The following legal issues should be included in any SaaS or ASP agreement, whether you are a supplier or a customer.

Software Licence

Access to the software should be limited to the term of the SaaS agreement. Once the agreement expires or terminates the software licence should automatically terminate.

If the customer is a global entity, specify which companies or entities may access the software, in which territories and the number of users. Identify the specific purposes for which the software may be accessed. Name any third parties who will be permitted access to the software i.e. outsourcing providers or clients of the customer.

Intellectual Property Rights – IPR

The supplier should retain ownership of all IPR in the software and services it provides. The customer should retain ownership of all IPR in its systems and data. Specifically state that the source code remains owned by the supplier. The customer should grant the supplier the right to use its IPRs for the term of the agreement i.e. display its logos and copyrighted information.

Escrow

Specify who the owner of the source code is, as it may not be the supplier i.e. the holding company of the supplier. State whether or not the customer can enter into an  agreement with a third party to hold the source code in escrow.  Include the name of the escrow agent and who will be responsible for the costs of the escrow agreement and any annual renewals.

Applicable Law, Jurisdiction & Language

State which law applies to the SaaS agreement and any disputes arising from it. In international SaaS agreements make sure that you specify in which language the dispute will be dealt with, and if the agreement is in more than one language, which language prevails if there is a discrepancy between the two versions.

Return of Data

At the end of the agreement the customer’s data should be returned. The format in which the data is to be returned and payment for this service should be agreed in advance.  Additionally the parties can agree that the supplier will provide assistance in transferring customer  data to a new supplier – in return for payment for this service.

Data Protection

The supplier is the data processor and the customer is the data controller. Under UK data protection law different rules apply to the data controller and the data processor. The supplier is obliged to process data in accordance with the customer’s instructions and should protect itself against claims from third parties that such processing was illegal. Likewise, the customer will also need to protect itself against claims from third parties caused by the supplier not processing data in accordance with its instructions or the agreement.

Service Level Agreement (SLA)

This sets out the hosting, support and maintenance services being provided to the customer by the supplier. The SLA should specify where the data centre is located, who is operating it, what security, backup and disaster recovery procedures are in place. Support hours and support services for dealing with hosting problems and software problems should be identified and documented and the procedure for dealing with with upgrades and maintenance to the software should be specified. The particular details will depend on the amount being paid for the hosting, support and maintenance and the purpose for which the software is being used.

Help

For assistance with SaaS, ASP, software on demand contracts,  SLAs or any other IT legal issues contact me at:

irene.bodle@bodlelaw.com
www.bodlelaw.com

To register for my newsletter click here

______________________________________________________

Other related articles:

Like this post? Subscribe to my RSS feed and get loads more!