It’s no secret that startups don’t often pay attention to the stringent requirements of legal. They are most often moving too quickly, trying to get their product up to snuff, and making themselves competitive in their respective markets. As a result, for the developers who are building the product -- app, mobile store, e-commerce site -- Terms and Conditions are the last thing on their minds.
Take the fictional example of Timmy. Timmy is bright and motivated, the bold, innovative thinker that everyone knew would make waves in tech. Timmy currently owns a unicorn startup that’s raised billions in Series B and was listed on the top fastest growing companies of the last decade.
But they weren’t always here.
Timmy’s startup went through its fair share of growing pains, especially when it came to developing a comprehensive system for managing Terms and Conditions.
These are the four stages that Tech Timmy went through in the development of his business.
At the very early stages of their company, which was essentially a loosely cobbled together `create-react-app` project with a grand vision for the future, Timmy just wanted to get something out in the wild.
Startups at this stage often don’t care -- or know -- too much about Terms and Conditions and why they are needed to protect a business from liability. Following the lead of other businesses, most young companies include static text on the registration flow that read, "By clicking below you agree to our terms and conditions."
This may be fine in the beginning, but once your app becomes more polished and the user base starts to grow, your business will need actual Terms and Conditions.
You might think: why care about all this stuff this early on?
Potential legal ramifications aside, it is never too early to get a system established for managing your T&Cs. As great as it is to push building a system to manage this down the road, the locations and complexity (and risk) will only continue to grow as the platform and user base grows. #devproblems.
Timmy’s company is gaining momentum in the market, and even has a few users in its early beta testing stages. Terms and Conditions is the last thing on Timmy’s mind, so they get their agreements from the first page of Google search results.
Startups at this stage are mainly concerned with developing their product as thoroughly as possible and putting it on the market, and less with their Terms. But because of constant emails about updating Terms and Conditions, startups at this phase know they need a Terms, and may have copied and pasted Terms from Google.
But is it better than nothing? From a legal perspective, probably not.
If the terms copied from the internet, the entire document could be thrown out as unenforceable if brought to court. These unoriginal terms could include or be missing specific provisions that are or are not specific to the startup and therefore won’t do much to protect the business in court.
At this point, in addition to having terms crafted specifically for your business’ needs, you actually need an <a href> for your terms, and you’ll need to host them online somewhere that you can update as needed.
As Timmy’s business continues to grow its user base, build out key features, and gain a solid foothold in the market, Timmy is starting to learn that Terms and Conditions are contracts that have serious legal consequences.
As your user base grows, so does the risk of litigation and therefore the need for comprehensive terms. Early/mid-stage startups either have or are consulting with a legal professional to fully grasp what precautions need to be taken to protect the company from risk.
Because businesses are not static, contracts can’t, or shouldn’t, be either. Companies need the ability to change their Terms and add new policies as new regulations come into effect (e.g. GDPR in May 2018 and CCPA in Jan 2020). As litigation increases, there also needs to be a way to track which of your customers accepted what agreement, and when. (Facebook wasn’t able to do this for individual users last year.)
Since Terms and Conditions are contracts, they might change with some frequency. Startups at this stage, as a practice, tend to have updates handled and pushed by a development team.
Developers then need to be able to track whether or not a user accepted a contract at all, and if they did, what version of a contract user actually accepted. This will need to happen before the user actually gets into your system.
With great growth comes great visibility, or however the saying goes. As Timmy does business all over the country and tries to expand into Canada, they can more or less just let their legal team deal with the odds and ends of every day contracting. But if a user tries to take legal action, can Timmy’s Terms hold up in court?
A real concern for many tech startups is data breaches and the agony of being summoned to testify in court or provide a declaration.
Does anyone really want to pull their basement-dwelling engineer up on stage in front of bright lights to defend how their middle-out compression algorithm ensures the lossless compression of their legal terms? Just ask Angie's List and Safeway how well that worked out. Could your company even do it in time? Just how long do you really keep logs? Could you prove beyond a shadow of a doubt that a particular user agreed to your terms? Are your terms designed to provide conspicuous notice of the existence of your terms?
When it comes to litigation, it is not just a matter of if you can provide these crucial pieces of evidence. There is often a time limit for retrieving any records, screenshots, versions, access logs, etc. The kicker: you must be able to prove beyond a shadow of a doubt that those records haven't been tampered with.
Developers will need to verify that the data collected is neither incomplete nor corruptible. and that they are tracking everything necessary to be able to defend the company against the changing legal landscape.
This might not be what any other high-growth stage tech startup wants to think about, but in order to mitigate risk and be able to keep the revenue you’ve worked so hard for, these considerations are crucial.
A business that becomes as successful as Timmy’s has need to make these legal considerations upfront. Either build out your system correctly from the jump, collecting key data points and being able to prove the validity of online agreements, or implement a third-party solution that can manage these things for you.
With PactSafe, it is possible to ensure that you are tracking personalized acceptances and that as many key data points are captured as possible. To learn more about how PactSafe does this for you, sign up for a developer account.