AI Legal Playbook: Contracts and Compliance Templates

MUTUAL NON-DISCLOSURE AGREEMENT
===============================================================================

This Mutual Non-Disclosure Agreement ("Agreement") is entered
into as of [DATE] by and between:

PARTY A: [Full Legal Name], [Address]
PARTY B: [Full Legal Name], [Address]

(collectively "the Parties")

-------------------------------------------------------------------------------
1. PURPOSE
-------------------------------------------------------------------------------
The Parties wish to explore a potential business relationship
concerning [BRIEF DESCRIPTION OF PURPOSE] ("Purpose"). In
connection with this Purpose, each Party may disclose
confidential information to the other.

-------------------------------------------------------------------------------
2. DEFINITION OF CONFIDENTIAL INFORMATION
-------------------------------------------------------------------------------
"Confidential Information" means any non-public information
disclosed by either Party, including but not limited to:

   a) Business plans, strategies, and financial data
   b) Customer lists, pricing, and vendor relationships
   c) Technical data, source code, and algorithms
   d) Product designs, prototypes, and roadmaps
   e) Marketing strategies and unpublished content
   f) Employee information and compensation data

Confidential Information does NOT include information that:
   i)   Is or becomes publicly available (not through breach)
   ii)  Was known to the Receiving Party before disclosure
   iii) Is independently developed without use of disclosed info
   iv)  Is disclosed by a third party without restriction

-------------------------------------------------------------------------------
3. OBLIGATIONS
-------------------------------------------------------------------------------
Each Party agrees to:
   a) Use Confidential Information solely for the Purpose
   b) Not disclose to third parties without written consent
   c) Protect with at least the same care used for its own
      confidential information (no less than reasonable care)
   d) Limit access to employees and contractors with a
      need to know, who are bound by similar obligations

-------------------------------------------------------------------------------
4. TERM
-------------------------------------------------------------------------------
This Agreement is effective from the date above and continues
for [2/3/5] years. Obligations regarding Confidential
Information survive for [2/3] years after termination.

-------------------------------------------------------------------------------
5. RETURN OF MATERIALS
-------------------------------------------------------------------------------
Upon request or termination, each Party shall promptly return
or destroy all Confidential Information and certify such
return or destruction in writing.

-------------------------------------------------------------------------------
6. NO LICENSE
-------------------------------------------------------------------------------
Nothing in this Agreement grants any license to intellectual
property or any right to use Confidential Information beyond
the stated Purpose.

-------------------------------------------------------------------------------
7. REMEDIES
-------------------------------------------------------------------------------
Both Parties acknowledge that breach may cause irreparable
harm and that the non-breaching Party shall be entitled to
seek injunctive relief in addition to any other remedies.

-------------------------------------------------------------------------------
8. GOVERNING LAW
-------------------------------------------------------------------------------
This Agreement is governed by the laws of [State/Country].

-------------------------------------------------------------------------------
SIGNATURES

Party A:   ________________________  Date: ______________
Name:      [Name]
Title:     [Title]

Party B:   ________________________  Date: ______________
Name:      [Name]
Title:     [Title]

===============================================================================
FOR ONE-WAY NDA:
* Replace "each Party" with "Receiving Party" throughout
* Remove mutual obligations language
* Add "Disclosing Party" and "Receiving Party" definitions
* Keep all other sections the same

TERMS OF SERVICE
===============================================================================
[YOUR COMPANY NAME] -- [YOUR PRODUCT NAME]
Last Updated: [DATE]

By accessing or using [Product Name] ("Service"), you agree
to these Terms of Service ("Terms"). If you do not agree,
do not use the Service.

-------------------------------------------------------------------------------
1. SERVICE DESCRIPTION
-------------------------------------------------------------------------------
[Product Name] is a [brief description of what the product
does]. The Service uses artificial intelligence, including
large language models and machine learning algorithms, to
[describe AI functionality].

