idontknow07
New member
Hey everyone, 8 months ago I launched a little side project SaaS called ComplyDog (
).
Here's a full write-up of how I started it from scratch, got the first early customers, and sold the business. This was a “side project” and thus everything done was on a part-time basis.
My day job is running a SaaS called GrowSurf, which is a referral marketing software. We have many customers in Europe who need to be compliant with GDPR. In order to work with these EU customers, our SaaS business must also be GDPR compliant. They ask questions like:
When we first started GrowSurf, GDPR compliance was a huge headache. As a fledgeling startup not knowing where to begin, we eventually needed to ensure all aspects for GDPR were accounted for, put together a DPA, and hire a lawyer.
As we wanted to get Fortune100 customers and improve our social proof (e.g, logos on our website), we needed to become GDPR compliant. As a SaaS, this was important for our growth. Otherwise an entire market segment would not be obtainable.
I thought there would be a decent startup solution for GDPR, but after months of Googling, I was never able to find one. All of the GDPR SaaS out there was built for Enterprise customers ($10k contracts). It wasn’t only until I just so happened to serendipitously stumble across a solution called GDPRPage that was our saving grace. This software was the equivalent of offloading the research and GDPR checklists, and put us on guided rails towards compliance.
The solution was good for some time, but then it would just become unstable. It seemed the creator did not have any plans to turn it into a paid service and thus more reliable business. It felt like it would stay a project of his. I shuddered at the thought of having to set everything up for GDPR again if the creator decided to scrap it overnight.
I even reached out to him a few times in an attempt to get a more reliable service (as it became more broken and unusable), but eventually I just decided to take matters into my own hands to build a more reliable, paid solution that I wish I had from the start.
For example, if our GDPR portal was down, we would get sales questions like this.
I wanted to make sure there were at least some interested customers by the time we launched. I did this by looking up sites hosted on “site:gdprpage.com”. There were pages of Google that looked like this.
I would find the primary contact of each of these businesses and ask them if they were interested in an alternative solution for the instability reasons listed previously.
Then I sent an email blast out like the one below and received some reception: see image.
I also got lucky with opportune timing — our GDPR provider had quite a long period of downtime and I used it that as moment to reach out or follow up to prospects to remind them of the painkiller problem.
See image.
People would be receptive because they felt the same problem: see image.
During this same period, I started work on building out the product.
GrowSurf is a behemoth SaaS with a ton of features and different tech. Knowing what I learned with GrowSurf, I would use for ComplyDog. I knew exactly what the tech stack would be and what was needed to build this:
The wildest features we used were OpenAI to scrape vendors from sites to populate a subprocessors database, and using a headless browser to fetch subprocessors from a website. These were tame features in the scope of a SaaS.
If you’re not familiar with the features in the above checklist, it may seem like the tech was overkill. But this route was how I felt the most comfortable versus designing something from complete scratch.
I used the same tech stack I was familiar with. That meant using dinosaur tech like AngularJS, NodeJS, Bootstrap. The only way I was able to move [relatively] fast was because I was familiar with all the nuances and design systems of these languages and frameworks.
I worked with two dev contractors to orchestrate and handle tasks to speed things up.
Because I personally favor products that aren’t complete shit, there was a lot of time spent on building features I thought were inevitable, as well as a lot of time spent on QA. In hindsight, we could have launched faster based on user feedback:
But on the plus side, there weren’t many feature requests post-launch because the product had everything it needed to be the solution that customers needed it to be (including whitelabel!).
As I had talked with people early on, to entice them to sign up, I provided early discounts (e.g, 30%). This way, early adopters got a good deal and were receptive to providing feedback.
It was time to run through the gamut of building up the typical SaaS necessities:
Over months, I added customer logos, testimonials, and reviews. Reaching out and talking to customers was required for these: see image.
I used AI tools to generate content for the blog because the space was oh so boring (e.g compliance terms). I used strategies like this one:
In hindsight, this content wasn’t quite the best in quality. And further, the SEO competition was fierce due to funded Enterprise companies, and this is still a channel that has the most potential only for long-tail keywords.
