legal
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseLegal — Startup Legal Counsel
法律事务——初创公司法律顾问
Draft legal documents that protect you without $500/hr bills. Always get real lawyer review before publishing.
DISCLAIMER: AI-generated legal documents are starting points, not legal advice. Have a licensed attorney review before use.
起草能为你提供保护的法律文件,无需支付每小时500美元的费用。发布前务必请专业律师审核。
免责声明:AI生成的法律文件仅为初稿,不构成法律建议。使用前请务必由持牌律师审核。
Step 0: Gather Context
步骤0:收集背景信息
Before drafting anything, ask:
- What industry? — Health-tech, fintech, SaaS, marketplace, etc. (determines regulatory requirements)
- What jurisdiction? — US (which state), EU (GDPR), UK, etc.
- What data do you collect? — PII, PHI, financial data, usage data
- B2B or B2C? — Changes liability, dispute resolution, language complexity
- Existing docs? — Read current terms, privacy policy, contracts before drafting new ones
起草任何文件前,请先明确:
- 所属行业? — 医疗科技、金融科技、SaaS、平台电商等(决定监管要求)
- 管辖区域? — 美国(具体州)、欧盟(GDPR)、英国等
- 收集哪些数据? — 个人可识别信息(PII)、受保护健康信息(PHI)、金融数据、使用数据
- B2B还是B2C? — 会影响责任界定、争议解决方式和语言复杂度
- 是否有现有文件? — 起草新文件前,请先阅读当前的服务条款、隐私政策、合同等
Step 1: Review Existing Documents
步骤1:审查现有文件
If the company has existing legal documents:
- Read them fully before proposing changes
- Identify gaps vs current requirements
- Note outdated clauses (e.g., pre-GDPR privacy language)
- Preserve custom clauses the company specifically negotiated
- Flag conflicts between documents (privacy policy says X, terms say Y)
如果公司已有法律文件:
- 通读全文后再提出修改建议
- 找出与当前要求的差距
- 标记过时条款(例如GDPR出台前的隐私条款)
- 保留公司专门协商确定的定制条款
- 指出文件之间的冲突(例如隐私政策规定X,服务条款却规定Y)
Document Templates
文件模板
Terms of Service
服务条款
| Section | Must Include |
|---|---|
| Service description | What you provide, what you don't |
| User obligations | Acceptable use, account responsibility |
| Payment terms | Billing, refunds, cancellation |
| IP ownership | Who owns what — your platform vs their data |
| Limitation of liability | Cap at fees paid, exclude consequential damages |
| Termination | How either party can end the relationship |
| Dispute resolution | Arbitration vs litigation, jurisdiction |
| Changes to terms | How you notify users of updates |
| 章节 | 必备内容 |
|---|---|
| 服务说明 | 提供的服务内容及不涵盖的范围 |
| 用户义务 | 可接受使用规范、账户责任 |
| 付款条款 | 计费、退款、取消规则 |
| 知识产权归属 | 平台与用户数据的知识产权归属界定 |
| 责任限制 | 以已收取费用为上限,排除间接损害赔偿 |
| 终止条款 | 双方终止合作关系的方式 |
| 争议解决 | 仲裁vs诉讼、管辖区域 |
| 条款变更 | 通知用户条款更新的方式 |
Privacy Policy
隐私政策
| Section | Must Include |
|---|---|
| Data collected | Specific types, not "we may collect information" |
| How it's used | Each purpose explicitly stated |
| Who it's shared with | Third parties by name/category |
| Retention period | How long, why, and deletion process |
| User rights | Access, deletion, portability (GDPR/CCPA) |
| Security measures | Encryption, access controls (high level) |
| Cookie policy | What cookies, what for, how to opt out |
| Contact | DPO or privacy contact email |
| 章节 | 必备内容 |
|---|---|
| 收集的数据 | 明确具体类型,而非模糊表述“我们可能收集信息” |
| 使用方式 | 明确说明每项用途 |
| 共享对象 | 列出第三方的名称或类别 |
| 保留期限 | 保留时长、原因及删除流程 |
| 用户权利 | 访问、删除、数据可携权(GDPR/CCPA) |
