Request Demo
Start free
Start free

Legal Pack Ownership

Internal Control Reference

Legal Pack Summary and Ownership Matrix

Executive summary and operational ownership map for the ZoikoTime commercialization legal pack — showing what each document does, which teams own it, and where it matters operationally. This is an internal execution reference, not a substitute for the underlying documents.

Effective May 1, 2026

Internal use only. All 13 legal documents are complete and commercialization-ready. The next priority is operational alignment across website, in-app implementation, security evidence, sales enablement, and customer onboarding. All teams should treat the exported documents as controlled artifacts.

1. Executive Summary

This document summarizes the finalized ZoikoTime commercialization legal pack and assigns operational ownership across the teams that must implement, maintain, reference, or operationalize each document. It is intentionally concise.

Use classification: Internal execution reference. Platform: ZoikoTime. Owner: Zoiko Tech Inc. Status: Commercialization-ready summary. Effective Date: April 28, 2026.

2. Completed Legal Pack — Document Summary

1. Terms of Service

Use: External. Core Purpose: Master customer-facing terms governing account use, responsibilities, IP, AI outputs, limitations, termination, order precedence, and contractual baseline. Primary Owning Teams: Legal, Sales, Customer Success, Product, Finance.

2. Data Processing Addendum

Use: External. Core Purpose: Processor obligations, customer/controller duties, sub-processors, transfers, DSAR assistance, security, deletion, and audit support. Primary Owning Teams: Legal, Security, Dev, Customer Success, Enterprise Sales.

3. Privacy Notice

Use: External. Core Purpose: Public privacy notice covering data categories, purposes, legal bases, sharing, retention, rights, transfers, and contacts. Primary Owning Teams: Legal, Marketing, Design, Dev, Customer Support.

4. Security Measures Schedule

Use: External / Procurement. Core Purpose: Security-control schedule covering access controls, encryption, logging, vulnerability management, incident response, continuity, and safeguards. Primary Owning Teams: Security, DevOps, Dev, Enterprise Sales, Legal.

5. Sub-processor Policy

Use: External. Core Purpose: Third-party provider policy covering vendor use, notice mechanics, objection rights, and customer visibility into changes. Primary Owning Teams: Legal, Security, Procurement, DevOps, Customer Success.

6. Cookie Notice

Use: External. Core Purpose: Cookie notice covering cookie types, purposes, consent controls, analytics, preference management, and updates. Primary Owning Teams: Marketing, Design, Dev, Legal, Compliance.

7. Acceptable Use Policy

Use: External. Core Purpose: Rules for lawful, safe, and responsible platform use, prohibited conduct, misuse, unlawful monitoring, and enforcement rights. Primary Owning Teams: Legal, Security, Customer Success, Support, Product.

8. Subscription, Billing, Cancellation and Refund Policy

Use: External. Core Purpose: Commercial policy for billing, renewals, payment failures, cancellations, refunds, taxes, and account changes. Primary Owning Teams: Finance, Sales, Customer Success, Legal, Billing Operations.

9. Service Level Agreement

Use: External / Procurement. Core Purpose: Availability, support, incident classification, credits, maintenance, RTO/RPO, chronic failure rights, status communications, and escalation obligations. Primary Owning Teams: DevOps, Security, Support, Customer Success, Enterprise Sales, Legal.

10. Worker Transparency Notice

Use: External / Customer Deployment. Core Purpose: Worker-facing notice explaining collection, monitoring, rights, human review, access, and transparency commitments. Primary Owning Teams: Customer Success, Legal, Product, Design, Marketing Enablement.

11. AI and Automated Insights Policy

Use: External / Trust. Core Purpose: Policy governing AI insights, explainability, human oversight, prohibited sole reliance for adverse action, accuracy limits, and customer obligations. Primary Owning Teams: Product, AI/ML, Legal, Customer Success, Sales Enablement.

12. Data Retention, Deletion and Legal Hold Policy

Use: External / Operational. Core Purpose: Retention and deletion framework for customer data, audit logs, legal holds, account closure, export, suspension, and governance records. Primary Owning Teams: Dev, DevOps, Legal, Security, Customer Success.

13. Order Form and Subscription Agreement

Use: External / Transactional. Core Purpose: Customer-specific commercial contract covering plan, seats, pricing, term, selected features, contacts, special terms, signatures, and precedence. Primary Owning Teams: Sales, Finance, Legal, Customer Success, RevOps.