I used Danny Postma’s free-Ahrefs strategy to look up keywords (even though I had a paid Ahrefs account, it appears I needed an upgraded account to get keyword research access. So this free strategy works just as well):
In my previous SaaS experiences, I now knew how the game of backlinks worked and eventually built up the ComplyDog domain rating (DR) to 58. Though traffic was low, the DR was strong for what was ~6 months of work and could be leveraged for future backlink partnerships.
I also created a free cookie popup tool (based on the initial core JS code) that eventually reached about 90k monthly pageviews for websites that had it installed. This was based on SEO keywords like “free cookie tool”. The conversions are not that good (because it’s “free users”), but with scale even 1% of the traffic converting would be worth it. Especially as some of these users that are B2B will eventually need a GDPR solution.
See image.
I also set up the “Powered by” pages for the different ways users could reach the marketing website. For context, “Powered by” pages are the second-most trafficked pages for my SaaS GrowSurf. The only way they scale is with your customers’ traffic. They look like this:
I worked with an experienced part-time marketing person who helped with outreach and other aspects. However, after 3 months of working together, it just wasn’t working out. Because the incentive wasn’t the best for alignment (revenue-share), the commitment was minimal and there weren’t any great results to show for it.
Simply put, I hate paperwork. I intended to hold the business as a USA C-Corp for QSBS tax advantages (to eventually pay $0 in liquidity event after 5 years), but decided that I just wanted to lessen my paperwork.
Most people may say “But you can just hire an accountant/bookkeeper/etc” to do all the work for you. And to that I agree, yes that is what I still do, but I’m quite lazy in needing to compile and pass documents and information to the professionals. Simply put, I wanted to simplify my life. ComplyDog was never intended to be a full-time gig, just a necessary SaaS for my other SaaS businesses.
As I start a new SaaS business, I’m shedding some weight. For me, I’m not sure a portfolio of SaaS is what I’m into. Keeping up servers keeps me up at night. I’d rather focus and worry about a few SaaS than balance many. That said, there is very low maintenance for ComplyDog to run and I believe the buyer could make his money back + 5x more in terms of valuation in 12 months or sooner.
Further, I retain access to my ComplyDog accounts. So mission accomplished in that I needed a GDPR solution for my SaaS businesses and it works.
I posted the SaaS listing to Acquire.com, which I highly recommend (they take a 4% cut of the sale).
From listing to deal close, it took 12 days total. There was a decent amount of initial interest in first days + competing offers in first week. Things moved fast after signing the asset purchase agreement (APA). If escrow didn't delay, could have closed much sooner.
After 8 months from incorporation, I ended up selling ComplyDog at 10x annual recurring revenue (ARR) to a trusted private buyer. This guy and his team are awesome and have a good track record doing this type of SaaS M&A. I'm confident it's in good hands.
Overall, the process was great (thanks to acquire.com) and I'm looking forward to see how the buyer grows it, as I benefit from being a ComplyDog user.
Image of payment email from Acquire.
I wrote this originally as an article on my blog, but I formatted and edited it for Reddit. I'm sharing all the stuff I do on Twitter/X -- feel free to send me a DM and I'll share my username
Here's a full write-up of how I started it from scratch, got the first early customers, and sold the business. This was a “side project” and thus everything done was on a part-time basis.
1. The problem
Experiencing the problem first-hand
My day job is running a SaaS called GrowSurf, which is a referral marketing software. We have many customers in Europe who need to be compliant with GDPR. In order to work with these EU customers, our SaaS business must also be GDPR compliant. They ask questions like:
When we first started GrowSurf, GDPR compliance was a huge headache. As a fledgeling startup not knowing where to begin, we eventually needed to ensure all aspects for GDPR were accounted for, put together a DPA, and hire a lawyer.
As we wanted to get Fortune100 customers and improve our social proof (e.g, logos on our website), we needed to become GDPR compliant. As a SaaS, this was important for our growth. Otherwise an entire market segment would not be obtainable.