-------------------------------------------------------------------------------
2. AI-SPECIFIC TERMS
-------------------------------------------------------------------------------
a) OUTPUT VARIABILITY: The Service produces AI-generated
   outputs that may vary with each use. Identical inputs
   may produce different outputs at different times.

b) NO GUARANTEE OF ACCURACY: AI-generated outputs may
   contain errors, inaccuracies, or outdated information.
   Users are responsible for reviewing and verifying all
   outputs before relying on them for business decisions.

c) NOT PROFESSIONAL ADVICE: Outputs do not constitute
   legal, financial, medical, or other professional advice.
   Consult qualified professionals for such matters.

d) TRAINING DATA: The AI models powering this Service are
   trained on publicly available data. We do not use your
   inputs or outputs to train our models unless you
   explicitly opt in.

e) OUTPUT OWNERSHIP: You own the outputs generated through
   your use of the Service, subject to the limitations in
   Section 5 (Intellectual Property).

-------------------------------------------------------------------------------
3. USER RESPONSIBILITIES
-------------------------------------------------------------------------------
You agree to:
   a) Provide accurate account information
   b) Not use the Service for illegal purposes
   c) Not attempt to reverse-engineer the AI models
   d) Not use outputs to develop competing AI services
   e) Not input confidential third-party information
      without authorization
   f) Review all AI outputs before publication or use

-------------------------------------------------------------------------------
4. PROHIBITED USES
-------------------------------------------------------------------------------
The Service may not be used to:
   a) Generate content that violates applicable law
   b) Create deepfakes or misleading impersonations
   c) Produce spam or automated mass communications
   d) Circumvent safety filters or content policies
   e) Generate content that infringes third-party IP
   f) Make automated decisions affecting individuals
      without human review

-------------------------------------------------------------------------------
5. INTELLECTUAL PROPERTY
-------------------------------------------------------------------------------
a) SERVICE IP: All rights in the Service, including AI
   models, algorithms, and interfaces, belong to
   [Company Name].

b) USER INPUTS: You retain ownership of content you input.

c) USER OUTPUTS: You own outputs generated through your
   use, but acknowledge that:
   - Similar outputs may be generated for other users
   - Outputs may not qualify for copyright protection
     in all jurisdictions
   - We may use aggregated, anonymized usage data to
     improve the Service

-------------------------------------------------------------------------------
6. PAYMENT AND SUBSCRIPTION
-------------------------------------------------------------------------------
[Pricing tier details]
[Billing cycle]
[Cancellation policy]
[Refund policy]

-------------------------------------------------------------------------------
7. LIMITATION OF LIABILITY
-------------------------------------------------------------------------------
TO THE MAXIMUM EXTENT PERMITTED BY LAW:

   a) The Service is provided "AS IS" without warranties of
      any kind, express or implied.

   b) [Company Name] is not liable for any decisions made
      based on AI-generated outputs.

   c) Total liability shall not exceed the fees paid by you
      in the 12 months preceding the claim.

   d) [Company Name] is not liable for indirect, incidental,
      consequential, or punitive damages.

-------------------------------------------------------------------------------
8. TERMINATION
-------------------------------------------------------------------------------
We may suspend or terminate your access for violation of
these Terms. You may cancel your account at any time.
Upon termination, your right to use the Service ends
immediately. Data retention follows our Privacy Policy.

-------------------------------------------------------------------------------
9. CHANGES TO TERMS
-------------------------------------------------------------------------------
We may update these Terms with 30 days notice via email
or in-app notification. Continued use after the effective
date constitutes acceptance.

-------------------------------------------------------------------------------
10. GOVERNING LAW
-------------------------------------------------------------------------------
These Terms are governed by the laws of [State/Country].
Disputes shall be resolved through binding arbitration
in [Location].

-------------------------------------------------------------------------------
CONTACT
Email:    [legal@yourcompany.com]
Address:  [Your Business Address]

===============================================================================
NOTES:
* Section 2 (AI-Specific Terms) is the critical addition
  for any product using AI -- do not omit
* Consult an attorney for your specific jurisdiction
* Update "Last Updated" date with every revision

PRIVACY POLICY
===============================================================================
[YOUR COMPANY NAME]
Last Updated: [DATE]
Effective Date: [DATE]

This Privacy Policy describes how [Company Name] ("we," "us,"
"our") collects, uses, and protects your personal information
when you use [website/app/product name] ("Service").

