Add Business Associate Agreement (BAA) page and docs

[atharvadeosthale]

• Add a Business Associate Agreement (BAA) page at /baa
• Link the new BAA page from the site footer, alongside Terms, Privacy, and Cookies
• Add a "Business Associate Agreement (BAA)" section to the HIPAA security docs page that explains how to enable the BAA add-on from the Appwrite Console, including pricing, plan eligibility, and disabling behavior

[appwrite]

Appwrite Website

Project ID: 69d7efb00023389e8d27

Sites (1)

Site	Status	Logs	Preview	QR
website 69d7f2670014e24571ca	Ready	View Logs	Preview URL

Website (appwrite/website)

Project ID: 684969cb000a2f6c0a02

Sites (1)

Site	Status	Logs	Preview	QR
website 68496a17000f03d62013	Processing	View Logs	Preview URL

---

Tip

Ephemeral API keys are generated automatically for each function execution

[greptile-apps]

Greptile Summary

This PR adds a Business Associate Agreement (BAA) legal page at /baa, links it from both footers, and adds a BAA section to the HIPAA security documentation explaining how to enable the add-on from the Appwrite Console.

• New /baa page contains a full HIPAA BAA legal document using the policy layout, consistent with Terms, Privacy, and Cookies pages; footer links follow the same pattern in both MainFooter.svelte and sub-footer.svelte.
• The HIPAA docs section explains plan eligibility, pricing ($350/month), and how to enable/disable the add-on from Organization settings.
• The BAA document references "Appwrite Code Inc." while existing policy documents (Cookies, Privacy) use "Appwrite Code Ltd." — this entity name discrepancy needs legal verification before publishing a HIPAA-required contract.

Confidence Score: 3/5

The footer and HIPAA doc changes are straightforward, but the BAA page itself should not go live until the legal entity name is confirmed — a HIPAA contract with the wrong contracting party name is a material defect.

The BAA page uses "Appwrite Code Inc." while every other existing policy page uses "Appwrite Code Ltd." Publishing a HIPAA-required contract with a mismatched entity name is a meaningful risk that warrants legal sign-off before merge.

src/routes/baa/+page.markdoc needs a legal review to confirm the correct contracting entity name; src/routes/docs/advanced/security/hipaa/+page.markdoc has a hardcoded price and inconsistent plan eligibility description.

Important Files Changed

Filename	Overview
src/routes/baa/+page.markdoc	New BAA legal document page; uses "Appwrite Code Inc." which conflicts with "Appwrite Code Ltd." referenced in existing Cookies and Privacy policies — needs legal verification before going live.
src/routes/docs/advanced/security/hipaa/+page.markdoc	Adds BAA documentation section; hardcodes a $350/month price and describes plan eligibility vaguely ("eligible paid plans") compared to the BAA page's specific "Scale plan or Startups program" language.
src/lib/components/MainFooter.svelte	Adds BAA link to homepage footer variant with tracking event, consistent with the existing Terms/Privacy/Cookies pattern.
src/lib/components/layout/sub-footer.svelte	Adds BAA link to sub-footer, consistent with existing legal links pattern (no tracking events, matching other links in this component).

_{Reviews (1): Last reviewed commit: "Add Business Associate Agreement (BAA) p..." | Re-trigger Greptile}

[greptile-apps]

Legal entity name mismatch

The BAA uses "Appwrite Code Inc." as the contracting entity, while the existing Cookies Policy and Privacy Policy both reference "Appwrite Code Ltd." If these are the same legal entity, one of the documents has the wrong name — a material error in a HIPAA-required contract. If they intentionally represent different entities, please add a clarifying comment for future reviewers. Either way, a legal review of the entity name should confirm correctness before this page goes live.

[greptile-apps]

The price "$350 per month" is hardcoded in the documentation. If the pricing changes, this page will silently become incorrect. Consider either linking to the pricing page instead of embedding the exact figure, or noting that pricing is subject to change.

Suggested change

	You can enable a BAA yourself from the Appwrite Console. Open your **Organization settings**, find the **BAA** section, and select **Enable BAA**. The BAA is a paid add-on that costs $350 per month, prorated for your current billing cycle, and applies to your entire organization.
	You can enable a BAA yourself from the Appwrite Console. Open your **Organization settings**, find the **BAA** section, and select **Enable BAA**. The BAA is a paid add-on, prorated for your current billing cycle, and applies to your entire organization. See [pricing](https://appwrite.io/pricing) for current rates.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

[greptile-apps]

Eligibility described inconsistently

The HIPAA docs describe the BAA add-on as available on "eligible paid plans", while the BAA page itself states it "applies to clients under the Scale plan or the Startups program." These descriptions don't match — the docs are more vague and could set incorrect expectations for users on other paid plans who may not qualify. Aligning the docs with the specific plan names from the BAA would reduce confusion.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!