Looking for a solution and finding one
I thought there would be a decent startup solution for GDPR, but after months of Googling, I was never able to find one. All of the GDPR SaaS out there was built for Enterprise customers ($10k contracts). It wasn’t only until I just so happened to serendipitously stumble across a solution called GDPRPage that was our saving grace. This software was the equivalent of offloading the research and GDPR checklists, and put us on guided rails towards compliance.
Running into problems with the solution
The solution was good for some time, but then it would just become unstable. It seemed the creator did not have any plans to turn it into a paid service and thus more reliable business. It felt like it would stay a project of his. I shuddered at the thought of having to set everything up for GDPR again if the creator decided to scrap it overnight.
I even reached out to him a few times in an attempt to get a more reliable service (as it became more broken and unusable), but eventually I just decided to take matters into my own hands to build a more reliable, paid solution that I wish I had from the start.
For example, if our GDPR portal was down, we would get sales questions like this.
In summary, these were the reasons I thought ComplyDog was a good idea:
- I couldn’t find any good alternatives. The best provider offering a GDPR solution was unstable.
- The problem was a painkiller. GDPR is required by all SaaS businesses (dependent on their stage) and in order to sell our SaaS, we needed to be GDPR compliant.
- Low competition (all the competitors in this space were focused on upstream market, not startups). Boring industry also meant less entrants (super unsexy).
- If anything, I really needed ComplyDog for my primary business GrowSurf. And I wanted something I could use perpetually for different SaaS projects in the future.
2. Validation and building the product
Validating with others
I wanted to make sure there were at least some interested customers by the time we launched. I did this by looking up sites hosted on “site:gdprpage.com”. There were pages of Google that looked like this.
I would find the primary contact of each of these businesses and ask them if they were interested in an alternative solution for the instability reasons listed previously.
Then I sent an email blast out like the one below and received some reception: see image.
I also got lucky with opportune timing — our GDPR provider had quite a long period of downtime and I used it that as moment to reach out or follow up to prospects to remind them of the painkiller problem.
See image.
People would be receptive because they felt the same problem: see image.
Building the product
Tech stack and blueprints
During this same period, I started work on building out the product.
GrowSurf is a behemoth SaaS with a ton of features and different tech. Knowing what I learned with GrowSurf, I would use for ComplyDog. I knew exactly what the tech stack would be and what was needed to build this:
- JavaScript snippet + client widgets (IIEFE dev, custom colors/theming, necessary for a cookie widget)
- Creating backend APIs (security, scalability, caching design, balancing cloud pros/cons & costs)
- Creating client websites hosted for customers (e.g, custom domains, SSL)
- Creating a front-end web app (SPA, features for SaaS)
- Third party integrations (e.g, token-based APIs, encryption, etc)
- Deploying servers (setting up staging/prod environments, SSH access, etc)
The wildest features we used were OpenAI to scrape vendors from sites to populate a subprocessors database, and using a headless browser to fetch subprocessors from a website. These were tame features in the scope of a SaaS.
“Trying to move fast” and launching an “MVP”
If you’re not familiar with the features in the above checklist, it may seem like the tech was overkill. But this route was how I felt the most comfortable versus designing something from complete scratch.
I used the same tech stack I was familiar with. That meant using dinosaur tech like AngularJS, NodeJS, Bootstrap. The only way I was able to move [relatively] fast was because I was familiar with all the nuances and design systems of these languages and frameworks.
I worked with two dev contractors to orchestrate and handle tasks to speed things up.
Because I personally favor products that aren’t complete shit, there was a lot of time spent on building features I thought were inevitable, as well as a lot of time spent on QA. In hindsight, we could have launched faster based on user feedback:
But on the plus side, there weren’t many feature requests post-launch because the product had everything it needed to be the solution that customers needed it to be (including whitelabel!).
Getting early customers
As I had talked with people early on, to entice them to sign up, I provided early discounts (e.g, 30%). This way, early adopters got a good deal and were receptive to providing feedback.
