You hired an agency. They built your MVP. You're live, getting traction, and a VC just asked for your cap table and IP assignment documentation. Then you discover something that stops the conversation cold: you don't actually own your code.
This scenario plays out more often than founders realize. Agencies retain intellectual property through vague contract language, proprietary frameworks, or deployment lockdowns that make your "product" functionally theirs. It's one of the most expensive mistakes a startup can make—and it's entirely preventable if you know what to look for.
What Code Ownership Actually Means
Code ownership isn't a single thing. It's a bundle of rights that together determine whether you truly control your product:
Intellectual Property Rights
This is the legal foundation. IP ownership means you hold the copyright to every line of custom code written for your project. It means you can license it, sell it, modify it, or transfer it without asking anyone's permission. In practice, this should be established through a work-for-hire agreement that assigns all IP to you upon creation—not upon final payment, not upon project completion, but from the moment code is written.
Repository Access
Owning the IP is meaningless if you can't access the code. Full repository access means you have admin-level control over the Git repository where your source code lives. You can clone it, fork it, grant access to new developers, and revoke access from former ones. The repository should be under your organization's account on GitHub or GitLab—not the agency's org with you added as a collaborator.
Deployment Control
Your application runs somewhere—AWS, Vercel, Google Cloud, a VPS. Deployment control means you own the infrastructure accounts, have access to all environment variables and secrets, understand the deployment pipeline, and can ship updates without the agency's involvement. If your agency controls the deployment and you can't push code without them, you don't own your product in any practical sense.
Documentation and Knowledge Transfer
Code without context is a puzzle without a picture. Ownership includes architecture documentation, API references, database schemas, deployment guides, and enough context for a competent developer to understand, maintain, and extend the codebase without the original team.
Why Agencies Retain Code
Understanding the incentive structure helps you spot red flags early:
Recurring Revenue Lock-In
The most common reason is the simplest: money. If you can't leave, you keep paying. Some agencies structure their pricing around a low upfront cost and high monthly "maintenance" fees—but what they're really selling is access to your own product. Cancel the maintenance contract and discover that your "product" runs on their proprietary infrastructure, their deployment pipeline, or their custom framework that only their developers understand.
Proprietary Frameworks and Platforms
Some agencies build on proprietary low-code or no-code platforms that they own. Your application is a configuration layer on top of their system. You might think you're getting a custom product, but you're really getting a customized instance of their platform. When you try to migrate, you discover there's nothing portable to take with you.
Vague Contractual Language
Many agency contracts include language like "agency retains ownership of all pre-existing tools, libraries, and frameworks used in the project." That sounds reasonable—until you realize that their "framework" is 80% of your application's codebase. The custom code they assign to you is a thin layer that's useless without the foundation they've retained.
Leverage in Disputes
Retaining code gives agencies leverage if a payment dispute arises. Instead of pursuing the dispute through normal legal channels, they can effectively hold your business hostage by revoking access to the code, the repository, or the deployment infrastructure.
The Real Risks of Not Owning Your Code
You Can't Pivot Without Permission
Startups pivot. It's not a failure—it's how you find product-market fit. But if your agency owns the code, every pivot requires their involvement, their timeline, and their pricing. Want to rebuild the onboarding flow? That's a change order. Want to integrate a new AI model? That's a new project scope. Your ability to iterate at startup speed dies the moment someone else controls your codebase.
Acquisition and Fundraising Complications
Investors and acquirers conduct technical due diligence. They want to see clean IP assignment, unrestricted repository access, and evidence that the company owns every component of its product. If your code ownership is ambiguous, murky, or split with an agency, it creates legal risk that sophisticated buyers and investors won't tolerate. Deals fall apart over this. We've seen it happen to founders who thought everything was fine—until the lawyers started asking questions.
Vendor Dependency at the Worst Possible Time
Agencies close. Agencies get acquired. Key developers leave. If your product depends on an agency's continued existence and goodwill, you've introduced a single point of failure that has nothing to do with your technology, your market, or your team. The moment that agency relationship deteriorates—for any reason—your business is at risk.
