I have a pattern I like for keeping my custom user policies neatly separated from the Qubes system policies:

[user@dom0 ~]$ tree /usr/local/etc/qubes/policy.d/
/usr/local/etc/qubes/policy.d/
├── available
│   ├── 30-dispvm-usb-input.policy
│   ├── 30-split-gpg2.policy
│   └── 30-split-ssh.policy
└── enabled
    ├── 30-dispvm-usb-input.policy -> /usr/local/etc/qubes/policy.d/available/30-dispvm-usb-input.policy
    ├── 30-split-gpg2.policy -> /usr/local/etc/qubes/policy.d/available/30-split-gpg2.policy
    └── 30-split-ssh.policy -> /usr/local/etc/qubes/policy.d/available/30-split-ssh.policy

3 directories, 6 files

I write/edit my custom policies in /usr/local/etc/qubes/policy.d/available, and then I symlink to them in ../enabled

I include them using a simple file at /etc/qubes/policy.d/10-user-custom.policy:

!include-dir /usr/local/etc/qubes/policy.d/enabled

Why?

This offers two benefits: 1. I can keep my custom policies separated from the system-managed policies, whether from the global config tool or from packages or where ever

1. I can enable/disable policy files on the fly by creating/removing the symlinks

You can of course also place these in your home directory for easier access (for example /home/${USER}/.config/qubes/policy.d/{available,enabled}