-------------------------------------------------------------------------------
1. INFORMATION WE COLLECT
-------------------------------------------------------------------------------
a) INFORMATION YOU PROVIDE:
   - Name and email address (account creation, forms)
   - Payment information (processed by [Stripe/PayPal])
   - Content you submit (messages, uploads, inputs)
   - Communication preferences

b) AUTOMATICALLY COLLECTED:
   - IP address and approximate location
   - Browser type and device information
   - Pages visited and time spent
   - Referring URL and search terms
   - Cookies and similar technologies

c) AI-SPECIFIC DATA:
   - Inputs provided to AI features
   - AI-generated outputs
   - Usage patterns of AI features
   - Feedback on AI outputs (if provided)

-------------------------------------------------------------------------------
2. HOW WE USE YOUR INFORMATION
-------------------------------------------------------------------------------
We use collected information to:
   a) Provide and improve the Service
   b) Process payments and manage accounts
   c) Send transactional emails (receipts, updates)
   d) Send marketing communications (with your consent)
   e) Analyze usage to improve user experience
   f) Comply with legal obligations
   g) Prevent fraud and abuse

We DO NOT:
   - Sell your personal data to third parties
   - Use your inputs to train AI models (unless opted in)
   - Share data with third parties for their marketing

-------------------------------------------------------------------------------
3. LEGAL BASIS FOR PROCESSING (GDPR)
-------------------------------------------------------------------------------
For EU/EEA residents, we process data under these bases:
   a) CONTRACT: To fulfill our service agreement with you
   b) CONSENT: For marketing and optional data processing
   c) LEGITIMATE INTEREST: Analytics, security, improvement
   d) LEGAL OBLIGATION: Tax records, regulatory compliance

-------------------------------------------------------------------------------
4. YOUR RIGHTS
-------------------------------------------------------------------------------
GDPR RIGHTS (EU/EEA residents):
   - Right to access your personal data
   - Right to rectification of inaccurate data
   - Right to erasure ("right to be forgotten")
   - Right to restrict processing
   - Right to data portability
   - Right to object to processing
   - Right to withdraw consent at any time
   - Right to lodge a complaint with a supervisory authority

CCPA RIGHTS (California residents):
   - Right to know what data we collect
   - Right to delete personal information
   - Right to opt out of sale (we do not sell data)
   - Right to non-discrimination for exercising rights

To exercise any right, email: [privacy@yourcompany.com]
Response time: Within 30 days (GDPR) / 45 days (CCPA)

-------------------------------------------------------------------------------
5. DATA RETENTION
-------------------------------------------------------------------------------
   - Account data: Retained while account is active,
     deleted within 30 days of account closure
   - Payment records: Retained for [7] years (tax law)
   - Analytics data: Aggregated and anonymized after 26 months
   - AI inputs/outputs: Deleted within [30/90] days unless
     saved by user

-------------------------------------------------------------------------------
6. DATA SECURITY
-------------------------------------------------------------------------------
We implement:
   - TLS 1.3 encryption for data in transit
   - AES-256 encryption for data at rest
   - Regular security audits and penetration testing
   - Access controls limited to authorized personnel
   - Incident response plan for data breaches

-------------------------------------------------------------------------------
7. THIRD-PARTY SERVICES
-------------------------------------------------------------------------------
We use the following third-party processors:
   - [Payment Processor]: Payment processing
   - [Analytics Provider]: Website analytics
   - [Email Service]: Transactional and marketing email
   - [AI Provider]: AI feature processing
   - [Hosting Provider]: Infrastructure

Each processor is bound by data processing agreements.

-------------------------------------------------------------------------------
8. INTERNATIONAL TRANSFERS
-------------------------------------------------------------------------------
Data may be transferred to and processed in [countries].
For EU data transferred outside the EEA, we use:
   - Standard Contractual Clauses (SCCs)
   - Adequacy decisions where applicable

-------------------------------------------------------------------------------
9. COOKIES
-------------------------------------------------------------------------------
We use:
   - Essential cookies: Required for Service function
   - Analytics cookies: Usage tracking (with consent)
   - Preference cookies: Remembering your settings

Manage cookie preferences: [Link to cookie settings]

-------------------------------------------------------------------------------
10. CHILDREN'S PRIVACY
-------------------------------------------------------------------------------
The Service is not directed at children under 16. We do not
knowingly collect data from children. If we learn we have
collected such data, we will delete it promptly.