Escalating Costs with No Escape
Without code ownership, you have zero negotiating power on pricing. The agency knows you can't leave because migration would mean rebuilding from scratch. Annual price increases of 15-30% are common in these relationships, and founders accept them because the alternative—a full rewrite—is even more expensive. It's a trap that compounds every year. Understanding the true cost of building an MVP upfront prevents this situation entirely.
Technical Debt You Can't Fix
When you don't control the code, you can't refactor it, modernize it, or address architectural problems. You're stuck with whatever decisions the agency made in month one, even when those decisions don't scale. The tech debt accumulates, performance degrades, and your only option is to ask the agency to fix problems they created—at their rates, on their timeline.
What to Look for in an Agency Contract
Before you sign anything, verify these specific terms:
IP Assignment Clause
The contract should explicitly state that all intellectual property created during the engagement is assigned to you upon creation. Not "upon completion," not "upon final payment"—upon creation. Look for "work made for hire" language, and ensure it covers code, designs, documentation, and any custom tools built for your project.
Repository Ownership
The contract should specify that the Git repository is created under your organization's account from day one. You should have admin access throughout the project, not just at handoff. If the agency wants to use their own tools for CI/CD, that's fine—but the source of truth lives in your repo.
No Proprietary Framework Dependencies
Ensure all dependencies use standard open-source licenses — Choose a License explains the implications of each. Ask directly: "Does any part of our application depend on code, frameworks, platforms, or infrastructure that your agency owns and does not transfer to us?" If the answer is anything other than a clear "no," dig deeper. Get the specifics in writing.
Deployment Documentation and Transfer
The contract should include a deployment and infrastructure handoff as a deliverable. This means documented deployment procedures, environment variable manifests, infrastructure-as-code files, and a working CI/CD pipeline that your team can operate independently.
Source Code Escrow (if applicable)
For larger engagements, consider a source code escrow arrangement where the latest version of the codebase is deposited with a neutral third party. This protects you even if the agency becomes unresponsive or goes out of business.
How Meld Handles Code Ownership
At Meld, code ownership isn't a feature we sell—it's a baseline assumption we build everything on. Here's how it works in practice:
Day one: We create the repository under your GitHub or GitLab organization. You have admin access before we write a single line of code. Every commit, every branch, every pull request is visible to you in real time.
During development: We work in your repo using standard Git workflows. There are no proprietary frameworks, no custom platforms, no black boxes. We build with open-source, production-grade tools—Next.js, React, TypeScript, Prisma, Tailwind CSS—that any competent developer can maintain and extend. Our idea-to-revenue process is designed around full transparency at every stage.
At handoff: You receive complete deployment documentation, architecture guides, environment variable manifests, and a working CI/CD pipeline. We walk your team (or your next developer) through the entire system. If you never talk to us again, your product keeps running and you can ship updates independently.
Post-handoff: If you want ongoing support, great—we offer maintenance packages. If you don't, that's equally fine. Your product is yours. There's no lock-in, no recurring access fee, no hostage situation. This approach is core to what makes us different as an AI development agency.
The Ownership Checklist
Before you engage any agency, run through this checklist:
- IP assignment clause — All custom code assigned to you upon creation
- Repo under your org — Admin access from day one, not just at handoff
- No proprietary dependencies — Open-source stack, no agency-owned frameworks
- Deployment docs included — As a contractual deliverable, not a "nice to have"
- Infrastructure accounts in your name — AWS, Vercel, database providers all owned by you
- Environment variables documented — Every secret, API key, and config value listed and explained
- Post-engagement independence — Contractual confirmation that you can operate, modify, and deploy without the agency's involvement
If an agency hesitates on any of these points, that hesitation tells you everything you need to know.
The Bottom Line
Code ownership isn't a negotiable perk—it's the foundation your entire business sits on. Every dollar of funding you raise, every customer you acquire, every pivot you make, and every exit you pursue depends on unambiguous ownership of your technology.
The agencies that resist full code ownership do so because their business model depends on your dependency. The agencies that embrace it do so because their business model depends on delivering value so clear that you choose to keep working with them.
Don't learn this lesson the hard way. Get ownership right from the start, and build on a foundation that's truly yours. If you're planning your MVP, start by understanding what it actually costs and what you should expect to own when it's done.