Artificial Intelligence

“As a cutting-edge technology business delivering innovative recruitment solutions to our customers, we have complex needs … We experienced excellent service throughout the project – Pritchetts were detail-oriented, technically strong and also pragmatic, all without the price tag of their big law firm competitors.”

Rob Garlick, then Finance Director of LaunchPad Recruits

Do You Need an AI Lawyer? We Can Help!

We started providing legal support to clients using AI systems back in 2017. Since then, we have advised on the legal implications of developing and using new technologies, including AI systems.

AI has been around for years, but the growth of AI in every sector and organisation is now rapid. AI systems have the potential to revolutionise our lives in both the business and personal spheres, through virtual assistants, medical diagnosis tools, autonomous vehicles and more. The technological changes available through AI present clear benefits, but also risks that need to be assessed and mitigated.

Whether you’re a small start-up or a multinational corporation, our friendly team of expert lawyers can provide you with artificial intelligence legal advice to help you:

  • Reassure your stakeholders and customers that:
    • The AI system is being developed with legal and regulatory compliance in mind.
    • Ethical considerations have been thought about and documented.
    • The system is understood and explainable to customers and regulators.
    • You understand the impact of bias, transparency, accuracy, and what controls are in place – or should be in place.
  • Untangle the legal complexities of procuring or implementing AI, whether you’re looking at open source models, or using an API from the growing pool of AI developers.
  • Understand and manage the risks of using generative AI (GenAI) in your organisation.
  • Navigate the interface between AI and data protection regulation, such as minimising algorithmic discrimination and bias, establishing an ethical framework, ensuring transparency and explainability, or handling specific GDPR compliance considerations.
  • Carry out horizon scanning to consider legal and regulatory changes around the world and how that will affect your use of AI.
  • Take advantage of the efficiencies and opportunities that AI presents.

Explore below to see how we can support you across the full lifecycle of AI projects.

AI contracts

We advise both organisations procuring and deploying AI systems and developers bringing AI products to market, across the full lifecycle from procurement to deployment and commercialisation. We can help to negotiate and draft contracts and template documents including AI supply, licensing, development and collaboration arrangements.

How we support common AI contract scenarios:

  • If you are procuring AI systems, enabling you to exploit new opportunities and respond quickly to commercial opportunities and evolving legal and regulatory requirements, while managing risk around data use, liability and supplier dependencies.
  • If you are an AI developer seeking to sell your products and services while reassuring your customers and clients about your AI and data protection compliance, and strengthening your commercial position in negotiations. You may also need help preparing documents covering security, transparency, explainability, ethics and broader accountability requirements.
  • If you are developing AI-powered agents as part of your SaaS offering, including structuring your product, customer terms and data use. We will help you to ensure that your contractual framework addresses autonomy, output risk, data protection and customer expectations, particularly where functionality evolves or outputs are relied on by end users.
  • If you are collaborating with others on AI projects, such as other commercial organisations, academic or medical institutions, or government-backed research and innovation projects, with clear allocation of responsibility, IP rights and data use.

We regularly advise on issues such as data ownership and use in model training, intellectual property in outputs, liability allocation, regulatory compliance, and supplier risk.

We work alongside in-house legal teams, founders and technical stakeholders to ensure that AI contracts are both legally robust and commercially workable.

We can support discrete contract reviews, ongoing advisory relationships or project-based work, depending on how your AI offering is developing.

Contact our experienced AI lawyers to discuss how we can support your AI projects, whether you are procuring systems, developing AI products, or entering into collaborative arrangements.

We have helped many of our clients to establish robust legal agreements to avoid time being wasted on unnecessary negotiation and potential loss of business.

+

AI risk management and the GDPR/data protection interface

Developing or implementing any new technology carries risk, and AI brings its own set of distinct risks. These risks often depend on how AI systems are designed and used in practice, including what data is processed, how that data is input, processed and relied on, what data is created, and what governance structures are in place.

We advise both organisations procuring AI systems and also AI developers bringing AI products to market, across the full lifecycle from procurement to deployment and commercialisation, including early-stage product structuring and ongoing use of AI in live environments.

