
Individuals have the right to access, correct, delete, or object to the processing of their personal data. Requests should be directed to support@propolicyforge.com. ProPolicyForge will respond within 30 days. Individuals also have the right to lodge a complaint with the ICO at ico.org.uk.
In the event of a personal data breach that is likely to result in a risk to individuals' rights and freedoms, ProPolicyForge will notify the ICO within 72 hours of becoming aware of the breach, and affected individuals without undue delay where the breach is likely to result in a high risk.
This policy sets out the permitted and prohibited uses of documents generated by ProPolicyForge. By generating, downloading or using any document produced by the ProPolicyForge platform, users agree to the terms of this policy.
All documents generated by ProPolicyForge are AI-generated and must be reviewed by a suitably qualified professional before implementation. Users accept responsibility for ensuring documents are appropriate for their specific organisation, sector and regulatory circumstances.
For free and pay-per-document users, ProPolicyForge does not retain generated documents after the session ends — users are responsible for downloading and maintaining their own copies. For subscribed users, generated documents are automatically stored in the Vault and accessible via the user's account.
ProPolicyForge uses artificial intelligence to generate compliance documentation. We are committed to transparent, responsible and ethical use of AI technology, and we believe customers are entitled to understand how AI is used in the generation of their documents.
ProPolicyForge uses the Anthropic Claude AI model via API to generate compliance documents. Before generating each document, the system searches live regulatory sources including CQC, HSE, legislation.gov.uk and sector-specific guidance. The AI model then generates a complete, structured compliance document based on the sector, document type and organisation-specific details provided by the user.
ProPolicyForge uses stateless AI processing — document content is never used to train AI models and is never shared with third parties. For free and pay-per-document users, content is not retained beyond the active session. For subscribed users, generated document content is stored securely in their private Vault (Vercel Blob, EU region) under the user's control.
We recognise that AI systems can reflect biases present in their training data. ProPolicyForge's document generation is designed to produce sector-specific, regulation-aligned content rather than opinion-based or subjective content. Where sector-specific professional standards or protected characteristics are referenced, these are aligned to current UK legal requirements.
ProPolicyForge is built and operated by a human with domain expertise in regulated healthcare. The AI model is a tool used under human direction — the framing of prompts, the choice of regulatory sources searched, and the structure of generated documents are all the product of deliberate design decisions.
ProPolicyForge monitors the quality of generated documents and updates prompts, regulatory source searches and document structures as legislation and inspection frameworks evolve. Users are encouraged to report any inaccuracies or quality concerns to support@propolicyforge.com.
This policy sets out ProPolicyForge's approach to maintaining service availability and recovering from disruption. As a digital service, ProPolicyForge's primary risks are technical — infrastructure failure, third party service outages, or security incidents — rather than physical.
ProPolicyForge depends on the following third party services for core functionality: Vercel (hosting and deployment), Anthropic API (AI document generation), Stripe (payment processing), Upstash Redis (data storage), and Resend (transactional email).
ProPolicyForge aims to maintain reasonable service availability, subject to planned maintenance windows and the availability of third party infrastructure providers including Vercel, Anthropic and Upstash. ProPolicyForge does not guarantee uninterrupted service and is not liable for loss caused by service interruptions beyond its reasonable control.
For free and pay-per-document users, ProPolicyForge does not retain generated documents — users are responsible for their own copies. For subscribed users, generated document content is stored in Vercel Blob (EU region) with Vercel's built-in redundancy, and indexed via Upstash Redis (London region). Users are advised to maintain their own downloaded copies of important documents.
ProPolicyForge is currently operated as a sole trader. In the event of a period of incapacity or unavailability of the operator, ProPolicyForge will endeavour to communicate disruption to users and, where applicable, provide refunds for unused subscription periods.
ProPolicyForge is committed to providing a high-quality service and takes all complaints seriously. We regard complaints as an opportunity to improve. If you are dissatisfied with any aspect of our service, we want to hear from you.
Complaints should be submitted in writing to support@propolicyforge.com. Please include your name, contact email address, a description of your complaint, the date(s) on which the issue occurred, and any relevant reference numbers such as a payment reference or document type generated.
If you are not satisfied with our response, you may escalate to: the Information Commissioner's Office for data protection concerns (ico.org.uk), Citizens Advice for consumer disputes (0808 223 1133), or your card provider or Stripe for payment disputes.
All complaints are reviewed to identify whether they indicate a systemic issue with the service. Where complaints identify a pattern of quality concern, ProPolicyForge will review and update its document generation processes accordingly.
ProPolicyForge is committed to equality, diversity and inclusion in all aspects of its business operations. This policy applies to ProPolicyForge's interactions with customers, suppliers and any individuals who engage with the platform or its operator.
This policy is informed by the Equality Act 2010. ProPolicyForge will not discriminate, directly or indirectly, on the grounds of any protected characteristic in its service provision, communications or business practices.
Documents generated by ProPolicyForge are designed to align to current UK equality legislation and best practice, including the Equality Act 2010 and relevant sector-specific guidance.
Any individual who believes they have been treated unequally in their interactions with ProPolicyForge, or who has concerns about the equality implications of generated content, is encouraged to raise this via our complaints procedure at support@propolicyforge.com.
This policy will be reviewed annually and updated to reflect changes in legislation, regulatory guidance and best practice. The current version was last reviewed in April 2026.
These documents were generated using ProPolicyForge and reviewed by the operator prior to publication. They reflect ProPolicyForge's current operating practices as of April 2026. For queries about any of these policies, contact support@propolicyforge.com. All policies are reviewed annually or following significant changes to legislation, regulatory guidance or business operations.