For founders aspiring to build the best companies, this library of documents has been custom crafted by a preeminent law firm and leading experts in security & privacy to make it easy to raise the bar.
As you start your entrepreneurial journey, this can be your trusted resource to jumpstart both your company’s operations and your mission.
This document describes how a company will collect, use, user information that is collected through their website. Our privacy policy contains standards that automatically protect more user rights than the status quo. (Click to download .docx)
This document outlines the conditions individual users agree to in order to access and/or use a website. (Click to download .docx)
This document was created to implement best-in-class measures designed to safeguard users’ data. (Click to download .docx)
An agreement used when a party may buy software development services from a third party contractor that is an individual to define the scope, respective intellectual property, confidentiality, compensation, etc. (Click to download .docx)
An agreement used when a party may buy software development services from a third party contractor that is a company to define the scope, respective intellectual property, confidentiality, compensation, etc. (Click to download .docx)
An agreement between a party buying any type of services or products from an individual contractor and used to define the scope, respective intellectual property, confidentiality, compensation, etc. (Click to download .docx)
An agreement between a party buying any type of services or products from a company and used to define the scope, respective intellectual property, confidentiality, compensation, etc. (Click to download .docx)
A NOPP is only required under HIPAA for Covered Entities (i.e., a health plan, a healthcare clearinghouse, or a health care provider under specific circumstances). (Click to download .docx)
An agreement used between two parties when collaborating on a project to specify the scope of the collaboration, respective intellectual property rights, confidentiality, dispute resolution, etc. (Click to download .docx)
An agreement used when one party engages another party to introduce potential customers or sales, setting terms around expectations, performance, and compensation. (Click to download .docx)
An agreement used between two parties where one sells a SaaS offering to the other for the other party’s internal use. (Click to download .docx)
Founder FAQ
What’s so special or different about these documents compared to any other legal document I can just copy off the internet?
Many startup founders resort to generic, often outdated privacy policies and terms of service. These templates, commonly copied from competitors or drafted by legal teams focused on minimizing liability, often fall short in safeguarding the very people they should protect: users. As a result, many startups, particularly in their early stages, end up with practices that unintentionally compromise user privacy, collect excessive data, and/or mismanage sensitive information. This poses real risks for both users and the startup themselves in the case of data breaches and/or lawsuits. We are flipping the script. Our offering was carefully curated to be easy to understand as well as to protect both the startup and users, by building in clauses like not releasing user information unless it is under a court-order, and more!
How do I use these documents?
Some of these documents can be published on your website in a public-facing manner after you have confirmed that the stipulations apply to your business and consulted your counsel. Examples of these would include the privacy policy and terms of use documents. Other documents would be legal terms that are exchanged between you and your vendors, partners, affiliates, etc. and kept for record-keeping.
What stage of founders would use this?
These documents are crucial at the earliest stages of a company’s lifecycle, usually defined as pre-seed and seed stage.
What kind of companies are these for?
These documents were created using feedback from VC-backed founders and vetted by industry leaders in venture capital, law, and data privacy. And while these documents have been crafted to be adaptable to companies across industries, the focus is largely on early stage software start ups. As you scale, (Series A+), you’ll likely be retaining in-house counsel or formally hiring external counsel for bespoke legal advice.
Why do I need a Privacy Policy?
No matter the size or nature of your business, there are existential risks to not having a privacy policy, including litigation from adversarial and regulatory entities.
What if I need to collect sensitive information?
If you collect sensitive information, you’re beholden to more complex regulatory compliance obligations. You have to store data in certain ways and to report how long you’re storing that data, exposing yourself to more liability by collecting this information. We absolutely advocate for actively disclosing the information you are collecting to your users and how you are storing it.
Does this comply with CCPA and GDPR?
Businesses that meet one of the following criteria are required to comply with the California Consumer Privacy Act (CCPA) - “Have a gross annual revenue of over $25 million; Buy, sell, or share the personal information of 100,000 or more California residents or households; or. Derive 50% or more of their annual revenue from selling California residents' personal information.” Early stage startups, our target demographic, will generally not meet these thresholds. While our policies are designed to be privacy-rights respecting, each company is responsible for ensuring that the policies they post accurately reflect business practices and compliance with regulations as they scale.
In addition, any company that processes the personal data of EU citizens, by having customers or users located in the EU, has to apply to the General Data Protection Regulation (GDPR).
For that purpose, we recommend that founders reach out to counsel, and we can provide contact information for counsel that may be able to advise on these documents. Please feel free to indicate your interest via our contact form.
Legal Disclaimer:
These documents have been crafted as exemplar form documents for ex/ante and the Ford Foundation for general informational purposes only, but no form documents can ever be a replacement for your direct engagement of legal counsel. Because these documents are general in nature, they may not address your specific needs, reflect recent developments in the law, or be accurate or applicable to your jurisdiction. We encourage you to seek advice from an attorney licensed in the relevant jurisdictions before relying on these documents. It is your responsibility to ensure that any policies you adopt accurately reflect your business practices and that any agreements you enter into with third parties will work for your company. We can also provide contact information for counsel that may be able to advise on these documents. Please feel free to indicate your interest via our contact form.