The kit

Write the rule down

Most organizations haven't written down whose the AI session record is, or who may read it. This kit is the missing handbook page: a policy template in plain language, and a GDPR & works-council annex — free to adapt under CC BY 4.0.

Template · adapt under CC BY 4.0

Session Records Policy

1Purpose

Working with AI agents produces a record: the sessions in which requirements are clarified, approaches are weighed, and the reasoning behind our code and decisions is written down. This record is valuable to the company — it is how we learn from our own work — and it is sensitive to the people who create it. This policy states how it is kept, who can see it, and what it will never be used for.

2Scope

This policy covers AI agent sessions conducted in company repositories, on company accounts, in the course of work. It does not cover personal projects on personal accounts and personal machines. The collection boundary is the repository connection, not the device: if a folder is not wired to a company repository, nothing in it is collected.

3Custody

Session records within scope are company work product — the same category as the code they produce. The company keeps them: preserved, backed up, and retained like source code, so the record survives laptop failures and tool changes.

4Visibility

Custody is not visibility. A raw session is readable by its author. It becomes readable by others only when four conditions hold: recorded in a work repository; that repository connected to a workspace project; a named team granted that project; and the author's revocable, logged approval — scoped to that team. Everyone else, including managers and administrators, sees aggregates only: groups of five or more, with context attached.

5Coaching

Where AI coaching is offered, it exists for the person being coached. Coach conversations, quiz results, and self-assessments reach the person and their coach — never a dashboard, never a manager, never a performance file.

6Never used for

Session records and experience signals exist to improve the system of work. They are not inputs to decisions about an individual's performance, compensation, or employment — those are made with the company's other instruments.

7The access log

Every access to data that includes a person is logged, and that person can read the log of access concerning them.

8When someone leaves

When a person leaves, the record stays — it is work product, and continuity through departures is one of the reasons it is kept. Leaving changes nothing else: raw sessions remain closed to individual reading under the same rules as before.

9Changes

This policy is versioned and displayed where the measurement happens. Changes are announced before they take effect, and previous versions remain available.

This is a template, not legal advice — review with counsel before adoption. The downloadable version marks the sections organizations most often tailor.