Legal, IP & Compliance
Business Structure Recommendation
Recommended Structure: Delaware C-Corp
Rationale: Given the venture-backed nature and potential for partnerships with pharma companies, a C-Corp offers the most flexibility and investor appeal. It provides limited liability protection, supports stock options for attracting talent, and aligns with the industry-standard for scaling businesses. The setup cost is approximately $800-$2,000, with an annual maintenance cost of around $1,000, including franchise taxes and registered agent fees. Incorporation should occur pre-launch to facilitate fundraising and partnership agreements.
Formation Cost: $800-$2,000
Annual Maintenance: $1,000/year
Timeline: 2-3 weeks to form
Intellectual Property Strategy
Trademark Protection
| Asset | Status | Priority | Cost | Timeline |
|---|---|---|---|---|
| Product Name | Not protected | High | $500-$1,500 | 8-12 months |
| Logo | Not protected | Medium | $500-$1,500 | 8-12 months |
| Tagline | Consider | Low | $500-$1,500 | 8-12 months |
| Domain | Assumed | Critical | $10-$50/year | Immediate |
Patent Considerations
Patentable Technology? No
Patent Strategy Recommendation: Trade secret approach instead
Rationale: The platform primarily leverages existing public APIs and focuses on user experience and matching algorithms, which do not meet the novelty requirements for patent protection. Instead, protecting the proprietary matching algorithm and user interface design as trade secrets is more cost-effective and aligns with the business model.
Trade Secrets
What to Protect: Proprietary matching algorithm, user interface design, and data analysis methods.
Protection Methods: Use NDAs with employees and contractors, implement access controls, and have employment agreements with non-compete clauses where legally permissible.
Copyright Protection
Automatically Protected: Source code, content, and documentation.
Recommended Actions: Add copyright notices to code and content, and use open-source licenses appropriately.
Data Privacy & Protection
| Regulation | Applies? | Why | Key Requirements |
|---|---|---|---|
| GDPR | Yes | EU users | Consent, data rights, DPA |
| CCPA/CPRA | Maybe | CA users, revenue threshold | Opt-out, disclosure, rights |
| COPPA | No | No users under 13 | Parental consent |
| HIPAA | No | No health data | Security, BAA |
| SOC 2 | No | Not applicable | Security audit |
| PCI-DSS | Handled by Stripe | Payment processing | Use Stripe, minimal handling |
Privacy Documentation Required
- Privacy Policy: $0-$200 (generator) or $1,000-$3,000 (attorney)
- Terms of Service: $0-$200 (generator) or $1,000-$3,000 (attorney)
- Cookie Consent Banner: $0-$50
- Data Processing Agreement (DPA): Standard template available
Terms of Service Key Provisions
- Limitation of Liability: Cap liability at fees paid, exclude consequential damages.
- Indemnification: User indemnifies for their content/data.
- Intellectual Property: Company retains all IP in the product.
- Acceptable Use Policy: Prohibit illegal, harmful, or competitive analysis.
- Disclaimers: AI output is not professional advice.
- Payment Terms: Billing cycles, cancellation, refunds.
- Dispute Resolution: Arbitration clause, governing law and jurisdiction.
Regulatory Compliance
| Regulation | Domain | Applies? | Requirements |
|---|---|---|---|
| FTC Guidelines | All | Yes | Truth in advertising, endorsements |
| CAN-SPAM | Yes | Unsubscribe, sender ID, no deception | |
| ADA/WCAG | Web | Recommended | Accessibility standards |
| Export Controls | AI/Tech | Maybe | ITAR, EAR considerations |
| AI-Specific Laws | AI products | Emerging | EU AI Act, state laws |
Contracts & Agreements Needed
Internal Agreements
| Agreement | Purpose | Priority | Template Cost |
|---|---|---|---|
| Founder Agreement | Equity, roles, vesting | Critical | $0-$500 |
| IP Assignment | Company owns all IP | Critical | $100-$300 |
| Advisor Agreement | Terms for advisors | Medium | $100-$300 |
| Employee Offer Letter | Employment terms | When hiring | $100-$200 |
| Contractor Agreement | Work-for-hire, NDA | When contracting | $100-$300 |
External Agreements
| Agreement | Purpose | Priority | Notes |
|---|---|---|---|
| Privacy Policy | User data handling | Critical (launch) | Required by law |
| Terms of Service | User agreement | Critical (launch) | Required for operation |
| DPA (Data Processing) | B2B GDPR compliance | High (if B2B) | Standard template |
| SLA | Service level for enterprise | Medium (enterprise) | Uptime, support commitments |
| Master Services Agreement | Enterprise contracts | Medium (enterprise) | Custom negotiation |
| Partner Agreement | Referral/affiliate terms | Low (future) | Revenue share, terms |
Insurance Requirements
| Insurance Type | Purpose | Typical Cost | Priority |
|---|---|---|---|
| General Liability | Physical injury/property damage | $500-$1,500/year | Medium |
| Professional Liability (E&O) | Service errors, negligence | $1,000-$3,000/year | High |
| Cyber Liability | Data breaches, cyber attacks | $1,500-$5,000/year | High |
| D&O Insurance | Directors & Officers protection | $2,000-$5,000/year | High |
| Workers' Comp | Employee injuries | Varies | Required (if employees) |
Compliance Checklist by Stage
Pre-Launch:
- [ ] Entity formation (LLC or C-Corp)
- [ ] EIN from IRS
- [ ] Business bank account
- [ ] Privacy Policy drafted and published
- [ ] Terms of Service drafted and published
- [ ] Cookie consent (if EU users)
- [ ] Trademark search completed
- [ ] IP assignment signed (if working with contractors)
At Launch:
- [ ] All agreements live on website
- [ ] Email compliance (CAN-SPAM footer, unsubscribe)
- [ ] AI disclaimers visible
- [ ] Payment processing compliant (Stripe handles PCI)
- [ ] Analytics consent (GDPR if applicable)
Post-Launch (0-6 months):
- [ ] File trademark application
- [ ] Professional liability insurance
- [ ] Cyber liability insurance
- [ ] Data backup and retention policy
- [ ] Security incident response plan
Growth Stage:
- [ ] SOC 2 Type 1 (if enterprise customers)
- [ ] D&O insurance
- [ ] Employment law compliance (if hiring)
- [ ] International expansion legal review
Legal Budget Estimate
| Item | DIY Cost | Attorney Cost | Recommended |
|---|---|---|---|
| LLC/Corp Formation | $100-$500 | $500-$1,500 | DIY (Stripe Atlas, Clerky) |
| Privacy Policy | $0-$100 | $1,000-$3,000 | Template + brief review |
| Terms of Service | $0-$100 | $1,000-$3,000 | Template + brief review |
| Trademark Search | $50-$100 | $300-$500 | DIY search recommended |
| Trademark Filing | $250-$400 | $1,000-$2,000 | DIY or attorney |
| Contractor Agreements | $50-$200 | $500-$1,000 | Templates |
| General Legal Advice | N/A | $1,000-$3,000 | 2-3 hour consult |
| Total Year 1 | $450-$1,500 | $5,000-$15,000 | $1,000-$3,000 blended |
Legal Risks & Mitigations
| Risk | Mitigation | Severity |
|---|---|---|
| AI Output Liability | Strong disclaimers, "not professional advice" language, E&O insurance | 🟡 Medium |
| Data Breach | Encrypt data, use secure providers, cyber insurance, incident plan | 🔴 High |
| IP Infringement | Comprehensive trademark search before launch | 🟡 Medium |
| User-Generated Content Issues | Terms of Service, content guidelines, moderation (if needed) | 🟢 Low |