Legal, Tax, and Accounting February 12, 2020

Compliance Guides for Web Apps?

Lawrence Stewart @lawrencestewart

Compliance is a road block, there's no doubt about it. But being caught off guard hurts.

This morning I discovered I was lacking some compliance, when I dove into why a a call to the Google Places API was returning an error. I've since fixed the issues of non-compliance and noticed a couple other areas that I was lacking, but I'm sure there are more.

Does anyone have some checklists or guides for compliance?

Areas I need to find help with / or guides:

  • general terms & conditions
  • analytics
  • advertising
  • cookies
  • tracking
  • accounts and privacy
  • GDPR (less important to me atm)
  • CCPA (less important to me atm)
  • CANSPAM (seems pretty well covered)
  • Castle (seems pretty well covered)

Already covered pretty adequately:

  • payment integration from providers

Any help or resources would be appreciated. Compiling a comprehensive list of links should help other startups and indie hackers.

Do you target the strictest standards, meet the bare minimum, or fall somewhere in between?

  1. 1

    When you start off you want an in between that will meet your existing obligations/abilities but also be future proof to cover at least 6-12 months so that you don't have to waste time revisiting policies.

    Before recommending lists to meet your question, it is best to look at people who may be doing something similar and understanding how they have approached each of those problems.

    1. 1

      "When you start off you want an in between that will meet your existing obligations/abilities but also be future proof to cover at least 6-12 months so that you don't have to waste time revisiting policies."

      What are you trying to say??

      Should be easy to provide guides or software to make a compliance checklist. It just would take someones time to gather requirements. Most of the compliance that needs to be met is well defined but dispersed thought the web.

  2. 1

    This is a good one for CCPA: https://www.amazon.com/dp/1654764949/

    I also put together www.lawavocado.com for LLC information.

    1. 1

      Thanks, I'm in Canada, and there are lots of guides available for incorporation.

      I guess more a checklist for terms and conditions, and privacy policies, making sure you agree to terms and conditions when integrating with 3rd parties. So you don't miss things, get banned, blacklisted, etc.

      What I'm doing at this point is combing through all 3rd party integrations, looking for compliance and making sure I meet them. One thing I noticed a lot of competitors don't meet all the requirements for many of the google APIs.

      Also how 3rd parties want to be included in Privacy Policies and ToS can be a bit confusing. Even the best terms generators don't seem to include 3rd party API integration compliance. https://www.avodocs.com/documents is bar far the most comprehensive Privacy and ToC generator I've found.

      1. 1

        Gotcha - so information about how to comply with third party terms when you integrate them into your website or online service?

        1. 1

          yup, that's a good way to summarise it.