3. Social proof, marketing, and SEO
It was time to run through the gamut of building up the typical SaaS necessities:
Building up social proof
Over months, I added customer logos, testimonials, and reviews. Reaching out and talking to customers was required for these: see image.
Building up the blog content
I used AI tools to generate content for the blog because the space was oh so boring (e.g compliance terms). I used strategies like this one:
In hindsight, this content wasn’t quite the best in quality. And further, the SEO competition was fierce due to funded Enterprise companies, and this is still a channel that has the most potential only for long-tail keywords.
I used Danny Postma’s free-Ahrefs strategy to look up keywords (even though I had a paid Ahrefs account, it appears I needed an upgraded account to get keyword research access. So this free strategy works just as well):
Building up backlinks
In my previous SaaS experiences, I now knew how the game of backlinks worked and eventually built up the ComplyDog domain rating (DR) to 58. Though traffic was low, the DR was strong for what was ~6 months of work and could be leveraged for future backlink partnerships.
Side project marketing and “Powered by” pages
I also created a free cookie popup tool (based on the initial core JS code) that eventually reached about 90k monthly pageviews for websites that had it installed. This was based on SEO keywords like “free cookie tool”. The conversions are not that good (because it’s “free users”), but with scale even 1% of the traffic converting would be worth it. Especially as some of these users that are B2B will eventually need a GDPR solution.
See image.
I also set up the “Powered by” pages for the different ways users could reach the marketing website. For context, “Powered by” pages are the second-most trafficked pages for my SaaS GrowSurf. The only way they scale is with your customers’ traffic. They look like this:
- A visitor to a customer’s GDPR portal clicks on the ‘Powered by’ badge
- Then the visitor lands on a specific-tailored page like this one where they can learn more
- If the website visitor came from a cookie widget, they see this page
What didn’t work
I worked with an experienced part-time marketing person who helped with outreach and other aspects. However, after 3 months of working together, it just wasn’t working out. Because the incentive wasn’t the best for alignment (revenue-share), the commitment was minimal and there weren’t any great results to show for it.
4. Selling the business
Why sell?
Simply put, I hate paperwork. I intended to hold the business as a USA C-Corp for QSBS tax advantages (to eventually pay $0 in liquidity event after 5 years), but decided that I just wanted to lessen my paperwork.
Most people may say “But you can just hire an accountant/bookkeeper/etc” to do all the work for you. And to that I agree, yes that is what I still do, but I’m quite lazy in needing to compile and pass documents and information to the professionals. Simply put, I wanted to simplify my life. ComplyDog was never intended to be a full-time gig, just a necessary SaaS for my other SaaS businesses.
As I start a new SaaS business, I’m shedding some weight. For me, I’m not sure a portfolio of SaaS is what I’m into. Keeping up servers keeps me up at night. I’d rather focus and worry about a few SaaS than balance many. That said, there is very low maintenance for ComplyDog to run and I believe the buyer could make his money back + 5x more in terms of valuation in 12 months or sooner.
Further, I retain access to my ComplyDog accounts. So mission accomplished in that I needed a GDPR solution for my SaaS businesses and it works.
Using an M&A platform and closing the deal
I posted the SaaS listing to Acquire.com, which I highly recommend (they take a 4% cut of the sale).
From listing to deal close, it took 12 days total. There was a decent amount of initial interest in first days + competing offers in first week. Things moved fast after signing the asset purchase agreement (APA). If escrow didn't delay, could have closed much sooner.
After 8 months from incorporation, I ended up selling ComplyDog at 10x annual recurring revenue (ARR) to a trusted private buyer. This guy and his team are awesome and have a good track record doing this type of SaaS M&A. I'm confident it's in good hands.
Overall, the process was great (thanks to acquire.com) and I'm looking forward to see how the buyer grows it, as I benefit from being a ComplyDog user.
Image of payment email from Acquire.
I wrote this originally as an article on my blog, but I formatted and edited it for Reddit. I'm sharing all the stuff I do on Twitter/X -- feel free to send me a DM and I'll share my username