Our services include advising on:

  • The legal implications of AI, including how these interact with the GDPR.
  • Appropriate AI implementation frameworks, AI risk assessments and governance measures.
  • Managing data used in training, testing and operation of AI systems, including provenance, licensing and reuse risks.
  • Completion of data protection impact assessments (DPIAs) and consultation with regulators. This may include advising on DPIAs and wider AI risk assessments for the use of tools such as:
    • Microsoft 365 Copilot and Copilot Chat
    • Anthropic’s Claude models
    • Other AI SaaS products, including workplace AI assistants, collaboration tools, customer support chatbots, document automation tools and AI-enabled analytics platforms, depending on how they are configured and used in your organisation.

Many of these tools will include personal data being input into, processed by or generated by those systems, or outputs being used to inform decisions or actions. These risks will need careful consideration, and it is important to consider if a DPIA will be mandated under the GDPR, with resulting fines and sanctions where this is not carried out.

By way of example, we may support organisations in assessing the use of AI tools embedded within productivity suites, HR and recruitment platforms, customer service systems, software development workflows, or internal knowledge management systems.

  • How to ensure transparency and explainability. This includes producing privacy notices that cover how personal data is collected and used as part of creating and training an AI model, or in relation to personal data that is uploaded to – or generated by – the AI system.
  • Security and supplier due diligence processes.
  • Compliant international data transfer mechanisms and transfer risk assessments.
  • The use of AI to make solely automated decisions (ADM) about individuals.
  • Identification of the appropriate legal basis for different elements of AI processing, and of special category data processing.
  • Drafting legitimate interests assessments (LIAs).
  • Undertaking controller, processor and joint controller assessments within the specific AI ecosystem.
  • Data-sharing and data processor agreements.
  • Data minimisation.
  • Ensuring individual rights and handling rights requests.
  • GDPR accountability and wider AI governance policies and procedures, including   the design and implementation of governance frameworks, such as the development of AI ethics frameworks, internal governance structures and policies for the use of generative AI in the workplace.
  • Deep-dive data protection audits.
  • Specific AI risks such as personal data leakage, model inversion, membership inference and data poisoning.

We can also assist with robust AI due diligence and establishing strong breach-handling processes, as well as supporting you in responding to incidents and regulatory scrutiny in the event that issues arise.

We work with data ethics professionals and data scientists, where needed, to provide expert input.

We regularly work alongside legal, compliance and technical teams to ensure that AI risk is managed in a practical and proportionate way.

Contact our experienced AI lawyers to find out more.

One of our clients has designed an app to demystify career growth in companies and empower everyone to own their own career, using AI systems to present relevant career content.

Compliant terms and conditions and privacy notices are key to customer sales and to ensure the trust and confidence of individuals and organisations that use the app.

Our published article explains how organisations can help to protect themselves and ensure GDPR compliance when developing, implementing or trialling AI systems in their organisations.

+

AI regulation and compliance

Organisations must keep up to date with the evolving regulatory landscape around AI systems. There will be inevitable complexities around consistency of regulation and enforcement in different jurisdictions, particularly for organisations operating across multiple markets or using third-party AI providers. This creates both risks and opportunities for organisations and may be particularly relevant for organisations developing or deploying AI systems at scale or operating in regulated sectors.

Organisations increasingly need to make decisions about how AI systems are designed, deployed and governed in practice, often in areas where regulatory expectations are still evolving. For example, you may be rolling out AI tools across your organisation, embedding generative AI into your products or services, or responding to regulatory scrutiny or stakeholder concerns about AI use. We help you interpret those developments in a way that is aligned with your commercial objectives and risk profile.

We keep ourselves informed of the latest developments in the UK and wider international legal and regulatory AI landscape. We can help your organisation with AI regulation consultation, navigating and planning for developments, and designing and implementing AI governance frameworks. This includes:

  • Advising on how regulatory developments affect your specific use cases, risk profile and commercial objectives.
  • Helping you interpret regulatory developments in a practical, proportionate way and reflect them in your policies, contracts and internal processes.

