Compliance you can stand behind, grounded in real UK guidance.
Zeus builds AI governance tools for businesses that need to get this right. This page sets out exactly what our products are built on, how they generate their output, and the steps we take to keep that output robust, current, and defensible — so you can judge the work on its substance.
Two tools, one purpose
A free diagnostic to show you where you stand, and a paid pack to close the gaps it finds.
AI Readiness Check
A free, structured assessment scoring your business across six weighted governance domains. It returns an overall readiness score, a per-domain breakdown, and a written diagnostic identifying the gaps that matter most — and where uncertainty in your own answers is itself a risk worth addressing.
Take the readiness checkAI Policy Creator
Generates a complete AI Acceptable Use Policy and supporting document set, tailored to your declared circumstances and grounded in published UK regulatory guidance. The Professional pack reflects your specific lawful basis, data handling, and oversight arrangements throughout.
Generate your policyThe principles behind the output
What separates a defensible compliance document from a generic one.
Grounded in published guidance, not generic templates
Every section of a generated policy maps to specific, published UK regulatory guidance — the same primary sources a compliance consultant would work from. We do not invent requirements or pad documents with filler. Where a framework imposes a duty, the policy reflects it; where it does not, we do not overclaim.
Tailored to your declared circumstances
The Professional pack consumes the specific answers you provide — your lawful basis, data locations, retention periods, incident contacts, and DPA status — and reflects them throughout the documents. Where you are uncertain, the output flags the item to confirm rather than asserting a position you have not verified.
A complete, usable document set
Compliance is not a single document. The pack includes an AI Acceptable Use Policy, a DPIA screening checklist, an AI tool register, an incident report form, a staff acknowledgement form, and a quarterly review checklist — the supporting artefacts that turn a written policy into a practised one.
An honest, weighted assessment
The Readiness Check scores six weighted domains, giving most weight to the areas that carry the greatest legal exposure — governance and data protection. It treats “not sure” as a finding in its own right, because unawareness of your own AI use is itself a compliance risk a regulator would take seriously.
The frameworks we build on
These are the published, authoritative sources our tools reference — named, so you can verify them.
ICO Guidance on AI and Data Protection
The Information Commissioner's Office is the UK's data protection regulator. Its AI guidance sets the expectations for lawful basis, transparency, and accountability when AI processes personal data.
UK GDPR & Data Protection Act 2018
The legal foundation for processing personal data in the UK, including the rules on automated decision-making and the requirement to carry out Data Protection Impact Assessments.
UK Government AI Regulation — Five Principles
The cross-sector principles (safety, transparency, fairness, accountability, contestability) that the UK's pro-innovation regulatory approach expects organisations to apply to their AI use.
Equality Act 2010
Governs discrimination. Directly relevant where AI is used in recruitment, performance, or customer decisions, where biased outputs can create legal liability.
ICO AI and Data Protection Risk Toolkit
The ICO's practical risk-assessment framework, which informs how the Readiness Check identifies and weights governance and data-protection gaps.
DSIT Introduction to AI Assurance
The Department for Science, Innovation and Technology's guidance on assuring and managing AI systems, including the management-system layer reflected in our governance scoring.
FCA Consumer Duty & SRA Standards
Sector-specific obligations applied where relevant, so regulated firms in financial services and legal services receive guidance aligned with their own regulators' expectations.
How we keep it honest
The specific measures that protect the credibility of the output.
Outputs reference primary regulatory sources by name, so any claim can be traced and checked against the original guidance.
The system never asserts compliance you have not declared — uncertain inputs are surfaced as items to confirm, not papered over.
Generated documents carry a clear, prominent statement that they are frameworks built on published guidance and do not constitute legal advice.
Payment for the Professional pack is confirmed server-side before any document is generated, so the delivery pipeline is integrity-checked end to end.
Download links are issued to the purchasing organisation and the assessment results are sent only to the email provided.
An honest word on what this is — and isn't
Zeus AI Solutions is not a law firm and does not provide legal advice. Our tools generate governance frameworks built on published UK regulatory guidance, designed to give your business a substantive, well-structured starting point that reflects your circumstances. We recommend that any policy is reviewed by a qualified professional before formal adoption. We believe stating this plainly is itself part of doing compliance properly.