Document Retention & Security

AI Automations Guide

Five AI helpers that draft adoption-ready technology and AI policies from a few answers about your organization. They sit on top of the free policy generators on your dashboard. You review and edit everything before it goes anywhere.

5 policy automations Copy, Word, Text, Print, Email
Every automation is included with your All In One Nonprofit All-Access subscription. See plans and pricing.
Save to Library. Any document this app generates can be saved straight into your shared Document Library with the Save to Library button on the export menu, then found anytime at docs.allinonenonprofit.com (version history, search, org-wide).

How AI Automations Work

Improve an existing document with AI: Besides drafting from scratch, you can upload a document you already have and let AI improve it. On the AI Automations page, use the "Improve an existing document" card: pick a file (Word, text, or a text-based PDF), and AI returns a cleaner version plus a prioritized summary of what changed, with your original kept. It opens in the Document Library's Improve with AI tool with the document type preset.

Open AI Automations in the sidebar. Each card asks a handful of plain questions about your organization. When you click Run, the automation drafts a complete, adoption-ready policy and opens it in an editor.

From there you can Copy it, download it as a Word document (with your letterhead, footer, and signature if you have set them under Organization Setup) or a plain Text file, Print it, or Email it to one or more people such as your board.

The draft is built only from what you tell it. It does not invent statute numbers, retention periods, or dollar thresholds; where something is unknown it leaves a [bracketed] prompt for you to fill in. Sign in with your All In One Nonprofit account to use the automations.

Guidance, not legal advice

These drafts are strategic starting points, not legal, tax, or investment advice. Have a nonprofit attorney review any policy before your board adopts it.

These complement your free generators

Your dashboard already builds Document Retention, Email Use, Data Breach Response, Acceptable Use, and Privacy Notice policies for free. These AI automations add the newer technology and AI policies and a compiler that ties the whole binder together.

Records & Binder

Policy Binder Compiler

Bundles your adopted policies into one board-ready binder document: the four-hour governance project in one click. Use it once your individual policies are in place.

What it asks

  • Which policies you have already adopted
  • Which policies you still need
  • Anything specific the binder should reflect (for example, an annual January review)

What you get

A binder overview, a table of policies marked adopted or still needed, an adoption and approval page with placeholders, a review schedule, a roles-and-responsibilities section, and a short how-to-use note. It indexes the binder rather than rewriting each policy in full.

Acceptable Use & Devices

AI Acceptable Use Policy

The flagship. Drafts an adoption-ready policy for how your staff, board, and volunteers may and may not use AI tools, sized for a nonprofit. There is no off-the-shelf AI policy that fits a 4-person nonprofit, so this one is built around your answers.

What it asks

  • Who may use AI tools (staff, board, volunteers, contractors)
  • Which AI tools are approved
  • Whether sensitive data (donor, client, employee) may be entered into AI tools
  • Whether AI-assisted work must be labeled or disclosed
  • Who signs off before AI-assisted work goes public
  • Any specific prohibited uses

What you get

A full policy with purpose, scope, approved tools, data and confidentiality rules, a human review and accountability section, disclosure expectations, prohibited uses, and an adoption and review page with placeholders.

After you adopt it

Record the annual review date in Compliance Tracker and add the adopted policy to your Board Handbook.

Vendors & Social

Third-Party & AI Vendor Vetting Policy

Drafts the policy for choosing and reviewing the vendors and tools that handle your data. This is the selection-and-review policy, distinct from the signed Vendor Data Processing Agreement template on your free Privacy policy (which is the legal contract).

What it asks

  • What triggers a vendor review (any paid tool, anything touching donor or client data, both, or a spending threshold)
  • The required checks
  • Whether to include AI-specific vendor questions (does the tool train on your data, where is it stored)
  • Who approves a new vendor
  • How often vendors are reassessed

What you get

A policy covering review triggers, information-security review, data handling and privacy, AI-specific vendor questions, approval authority, ongoing monitoring, and an adoption page.

Pairs well with

The Vendor DPA template on your free Privacy policy for the legal terms, plus Risk Management and Compliance Tracker.

Acceptable Use & Devices

BYOD & Remote-Work Device Policy

Drafts a device-security policy for the personal phones and laptops your people use for organization work. It covers the security side only; for the employment terms of remote work, see HR Management.

What it asks

  • Your personal-device rule (passcode plus remote wipe, approved devices only, or organization-issued only)
  • Home network and public wifi expectations
  • Who to report a lost or stolen device to
  • What happens to organization data when someone leaves

What you get

A policy covering eligible devices, minimum security requirements, protecting organization data on personal devices, networks, lost-or-stolen reporting, offboarding and data removal, and an adoption page.

Vendors & Social

Social Media Policy

Drafts a standalone social media policy. Until now, social media rules lived as a single line inside the free Acceptable Use generator; this gives them a proper home.

What it asks

  • Who is authorized to post on official accounts
  • Your approval and publishing workflow
  • The personal-account rule for staff and volunteers
  • Your brand voice
  • Who handles complaints or a social media crisis

What you get

A policy covering who may post, the approval process, account security and access, personal use and affiliation, tone and brand, responding to comments and complaints, and an adoption page.