
Ask HN: How do small startups handle customized changes to terms and policies? - williamstein
More and more, customers of our relatively small startup (https:&#x2F;&#x2F;CoCalc.com) have been emailing us to say &quot;Based on the review of the terms&#x2F;privacy policy, we can only contract for services with the signed modification to your terms.&quot;  These typically come from universities or high schools, both in the US and Europe.   Our official Terms of Service (which were drafted in consultation with a reputable law firm) are here: https:&#x2F;&#x2F;cocalc.com&#x2F;policies&#x2F;.   The changes that are requested by customers are often described as being required by local law.  For example, a university in Texas added a bunch of requirement including &quot;you will not boycott Israel&quot;, among many other changes.   The most recent request from a school has numerous new terms involving precisely how security of the site is periodically audited, data about how students will be shared (e.g., it will never be stored outside the USA), etc.<p>QUESTION: what do some other small startups do in situations like this?<p>It seems like our realistic options are (1) pay lawyers and hope it pays off later, (2) do the best we can, but without official legal advice, (3) just say no unless the customer lifetime value exceeds some threshold, (4) just say yes to any reputable client, irregardless of size, and possibly subject ourselves to some surprise liability down the road.<p>Regarding (4), these customers are very reputable universities and schools who are just trying to comply will all local laws and best support their student&#x27;s privacy -- they are not malicious or trying to take advantage of us.  The requirements mostly seem reasonable and something we can comply with, assuming I understand them correctly.<p>So far we have done some combination of (1) and (2).  When we ask the universities what happens when they deal with companies, they will do things like tell stories about how different it was to deal with Microsoft and Apple, which isn&#x27;t really helpful, since those companies are massive.
======
mtmail
We've raised prices, or rather asked for annual prepayment of one of the
higher plans. It's usually the customers who demand more complex billing
arrangements and yearly chasing to get the next invoice approved. Anti-slavery
amendments seems normal, one asking to boycott (not not boycott) we wouldn't
sign, the extra long forms about security ("state how often you change the
wifi password") we refused as over-binding.

Funniest was to agree to take down any content of erotic nature within X hours
after notifications. We deal with geographic data (addresses) and there's many
places around the world with "naughty" names. We can't remove those (facts)
from our database just because a customer is offended.

~~~
williamstein
Thanks for sharing your experience. Did you raise prices, then use the extra
money to consult with a _lawyer_?

