Legal Docs Checklist for start ups

04/04/2025

Congrats on starting your new venture. It is an exciting time as your idea begins to take shape into something marketable in the near future.

As you start to form your team and become a proper company, there are some key documents you should get right at this early stage. There are some very common errors made right at the beginning of a company’s journey that can be expensive to fix later.

Let’s have a look at four of the key docs.

Men holding a legal Docs Checklist for start ups

Shareholders’ Agreement
Contractor Agreement
Privacy Policy
T&Cs or Terms of Use

Shareholders’ Agreement

Between founders, and also with family and friend investors, you will need a ‘prenup’ agreement. And any investors you bring into your business will bring their own expectations for the legal protections they should have. These agreed terms between the business’s owners are set out in a shareholders’ agreement.

What is a shareholders’ agreement?

The Company Constitution or Articles contain much of the nuts and bolts of how your company will operate legally, but it is the Shareholders’ Agreement that normally governs your legal relationship with founders, business partners, and investors.

In the shareholders’ agreement you will sign up to a lot of rules, but particularly: (i) rules on operating the business (eg any restrictions on shareholders and if any shareholders have special rights on voting or appointments); (ii) rules on how shares can be issued that will impact your control over the business (eg how and on what conditions the company can issue new shares for future fund raises and perhaps restrictions on the sale of shares); and (iii) what rights each shareholder has during an exit event (eg being forced to sell shares at a certain price (drag) or the right to force others to sell (tag)).

What to look out for?

New business partners, including investors, will understandably want protection on their investment of time, energy and money. You need to understand what restrictions there might be on your ability to run the business in the direction you want in the future, and how easy it will be to raise capital if you are no longer getting along with your business partners.

It is hard for founders because at this early stage, the investor may hold the cards, but if you hamstring yourself early on, then you could have to spend a lot of founder time and energy extracting the business from the deal.

Between the founders, you need a fair mechanism in place if a founder wants to leave or if a dispute cannot be resolved.

Contractor Agreement

Early on, it is likely you will use contractors rather than staff, especially for software design and development. Contractors offer flexible manpower, bring expertise you do not have and cannot afford full-time, and will often deliver projects for a fixed cost.

What is a contractor’s agreement?

Simply a written agreement with your contractor on what they will do and for how much.

What to look out for?

IP that your employees create is automatically owned by the company which employs them, which is great. But the opposite is true for contractors: the contractor will own the IP unless the contractor agreement includes a strong clause that transfers (assigns, in legal speak) the IP to your company.

The issue is sometimes not spotted until an investor is doing their due diligence and they ask the company to fix it. And at that point, the contractor may know their rights and value, and it could be expensive to fix. This is more common than you might think.

This is also true for the founders. If there is no employment agreement with the founders, they may be acting as contractors to the company, and the IP they generate will belong to the founders, not the company. If the founders fall out, then it can be very, very expensive for the company to fix.

It is definitely worth the time to get the IP in the right place early on with bulletproof contractor agreements.

Privacy Policy

It is pretty likely you’ll use a lot of personal data to power your business. Either as part of the main service or at the very least in your CRM.

What is a privacy policy?

The Privacy Policy is a notice, not a contract, that explains how you use personal data and the rights your customers have. It is usually in the footer of your website or app, and you may flag it to your customers during onboarding or sign-up.

What to look out for

The Privacy Policy will govern how you may use your customers’ personal data. Think of it as a transparent and open promise to your customers. If, later on down the line, you want to use the data in ways not described in your privacy policy, you may find you cannot legally process it in the new way. But your privacy policy needs to be reasonably precise, so you cannot just say you can use the data for anything. This is a tricky area.

There are also a fair few points that need to be covered in your Privacy Policy to comply with the Australian Privacy Act, the EU/UK GDPR and various US state laws. It will be an administrative pain to have to re-write and re-send your privacy policy to all customers if you (or even worse a regulator) spot your error later on.

As with contractor agreements and the Terms of Use/T&Cs, your future investors will carefully review your Privacy Policy during due diligence. The Australian regulator is becoming increasingly aggressive in its enforcement, and the compliant processing of data is a key risk for investors.

T&Cs or Terms of Use

You obviously want to do business on your own terms rather than on your clients’ terms. It will put you in a better legal position if a dispute ever arises, and, on a practical level, you can align all your processes (e.g., billing timing, notices you might need to send to customers, and the data security promises you might make in contracts).

What are the terms and conditions?

The legal contract under which your company will do business with its customers. In an ideal world, all customers will sign up to your T&Cs, but that is often not the reality. If you are lucky enough to sell to big banks, telcos or large government departments, then they will insist you contract on their own standard agreements.

A good rule of thumb for an average SaaS business is that 80% – 90% of contracts will be on your standard T&Cs, 10% – 15% will be on your T&Cs with some amendments, and then the largest 5% or so of clients will insist on their own T&Cs, and you will have to make them work for your business.

What to look out for

There is not much point in having your lawyers draft you fantastic T&Cs that protect you to the nth degree but are not balanced. A pragmatic and commercial approach is needed in your T&Cs. Yes, they should address the key risks to your business, but not to the point that the terms become overly one-sided.

This is because:

You will waste far too much time and resources arguing over your T&Cs if your customers read them and simply cannot sign them. As a small business, you will be accepting many of the changes your prospects suggest anyway, so you may as well shorten the sales cycle by making your T&Cs fairer in the first place.
Under Australian consumer law, unfair terms can be struck out as voidable by the court. And you could even be fined for unfair terms. This law also applies to any standard term document you send to a company of under 100 staff, which is the majority of your customer base.

Please let us know if you would like some help with these key documents so that your business is in the best possible place.

Peter Violaris

peter@uxlaw.com.au