When your Terms of Service, End User License Agreement and Privacy Policy are first drafted they reflect how your software operates at a particular point in time.  However, as software and your business changes over time, these documents are often left behind and stop reflecting how the software operates.  The effectiveness of these documents is hindered when your software steps beyond their scope.

Not every change to your software requires an amendment to the ToS, EULA or PP.  Where the change is encompassed by the language of the documents, no amendment is required.  Conversely, if the change adds a new, or changes a current, feature, collects additional information or uses information differently and that is not reflected in these legal documents, then an amendment is likely required.

Ideally, your documents should constantly evolve, lockstep with your software’s evolution, and allow you to avoid the effort and cost involved in drafting new, or substantially amended, documents every few years.  Where you believe that a software change is not reflected in your ToS, EULA or PP, I recommend consulting with your legal counsel to determine whether an amendment to these documents is needed.

If you hire a 3rd party app developer, be sure to agree in writing on who is responsible for the app privacy policy.  Too frequently, the privacy policy is left out of the development agreement, leaving the client to figure out the information collection practices of an app they did not develop.

The privacy policy must detail what information is collected, how information is used and who information is disclosed to.  The developer is in the best position to prepare the privacy policy as they know what information the app collects.  While the client may have an idea of what information is collected, mere ideas are too speculative for the exactness required in a privacy policy.

When entering into an agreement with a 3rd party app developer, be sure that privacy policy responsibility is addressed in the agreement.  Two common approaches are:

1.  Assistance:  the developer will provide the client with all information necessary for the client to create a privacy policy and, if necessary, will work with the client’s lawyer to collect this information.  Limits may be set on the amount of time the developer will devote to this.

2.  Create:  the developer will create an original privacy policy for the client.  Never allow a developer to copy another company’s privacy policy as this policy does not reflect your information practices and may constitute copyright infringement.

If the developer does not want to assist with a privacy policy, consider looking elsewhere.  A “finished” app still requires legal documents to protect your company and to comply with the law.  A developer that won’t assist with legal compliance is not providing a complete product.

Twitter, Facebook and other social media accounts are an important part of the online identity of a business.  As disputes over ownership of social media accounts rise, businesses need to understand the implications of employees using personal social media accounts for the benefit of the business.

In the U.S., a number of recent court cases address ownership of an employee’s personal social media accounts that were used to promote their employer’s business as well as what rights an employer has to access those accounts:

1.  Access

Employers cannot intentionally access an employee’s personal social media accounts without authorization (even when that employee uses those accounts as part of their employment.)  Further, the employer should receive authorization to use those accounts and the extent of that authorization should be clearly laid out on paper.

2.  Personal Accounts Remain Personal

When an employee brings their personal social media accounts to a business the personal nature of those accounts, in many cases, does not change even though the accounts may be used to promote their employer’s business. Use of those accounts by an employer beyond authorization may constitute a false association of the business with the employee or violate state specific publicity statutes or common law privacy rights.

The Solution:  If possible, start fresh and create a new social media account and password for the employee. The password should be immediately changed when the employee leaves the company.  Where you must use an employee’s personal account, I recommend that the terms of such use be put in writing and that details the scope of use, access rights and ownership of the accounts and related content.  Alternatively, if the personal social media account is important to your business, consider purchasing it from the employee.

To summarize the last few blog posts: I advocated that Canadians should incorporate in Canada and, if located in B.C., incorporate in B.C. instead of federally.  The next decision to make concerns the company’s share structure.

I recommend incorporating your startup with a single class of common shares – simple.  Often I am asked about more complex share structures, such as a preferred class, a non-voting class or a section 85 class.  While there are situations where I recommend creating these classes, do not request their creation without understanding why you need them.

Preferred shares, while desired by investors, typically are not created until the investment is secured as you do not know the structure of the preferred shares the investors will want and each investor is different.  There are types of preferred shares that can be molded for future investors (blank cheque preferred) but I tend to stray away from these shares as they are divisive among investors and lawyers.

Non-voting shares can be used for friends/family investors and awarding employees without diluting your voting power.  Erring on the side of simplicity, I recommend using common shares for these purposes but tying the common shares to a voting rights/trust agreement (or proxy agreement) that restricts how those shares are voted.  This maintains corporate structure simplicity while achieving the same goals.  Again, if you don’t have an exact reason for creating these shares, then I recommend against it.

Section 85 shares are used for a tax-deferred transfer of valuable assets to the company.  For example, if you owned an expensive mainframe and wanted to transfer it to the company (without loaning money to the company in order to buy your own mainframe).  Most startups do not have valuable assets to transfer to the company so this structure is not needed.  Instead, simply have the company buy the assets for a reasonable sum.

Finally, I always recommend creating a share structure familiar to investors.  To that end, a common share only structure is frequently seen in U.S. and Canadian startups and will be familiar to those investors.

SUMMARY:  Like any other item you buy, only buy a company structure when you understand why you need it.