I need to draft an AI usage policy for my company. Here's the context:

**Company:** [Size, industry, type of work you do]
**Current AI usage:** [How people are using AI now — formal or informal]
**Sensitive data we handle:** [Types of data — client data, financial data, personal data, etc.]
**Regulatory environment:** [Any industry-specific regulations — GDPR, HIPAA, financial compliance, etc.]
**Company culture:** [Risk tolerance — conservative, moderate, progressive]

Draft a company AI policy covering:
1. Purpose statement — Why we're creating this policy (enable responsible AI use, not restrict it)
2. Scope — Who this applies to and which AI tools it covers
3. Data classification — Three tiers (green/yellow/red) with specific examples from our industry
4. Approved use cases — What employees CAN use AI for, with examples
5. Restricted use cases — What requires manager approval first
6. Prohibited use cases — What is never acceptable
7. Disclosure guidelines — When and how to tell clients, partners, or stakeholders that AI was used
8. Quality assurance — The verify/trust framework applied to our work (what must be human-reviewed before going external)
9. Data handling — How to anonymize sensitive information before using it as AI input
10. Policy review schedule — How often we revisit this policy (recommend quarterly in the first year)

Tone: Enabling, not policing. This should make people confident about using AI, not afraid of violating rules. Think guardrails on a highway — they keep you safe while letting you move fast.

[VERIFY] all regulatory references against our actual compliance requirements before publishing.