-------------------------------------------------------------------------------
11. CHANGES TO THIS POLICY
-------------------------------------------------------------------------------
We will notify you of material changes via email or in-app
notice at least 30 days before the changes take effect.

-------------------------------------------------------------------------------
CONTACT
Data Protection Inquiries: [privacy@yourcompany.com]
Data Protection Officer:   [Name, if applicable]
Address:                   [Business Address]

===============================================================================
COMPLIANCE NOTES:
* GDPR: Required if you have ANY EU/EEA users
* CCPA: Required if you have California users AND meet
  revenue/data thresholds (>$25M revenue, >50K consumers,
  or >50% revenue from selling data)
* Update this policy whenever you add new data collection
  or third-party services

AI DISCLOSURE AND LIABILITY CLAUSES
===============================================================================

CLAUSE 1: AI USAGE DISCLOSURE (for service agreements)
-------------------------------------------------------------------------------
Provider may use artificial intelligence tools and
technologies ("AI Tools") in the performance of Services,
including but not limited to:

   a) Large language models (e.g., Claude, GPT, Gemini)
      for content drafting and research
   b) AI coding assistants for software development
   c) AI image generation tools for design concepts
   d) AI analytics tools for data analysis

All AI-generated outputs are reviewed, edited, and validated
by qualified human professionals before delivery to Client.
Provider maintains final editorial and quality control over
all deliverables.

Client acknowledges and agrees that the use of AI Tools:
   - Does not diminish the quality or value of deliverables
   - Is standard practice in the [industry] industry
   - Is disclosed in good faith and transparency


CLAUSE 2: AI OUTPUT LIABILITY LIMITATION
-------------------------------------------------------------------------------
Regarding any AI-generated or AI-assisted components of the
deliverables:

   a) Provider makes no warranty that AI-generated content
      is original or unique. Similar outputs may exist.

   b) Provider is not liable for errors, inaccuracies, or
      omissions in AI-generated content that were not
      identified during the human review process.

   c) Client assumes responsibility for verifying the
      accuracy of any AI-generated content before use in
      regulated, legal, financial, or medical contexts.

   d) Provider's liability for claims arising from
      AI-generated content is limited to re-performance
      of the affected Services at no additional cost.

   e) Provider is not liable for third-party claims
      regarding AI-generated content, including but not
      limited to copyright infringement claims based on
      AI training data.


CLAUSE 3: AI DATA HANDLING
-------------------------------------------------------------------------------
In connection with the use of AI Tools:

   a) Client data may be processed by third-party AI
      service providers. Provider will use commercially
      reasonable efforts to select providers with
      appropriate data protection measures.

   b) Provider will not opt into data sharing or model
      training programs offered by AI providers using
      Client data.

   c) Provider will inform Client before using any AI tool
      that does not offer data deletion or zero-retention
      processing.

   d) Upon project completion, Provider will delete Client
      data from AI tool histories within [30] days.


CLAUSE 4: IP ASSIGNMENT WITH AI CARVE-OUT
-------------------------------------------------------------------------------
a) Upon full payment, Client receives all rights in the
   final deliverables as defined in the Scope of Services.

b) Provider retains ownership of:
   - Pre-existing tools, templates, and methodologies
   - AI prompt libraries and prompt engineering techniques
   - Workflow automations and process frameworks
   - General knowledge and skills gained during engagement

c) Client acknowledges that AI-generated components may
   not be eligible for copyright protection in all
   jurisdictions. Provider makes no representation
   regarding the copyrightability of AI-generated content.

d) Client receives a perpetual, non-exclusive license to
   use any Provider Tools embedded in the deliverables.