We are often asked to advise where organisations are scaling AI use, deploying new tools across teams, or seeking to align existing systems with emerging regulatory expectations.

Contact our experienced AI lawyers to discuss how evolving AI regulation may affect your current or planned use of AI, and how best to respond.

“The team at Pritchetts Law are all technically excellent, professional and brilliant to work with, but the best part of working with them, is that they listen to what you need and provide you with clear and relevant advice and solutions.”

Quoted in The Legal 500 UK 2023

+

AI policies and procedures

Incorporating AI considerations into workplace, general governance and data protection policies and procedures is crucial for managing risk and ensuring that staff are fully informed. This is particularly relevant where organisations are introducing AI tools into the workplace, embedding AI into existing systems, or seeking to bring greater control and consistency to how AI is used across teams. It is increasingly important that this is addressed particularly where AI use is increasing and evolving across teams, without control of staff using their own AI services (known as shadow AI) is creeping in without effective, consistent controls such as training and governance.  

These issues may arise where you are introducing tools such as Microsoft 365 Copilot, Copilot Chat, Anthropic’s Claude models or other AI-enabled SaaS products into the workplace and need clear internal rules, responsibilities and risk controls around their use.

It is important that you establish clear internal frameworks, appropriately define responsibilities, and set out how AI systems can and cannot be used within your organisation. For example, you may wish to create a standalone policy on using AI systems in the workplace and an AI governance framework. You may also wish to update other policies and processes to incorporate AI issues, such as guidelines on handling DPIAs, security breaches and individual rights requests.

Our knowledgeable team can help you develop and implement policies and procedures – or review existing ones, particularly where they do not yet fully address AI-related risks – and tailor them to your organisation. This may include standalone AI policies, updates to existing data protection and IT policies, and the development of wider AI governance frameworks.

We work with legal, compliance, HR and technical teams to ensure that policies are not only legally compliant, but practical and workable in day-to-day use.

Contact our experienced AI lawyers to discuss how we can help you develop, review or update your AI governance policies and procedures.

One of our clients provides a cutting-edge recruitment technology platform that uses AI systems.

We advised on updates to regulatory guidance, drafted policies and procedures for DPIAs, advised on the conduct of specific DPIAs, updated terms and conditions for our client’s customers and candidates, and updated other communications that clarified the scope of its data processing.

Our advice helped our client to ensure that its recruitment solution met the increased obligations of the GDPR and that the business managed its risk as a processor.

+

Training on the legal requirements for AI systems

Our senior solicitors are experienced trainers, so if you need help with getting your staff up to speed on the legal requirements for AI systems, we can help with tailored training that is practical and aligned with how AI is used within your organisation, and supported by your wider AI governance policies and procedures where relevant.

Our training is designed to be clear and accessible, while reflecting the latest legal and regulatory expectations and your organisation’s specific use of AI.

Contact our experienced AI lawyers to discuss how we can support your organisation with AI training. This is particularly relevant where organisations are introducing AI tools into the workplace or seeking to ensure that staff understand how those tools can be used safely and compliantly.

“Stephanie and Ben, the Pritchetts Law partners delivering the training, were superb presenters. They clearly had a great deal of practical experience and in-depth legal knowledge to deal with the queries we threw at them.”

Ceri Sharples, Learning & Development Manager, Somerset Bridge Shared Services Ltd

    +

    Contact Us

    Get in Touch

    Pritchetts Law LLP
    Hillside
    35 Westbury Hill
    Bristol
    BS9 3AG
    United Kingdom

    +44 (0) 117 307 0266
    info@pritchettslaw.com

    Make an Enquiry

    Please provide your details, and a brief summary of your enquiry, and one of our team will be in touch.

    Pritchetts Law LLP is a Limited Liability Partnership registered in England and Wales (company no. OC413975) and authorised and regulated by the Solicitors Regulation Authority (SRA no. 647155). "Partner" refers to a member of Pritchetts Law LLP.
    © Copyright 2026 Pritchetts Law LLPWeb Design By Toolkit Websites