Legal documents,
as they should read.
Most small businesses can't justify a $300/hr lawyer for a privacy policy and shouldn't have to. The legacy alternative is a template service charging $20+/month for documents that read worse than the average blog post. We thought there was a third option.
A privacy policy should be the cheap part of starting a business — it isn't.
The going rate for a privacy policy from a competent lawyer is $300–$800. The going rate from a template service is $14–$30 per month, locked behind a subscription you'll forget about and keep paying. Both prices exist because the market hasn't been forced to be honest about the cost.
A privacy policy is a structured document. It has predictable sections, required disclosures per jurisdiction, and a finite vocabulary regulators expect. With current LLMs trained on the right corpus and grounded against a current legal knowledge base, the marginal cost of generating a strong draft is pennies — not hundreds of dollars, and not a recurring subscription.
We charge $2 for one document and $5/month for unlimited, because that's what the underlying compute actually costs us plus a modest margin to keep the lights on. The audit tool is free because catching gaps in your existing policy is the kind of thing that should not be paywalled — it makes the web measurably safer.
Three stages, not one prompt.
Draft against a curated knowledge base
The first pass isn't a raw LLM dump. We ground the model in a jurisdiction-specific knowledge base — GDPR articles, CCPA / CPRA regulations, UK ICO guidance, PIPEDA findings, Australian Privacy Principles — that we maintain ourselves. The model writes the document; the knowledge base tells it what's mandatory, what's optional, and what regulators have actually objected to in practice.
Audit against compliance rules
The draft goes through an automated audit pipeline — the same one that powers the free /audit page. It checks for missing disclosures (data categories, retention periods, recipient lists), jurisdictional gaps (e.g. CCPA's "right to limit" section if you serve California), and language regulators have flagged as misleading. Issues come back classified by severity: blocker, gap, or polish.
Fix and re-audit, up to three passes
If the audit finds issues, we run a targeted fix pass that addresses each one specifically (not a rewrite-the-whole-thing pass that risks breaking working sections). Then we re-audit. The loop runs at most three times. By the third pass, in practice 95%+ of documents produce a clean audit; the rest surface the remaining issues so you can decide whether they apply to your situation.
We are a strong starting point. We are not your lawyer.
- · A first draft you can publish today and feel good about.
- · Equivalent in form to TermsFeed / Iubenda / Termly.
- · An honest reflection of what your business says it does.
- · An audit tool you can run on policies we didn't write.
- · A substitute for legal advice on bespoke risk.
- · Appropriate for regulated industries without lawyer review.
- · Able to invent disclosures you didn't tell us about.
- · A guarantee — see /legal/disclaimer.
Questions, suggestions, or law-changes we missed?
Write to us. We read everything and reply within a day or two — the team is small enough that real people answer.