CLAUSE 5: CONTRACTOR AI USAGE POLICY
-------------------------------------------------------------------------------
For agreements with contractors or subcontractors:

Contractor [MAY / MAY NOT] use AI Tools in performing work
under this agreement, subject to:

   a) Prior written disclosure of specific AI Tools used
   b) Human review of all AI-generated outputs
   c) Compliance with all data handling obligations
   d) No input of Company confidential information into
      AI Tools without prior written approval
   e) Retention of all AI interaction logs for [90] days

===============================================================================
IMPLEMENTATION NOTES:
* Add Clause 1 and 2 to every service agreement
* Add Clause 3 when processing any client data through AI
* Add Clause 4 to replace standard IP assignment clauses
* Add Clause 5 to contractor agreements
* Have an attorney review for your jurisdiction

SCOPE CHANGE AMENDMENT
===============================================================================

Amendment #[NUMBER] to Service Agreement dated [ORIGINAL DATE]

Between:
Provider: [Name]
Client:   [Name]

-------------------------------------------------------------------------------
1. CHANGE DESCRIPTION
-------------------------------------------------------------------------------
The following changes are requested to the original Scope
of Services:

ADD:
   - [New deliverable or task #1]
   - [New deliverable or task #2]

MODIFY:
   - [Changed requirement with before/after description]

REMOVE:
   - [Deliverable no longer needed]

-------------------------------------------------------------------------------
2. IMPACT ASSESSMENT
-------------------------------------------------------------------------------
Timeline Impact:
   Original completion date:    [Date]
   New completion date:         [Date]
   Extension:                   [X] business days

Cost Impact:
   Original project fee:        $[Amount]
   Additional cost for changes: $[Amount]
   New total project fee:       $[Amount]

Payment for Additional Work:
   - Due upon signing this amendment: $[Amount]
   - Added to next milestone payment
   - Billed separately (Net [15/30] days)

-------------------------------------------------------------------------------
3. TERMS
-------------------------------------------------------------------------------
a) All other terms of the original Service Agreement
   remain in effect.
b) Work on the scope change begins only after this
   amendment is signed by both parties.
c) Additional changes require a new amendment.

-------------------------------------------------------------------------------
SIGNATURES

Provider:  ________________________  Date: ______________
Client:    ________________________  Date: ______________

===============================================================================

PAYMENT TERMS FRAMEWORK
===============================================================================

Choose the structure that fits your project size:

-------------------------------------------------------------------------------
OPTION A: FIXED PROJECT (Under $5,000)
-------------------------------------------------------------------------------
   50% deposit upon contract signing
   50% upon final delivery and approval

   Late payment: 1.5% monthly on outstanding balance
   Work suspension: After 15 days overdue
   Kill fee: Deposit is non-refundable after work begins


OPTION B: MILESTONE-BASED (Over $5,000)
-------------------------------------------------------------------------------
   30% deposit upon contract signing
   30% upon [Milestone 2] completion and approval
   40% upon final delivery and approval

   Milestone approval period: 5 business days
   Silence = approval after 5 business days
   Late payment: 1.5% monthly on outstanding balance
   Work suspension: After 15 days overdue on any milestone


OPTION C: MONTHLY RETAINER
-------------------------------------------------------------------------------
   Monthly fee: $[Amount] per month
   Payment due: 1st of each month (in advance)
   Hours included: [X] hours per month
   Overage rate: $[Amount] per additional hour
   Unused hours: Do not roll over

   Minimum term: [3/6] months
   Cancellation: 30 days written notice
   Late payment: Service suspended on 5th of month
                 if payment not received


OPTION D: HOURLY WITH CAP
-------------------------------------------------------------------------------
   Hourly rate: $[Amount] per hour
   Monthly cap: $[Amount] (requires approval to exceed)
   Billing cycle: Bi-weekly invoicing
   Payment terms: Net 15 days

   Time tracking: Toggl/Harvest (shared access)
   Minimum billing: 15-minute increments
   Late payment: 1.5% monthly after due date

===============================================================================
ADDITIONAL PAYMENT CLAUSES (add as needed):

RUSH FEE:
Work requested with less than [48 hours / 1 week] notice
incurs a [25-50]% rush surcharge on the affected deliverable.

REVISION LIMITS:
[2/3] rounds of revisions included in project fee.
Additional revisions billed at $[Amount] per hour.

PAYMENT DISPUTE:
Undisputed portions remain due on the original schedule.
Disputed portions are paused pending resolution. Provider
continues work on undisputed items only.

COLLECTION COSTS:
Client agrees to pay all reasonable costs of collection,
including attorney fees, if payment requires legal action.