How to save and when not to save on legal — Customer Contracts for early stage startups
Whether and how to save best always depends on your business type, stage, and the present circumstances you face. Some businesses have online customer contracts (like terms of service or other clickthroughs) and some have negotiated documents. This post covers both.
The answer when to spend vs. save is very different if you are a company whose products exist offline (biotech or hardware) vs online. It matters if your product is online whether it is B2B vs B2C SaaS, or if you have a mobile app. To be on the app stores, you will have to have some terms and privacy policy and people have to decide when (not whether) to invest in one.
Many founders think that just copying and pasting what a competitor wrote, finding a random form online, or using a form generator helps them get to market faster, which may be true — but it’s less clear whether it’s worth the speed. Folks think “we’ll just update them later if this works.”
There are tow BIG problems with this:
- Your competitors are probably bigger and more established and have spent money on lawyers to write about their compliance realities, which are probably greater than yours. A misrepresentation in your privacy policy causes greater harm than an omission, so you don’t want to say you’re doing things you are not actually doing.
- UPDATING your online terms of service is NOT easy. Courts have consistently said that you need to give an increasing amount of notice and consent to bind users to updated terms. It’s not a frictionless process if you want it to work.
Plus, you can prevent a huge chunk of lawsuits with some tricks in your terms. So, spending here DOES have upside sometimes.
Here’s when you may want to think about spending on legal depending on your business.
Offline Businesses
If your website does nothing but marketing and doesn’t collect personal data, you can use one of many form generators in relative safety. This is applicable to startups doing things like biotech or hardware or consumer goods where the website doesn’t interact with anyone, just tells the world what you do. Your terms are not your customer contract, so more standardization saves, but generally does not cost, money.
Note that if you collect email for a newsletter and share it with a third party to send emails, you DO collect and share personal information. If you use any kind of marketing or SEO service, you probably do too. Take the opportunity during the sales process for such tools to ask about what data they collect and share to make sure you know what you might need to disclose in your privacy policy. State laws requires that you have one if you collect info online.
If you DIY your privacy policy, and you collect any personal info, sit your whole team down and walk through whatever the form generator produced on your privacy policy and go through it to discuss everything you collect, use, secure and share and make sure it’s included and accurate.
B2C SaaS
If you are B2C SaaS:
Your terms of service are your primary contract with all of your customers. You should not copy a competitor’s terms and privacy policy, full stop. If you absolutely have no budget, use a form generator to start, but do your own terms (and expect to update them regularly) before you start hiring. Rememebr, a misrepresentation in these documents is much worse than an omission, and their are lawyers who make a living by making your future painful if you promise something you don’t do that even ostensibly hurts consumers.
On the privacy policy, sit your entire team down (if you are too big for this or if you have 25,000+ users in any state, you are big enough to pay a lawyer because you can kill your business skipping one). Map your data flows on a piece of paper or diagramming software, and talk about EVERY kind of personal data you collect, how you use it, who you share it with, and how it is secured. Write this information down. Use this information and mimic the STRUCTURE, not the content, of a competitor policy, noting that they may have provisions to comply with laws that don’t apply to you. If you collect sensitive data like health or financial data, if you use biometrics in any way, or if you are using (and paying for) retargeting technologies, find the money to pay a lawyer, too, because it will cost you 10–100X as much to deal with disputes about this as it will to have a lawyer help you prevent disputes.
As context, right now hundreds if not thousands of cash-poor startups are paying out $20K-200K settlements because they used a “tracking technology” they didn’t properly disclose — in some cases, something they didn’t realize they were doing — because it’s cheaper than paying a lawyer to defend them now tht they got caught. Beware saving money now that costs you MUCH more money later.
If you are B2C SaaS, your terms are what give you the right to charge your customer and the only thing practically (not legally) protecting you from them just stealing your code from the browser or using it for a scam. Unless you are doing exactly what a big competitor is doing (in which case, why are you here?), copying theirs is likely to do something you don’t understand, which may or may not be a very bad thing.
B2B SaaS
When you work with bsuiensses at lower price points, using clickthrough terms generally works well, and you can use the guidance above for B2C SaaS for you.
When you target large enterprises with in house legal departments or charge much higher prices (four figures or more) for your products and services, don’t expect to have many customers click through your agreement until your product has a very strong market position.
Here, the mistake many founders make is just grabbing a form online (even from a reputable source). Assuming you didn’t go to law school and practice law for 5+ years, you probably have no idea what TYPE of form you need much less what it should say, this is true of vendor and partner agreements too — I’ve seen clients grab something with the “right” title online that completely screwed their business.
You think you are saving yourself time and money on lawyers, but you’re not.
Sending a random form that isn’t tailored to what you do can actually cost you much more than it saves. As context, I have a few Enterprise AI clients who started off using the YC SaaS template. Their time to close was between 1–4 months, every customer negotiated (even if they just accepted whatever the customer wanted and took on huge liability), and they spent $2–4000 on lawyers when they did negotiate. They ended up with a bunch of drastically different terms, indemnities, and obligations they didn’t track or understand. When we used Story Attorney Alliance lawyers (for between $4–10K) to draft a form customized form for them and prepared arguments for customers, only about 1/6 customers negotiate at all, those who do raise 1–2 key points, and the clients spend <$500 per negotiation when it happens. I literally have a customer who spent 3x what he spent on his new form for a few dozen customers to negotiate the YC SaaS form with ONE customer — and they make the same amount for each of those deals.
For your first customer, flagship customers, or other must-haves for the business, closing fast and keeping them happy is paramount. A form agreement not meant for your business will NOT do either. Even a form agreement meant for your business will not force them to stay if they’re unhappy.
What you can for these first customers when you lack a legal budget is announce happily “we’d be happy to use your standard vendor form!” Big companies all have these, and you’re really just reading to understand your obligations and risks you’ll be assuming. You will not get a good deal for you in terms of legal on this, and you won’t get one on a random form either — but, this way, you can use your negotiating leverage (what little there is) on pricing and renewal. You can even invite them to insert language for any pilot or trial period, etc — in other words, use the in-house lawyers they are already paying. As a bonus, this gives them comfort about the relationship up front; you’re saying “I’ll meet you on terms you knwo you’re comfortable with.”
If you use a bigger competitor’s contract (which you probably can’t find anyway), you are probably in breach of the contract because they are paying lawyers and compliance costs that you are not in order to make those promises. Same applies with their terms of service — you’re not spending on the massive operational measures they are for privacy, security, etc.
You may think that not having a privacy policy or having a copied one is a savings, but it will take < 3 customer deals before someone starts asking you about it.
If you do big deals with big companies, spending some money on a good form will SAVE you money — not just cash, but your time, friction, and peace of mind.
If you target large enterprises with in-house legal and expect to negotiate contracts, it actually costs you more to skip lawyers. Lawyers are a necessary cost of doing business in this sector, but with the right prep you can spend 10x-50x less on them.
Story’s AutoGC software helps you prep and connect with efficient lawyers who know your vertical to draft a better agreement (including a clickthrough agreement) at a fraction of the cost. For our early subscribers, we even automate your form so you can prepare one for each customers anytime, and further engage lawyers only for mission-critical negotiations.
This post is not legal advice and I am not your lawyer :) If you want me to be your lawyer, you can engage us and our software support through story.law.