| 安全措施 | 加密、访问控制(概述) |
| Cookie政策 | Cookie类型、用途及退出方式 |
| 联系方式 | 数据保护官(DPO)或隐私事务联系邮箱 |
Industry-Specific Requirements
行业特定要求
| Industry | Additional Requirements |
|---|---|
| Health-tech | HIPAA BAA, PHI handling, breach notification, patient consent |
| Fintech | PCI DSS compliance, financial data handling, regulatory disclosures |
| EdTech | COPPA (if under 13), FERPA (student records), parental consent |
| Marketplace | Seller terms, buyer protection, dispute resolution between parties |
| AI/ML | Data usage for training disclosure, algorithmic transparency, bias |
| 行业 | 额外要求 |
|---|---|
| 医疗科技 | HIPAA业务伙伴协议(BAA)、PHI处理规范、数据泄露通知、患者知情同意 |
| 金融科技 | PCI DSS合规、金融数据处理规范、监管披露 |
| 教育科技 | COPPA(针对13岁以下用户)、FERPA(学生记录)、家长知情同意 |
| 平台电商 | 卖家条款、买家保护、买卖双方争议解决 |
| AI/ML | 训练数据使用披露、算法透明度、偏见规避 |
Contractor & Employment
承包商与雇佣相关文件
| Document | When Needed |
|---|---|
| IP Assignment | Every contractor and employee — before they write code |
| NDA | Before sharing proprietary information |
| Contractor Agreement | Any non-employee doing work — scope, payment, IP, termination |
| Advisor Agreement | Equity grants, time commitment, confidentiality |
| Employment Offer | Salary, equity, benefits, at-will status, IP assignment |
Critical: IP assignment must be signed BEFORE work begins. Retroactive assignment is legally weaker.
| 文件 | 使用场景 |
|---|---|
| 知识产权转让协议 | 所有承包商和员工——开始工作前签署 |
| 保密协议(NDA) | 共享专有信息前签署 |
| 承包商协议 | 所有非雇员工作者——明确工作范围、付款、知识产权、终止条款 |
| 顾问协议 | 股权授予、时间投入、保密义务 |
| 雇佣offer | 薪资、股权、福利、雇佣自由、知识产权转让 |
关键提示: 知识产权转让协议必须在工作开始前签署。事后补签的法律效力较弱。
Open Source Licensing
开源许可协议
| License | Can Use In Commercial Product? | Must Open Source Your Code? |
|---|---|---|
| MIT | Yes | No |
| Apache 2.0 | Yes | No (but patent grant) |
| BSD | Yes | No |
| LGPL | Yes (if dynamically linked) | Only modifications to the library |
| GPL | Yes | Yes — entire derivative work |
| AGPL | Yes | Yes — even for SaaS (network use) |
Rules:
- Audit dependencies: (npm) or
license-checker(Python)pip-licenses - GPL/AGPL in your dependency tree = your code may need to be open source
- When in doubt, use MIT for your own projects
| 许可协议 | 可用于商业产品? | 是否需要开源自身代码? |
|---|---|---|
| MIT | 是 | 否 |
| Apache 2.0 | 是 | 否(但包含专利授权) |
| BSD | 是 | 否 |
| LGPL | 是(若为动态链接) | 仅需开源对该库的修改部分 |
| GPL | 是 | 是——整个衍生作品都需开源 |
| AGPL | 是 | 是——即使是SaaS(网络使用场景)也需开源 |
规则:
- 审核依赖项:使用(npm)或
license-checker(Python)工具pip-licenses - 依赖树中包含GPL/AGPL协议,可能导致自身代码需开源
- 存疑时,自有项目建议使用MIT协议
Drafting Rules
起草规则
- Plain language. If a user can't understand it, it won't hold up well and it erodes trust.
- Specific over vague. "We retain data for 24 months" not "We retain data as needed."
- Match what you actually do. Don't copy Google's terms — your practices are different.
- Version and date. Every document has a "Last updated" date and version number.
- Consistent terminology. If the privacy policy says "Personal Data," terms should too.
- 语言平实:如果用户无法理解,条款的法律效力会受影响,还会损害信任。
- 具体明确:例如“我们保留数据24个月”而非“我们根据需要保留数据”。
- 贴合实际做法:不要照搬谷歌的条款——你的业务实践与他们不同。
- 版本与日期:每份文件都需标注“最后更新日期”和版本号。
- 术语一致:如果隐私政策中使用“个人数据”,服务条款也应保持一致。