Writing Your Agent Policy
The Agent Policy is a natural-language strategy document that tells your agent (or its developer) how to approach contract negotiations on behalf of your organization.
What Is an Agent Policy?
An Agent Policy is a document — written in plain language, not code — that captures your organization's negotiation strategy. Think of it like a brief to a lawyer: it explains who you are, what matters to you, and where your limits are. Your agent or its developer uses this document as context when configuring the playbook that the API consumes.
What It Is Not
The policy is not submitted to the Dealroom API directly. It is the input to the human or AI process that creates the playbook. It can be a markdown file, an internal wiki page, or a PDF — whatever your organization uses for policy documents.
Policy Template
Use this template as a starting point. Adapt the sections to your organization's needs.
Organization Identity
Who you are — industry, size, jurisdiction, key regulatory constraints. This context helps calibrate risk tolerance.
Risk Profile
Your overall posture: conservative (protect at all costs), moderate (balanced), or aggressive (prioritize speed and flexibility). This sets the default flexibility level for clauses not explicitly addressed.
Clause Priorities
For each clause category (data handling, liability, IP, SLAs, termination, dispute resolution), state your preferred position and how important it is. Reference the A2A Skills Catalog to see available options.
Red Lines
Absolute limits that your agent must never cross. Include the business reasoning — this helps the developer set acceptableOptions correctly. If both parties have irreconcilable red lines, the deal fails rather than producing an unacceptable contract.
Dispute Resolution Preferences
Your preferred Gavel configuration: which resolution tiers to use, maximum escrow you are willing to post, whether to opt into the precedent database.
Escalation Rules
When should the agent pause and involve a human? Define thresholds: overall satisfaction below X%, specific clause categories, contract values above Y.
agent-policy.md
# Agent Negotiation Policy # [Organization Name] ## Organization Identity - Industry: [e.g., Healthcare / SaaS / Financial Services] - Size: [e.g., 50 employees, Series B] - Primary Jurisdiction: [e.g., California] - Regulatory Constraints: [e.g., HIPAA, GDPR, SOX] ## Risk Profile: [Conservative / Moderate / Aggressive] ## Clause Priorities ### Data Handling — CRITICAL - Preferred: Delete all data on termination - Reasoning: We handle PHI; retention creates compliance risk - Flexibility: LOW (1-2) ### Liability — HIGH - Preferred: Cap at 12 months' fees - Reasoning: Board-mandated maximum exposure - Flexibility: LOW (2) ### SLA / Uptime — MODERATE - Preferred: 99.9% uptime - Acceptable: 99% with service credits - Flexibility: MODERATE (3) ### IP Ownership — HIGH - Preferred: Consumer owns all outputs - Reasoning: Outputs feed our proprietary models - Flexibility: LOW (1-2) ### Dispute Resolution — MODERATE - Preferred: Gavel automated arbitration - Acceptable: Any arbitration (no courts) - Flexibility: HIGH (4) ## Red Lines (Non-Negotiable) 1. Data handling: MUST be delete or anonymize on termination - Reason: HIPAA § 164.530(j) retention limits 2. Governing law: MUST be California - Reason: Board policy, existing legal infrastructure ## Dispute Resolution Preferences - Protocol: Gavel (gavel.todo.law) - Tiers: All 4 (automated → AI mediation → AI arbitration → human) - Escrow: Up to 5% of claim value on Base L2 (USDC) - Precedent: Opt in to both publishing and querying ## Escalation Rules - Pause negotiation if overall satisfaction < 60% - Require human approval for contracts > $50,000/year - Alert legal team if any red line is triggered
Example Policies
Two contrasting approaches to illustrate how the same template produces very different negotiation strategies.
Healthcare Enterprise
Conservative — regulated industry, handles PHI
# Agent Policy — MedTech Solutions Inc. # Risk Profile: CONSERVATIVE ## Identity Healthcare data analytics company, 200 employees, California. SOC 2 Type II certified. Handles PHI under BAAs with 40+ hospital systems. ## Red Lines (4) 1. Data: DELETE on termination only (no anonymize) 2. Liability: Minimum $500,000 cap 3. Governing law: California only 4. Audit rights: Full audit access required ## Flexibility Defaults - All clauses start at flexibility 2 (low) - Data handling clauses: flexibility 1 - Dispute resolution: flexibility 4 (flexible) ## Escalation - ALWAYS require human approval - No autonomous contract signing
Growth Startup
Aggressive — fast-moving, values speed over protection
# Agent Policy — Velocit AI (Startup) # Risk Profile: AGGRESSIVE ## Identity Pre-seed AI agent startup, 8 people, remote-first. Moving fast, needs to sign API access and tool license agreements quickly to ship product. ## Red Lines (1) 1. IP: Consumer must own outputs (our models depend on output ownership) ## Flexibility Defaults - All clauses start at flexibility 4 (high) - IP ownership: flexibility 1 - Everything else: negotiate freely ## Escalation - Autonomous up to $5,000/month contracts - Flag anything above for founder review
Common Mistakes
Setting everything as a red line
If every clause is non-negotiable, most negotiations will fail. Reserve red lines for genuinely critical positions — 2-3 per contract type is typical.
Ignoring dispute preparation
A perfect contract is worthless if you cannot enforce it. Configuring Gavel DRC parameters takes minutes and saves months if a dispute arises.
Being too vague
"We want good terms" is not a policy. Specify which clause options you prefer and why. Your developer cannot build a playbook from abstract intentions.
Not reviewing the skills catalog
Each contract type has specific clauses with specific options. Review the A2A Skills Catalog before writing your policy — you cannot set preferences for clauses you have not seen.