3. Team Ownership Matrix

Executive / Board

Use the legal pack as launch-readiness evidence and risk-control overview. Approve policy posture, pricing exceptions, enterprise negotiation boundaries, and material updates.

Legal / Compliance

Own legal accuracy, update cadence, jurisdictional review, version control, DPA and privacy alignment, AI policy alignment, and redlines.

Development / Engineering

Implement retention logic, deletion workflows, audit logs, worker access logs, DSAR exports, AI controls, cookie preferences, and role-based access.

DevOps / Security

Own SLA evidence, incidents, backup and restore operations, RTO/RPO controls, sub-processor technical review, encryption, vulnerabilities, and status-page operations.

Design / UX

Translate notices into website and in-app experiences — consent banners, worker notices, admin acknowledgments, transparency screens, and accurate microcopy.

Finance / RevOps

Operationalize billing, plan changes, payment failures, refunds, taxes, renewals, order-form data, and revenue-control fields.

Sales / Enterprise Sales

Use Terms, SLA, Security Schedule, DPA, Order Form, and AI Policy in procurement. Do not promise outside approved documents without approval.

Marketing / Website

Publish only approved customer-facing notices and trust-page excerpts. Ensure public copy does not exceed the commitments in the legal pack.

Customer Success / Support

Use the Worker Transparency Notice, AI Policy, Retention Policy, SLA, AUP, and DPA for onboarding, implementation, incidents, and education.

Procurement / Vendor Management

Maintain sub-processor inventory, vendor due diligence, security reviews, data-transfer mapping, insurance evidence, and change notices.

4. External vs. Internal Use Classification

Procurement / Vendor Management

  • Privacy Notice
  • Cookie Notice
  • Acceptable Use Policy
  • AI and Automated Insights Policy
  • Worker Transparency Notice
  • Sub-processor Policy
  • SLA summary or full SLA where appropriate

Customer Contracting / Procurement

  • Terms of Service
  • Data Processing Addendum
  • Security Measures Schedule
  • Sub-processor Policy
  • Service Level Agreement
  • Subscription, Billing, Cancellation and Refund Policy
  • Order Form and Subscription Agreement

Customer Deployment / Workforce Rollout

  • Worker Transparency Notice
  • AI and Automated Insights Policy
  • Data Retention, Deletion and Legal Hold Policy
  • Data Processing Addendum
  • Acceptable Use Policy
  • Relevant SLA excerpts

Internal Implementation / Control Reference

All documents should be available internally. Each team should work from the ownership matrix rather than from memory or informal notes. Version control must be maintained across the full pack.

5. Critical Implementation Dependencies

Website Publication

Owner Teams: Marketing, Design, Legal. Action required: Publish the correct public policies and ensure footer links, cookie banner, trust pages, and contact details match final documents.

In-App Implementation

Owner Teams: Dev, Design, Product. Action required: Implement worker transparency, AI warnings, retention controls, DSAR and export routes, legal hold states, billing flows, and admin acknowledgments.

Security Readiness

Owner Teams: Security, DevOps. Action required: Maintain uptime evidence, incident logs, backup restore proof, vulnerability records, sub-processor review files, and SLA measurement data.

Sales Enablement

Owner Teams: Sales, Legal, Finance. Action required: Train sales teams on approved commitments, Order Form use, redline escalation process, and procurement questionnaire handling.

Customer Onboarding

Owner Teams: Customer Success, Support. Action required: Provide customer admins with deployment checklists, worker communication guidance, AI restrictions, retention setup support, and escalation routes.

Version Control

Owner Teams: Legal, RevOps, Product. Action required: Maintain a single source of truth with owner, approved version, effective date, review date, publication location, and change log.

6. Final Commercialization View

No further legal documents are necessary before commercialization unless a new product capability, jurisdiction, regulated customer segment, or enterprise negotiation creates a specific need.

The next priority is operational alignment: website links, in-app notices, billing mechanics, support processes, security evidence, and sales enablement must reflect the finalized pack.

All teams should treat the exported documents as controlled artifacts. Any update should be versioned, reviewed, and reflected consistently across the website, app, Order Form, onboarding materials, and internal playbooks.

Contact ZoikoTime

For questions about this document or your legal rights:

  • Email: sales@zoikotime.com
  • Tel: 1-631-833-9395
  • Toll-free: 1-800-484-5574
1401 21st Street, Suite R, Sacramento, CA 95811, USA
European HQ: 67-69 Great Portland Street, 5th Floor, London W1W 5PF, UK
Scroll to Top