Archive for March, 2011

SaaS Agreements – SLA – Service Credits

In order to limit your liability for the availability of the SaaS software that you provide to customers under a SaaS agreement you should consider whether or not to offer service credits in your  SLA.

Why you should Offer Service Credits

The advantage of providing service credits is that they limit your liability to pay the customer fixed amounts if you fail to provide the SaaS software in accordance with the availability level set out in your SLA.

If you do not include service credits in your SaaS agreement, you could be fully liable to compensate customers for a breach of contract if you fail to provide the SaaS software in accordance with the availability level set out in your SLA.

Additionally, most customers now expect to be offered service credits and if you do not provide for these in your SLA they may come up with their own calculations and payment terms, which will be vastly different from the terms that you would have chosen to offer to them.

Availability

Service credits should be linked to the non-availability of the SaaS software. Your SLA should therefore specify the level of availability that customers will have to your SaaS software. You should clearly state how availability is to be measured i.e.  monthly, quarterly or yearly. This will usually depend on how your hosting centre measures availability itself. Also remember to list exclusions from the calculation, such as planned maintenance.

Payment of Service Credits

Customers should be obliged to make a claim for service credits  in order to receive them, rather than them being paid automatically. There should be a time limit on a customer claiming a service credit which should be linked to the date on which you provide the service availability report to them.

Usually service credits are not “refunds” and are  given as credits against future payments. You will therefore need to include provisions on how to deal with service credits if a customer terminates their SaaS agreement.

Exclusions

All matters which could affect the availability of the SaaS software which are beyond your control should be listed as exclusions in the SLA. Payment of any  service credits will not apply if any of the exclusions are applicable e.g. force majeure.

Help

Irene Bodle is an IT lawyer specialising in SaaS agreements with over 10 years experience in the IT sector. If you require assistance with any SaaS, ASP, software on demand contracts or any other IT legal issues contact me:

irene.bodle@bodlelaw.com
www.bodlelaw.com

To register for my newsletter click here

______________________________________________________

Other related articles:

SaaS Agreements – SLA – Maintenance

In order to maintain the SaaS software that you provide to customers under a SaaS agreement the following issues should be included in the maintenance section of your SLA.

Scheduled Maintenance/ Planned Maintenance

You will need to allow for regular maintenance in your SLA.  This will permit you to carry out planned maintenance to the SaaS software that customers are accessing 24×7.  As this will interfere with the availability of the SaaS software your SLA should set out when standard maintenance will take place. This should also state whether and what prior notice will be given to customers before any planned maintenance is carried out.

Any downtime caused by the scheduled maintenance should be excluded from the calculation of the availability of the SaaS software in the SLA.

Emergency Maintenance

From time to time you will need to carry out emergency maintenance to the SaaS software. You should therefore include an emergency maintenance section in your SLA so that you can install emergency patches and carry out emergency repairs.  The maintenance section of your SLA should permit you to carry out emergency maintenance at any time. The obligation to provide the customer with prior notice should be on a best efforts basis.

Any downtime caused by you carrying out emergency maintenance should be excluded from the calculation of the availability of the  software in the SaaS agreement.

Upgrades

Identify in the SLA whether upgrades are included in the SaaS agreement or not. Will they be free of charge, or are they only provided upon payment of an additional fee? Are upgrades mandatory or voluntary? Also identify what is included in an “upgrade” – usually new or updated applications services or tools (including any software programmes).

Help

Irene Bodle is an IT lawyer specialising in SaaS agreements with over 10 years experience in the IT sector. If you require assistance with any SaaS, ASP, software on demand contracts or any other IT legal issues contact me:

irene.bodle@bodlelaw.com
www.bodlelaw.com

To register for my newsletter click here

______________________________________________________

Other related articles:

SaaS Agreements – Data Protection – Further Fines by Data Commissioner

On the 8th of February 2011 Ealing and Hounslow Councils were fined £80,000 and £70,000 respectively by the Data Commissioner for serious breaches of the Data Protection Act (DPA) following the theft of two laptops from the house of an employee of Ealing Council.

Data Protection Act 1998

The Data Commissioner has the power to impose a fine of up to £500,000 on a data controller who seriously breaches the DPA, if the contravention was of a kind likely to cause substantial damage or substantial distress. The contravention must either have been deliberate or the data controller must have known or ought to have known that there was a risk that a contravention would occur and failed to take reasonable steps to prevent it.

Ealing and Hounslow County Council Cases

Ealing Council operated an out-of-office service on behalf of both councils using nine staff working from home with laptops. As part of the service information about individuals  including names, dates of birth, gender, ethnicity, addresses and telephone numbers were stored on the laptops. Following the theft of two laptops the personal data of approximately 1,000 clients of Ealing Council and 700 clients of Hounslow Council was potentially compromised.

Reason for the Fines

According to the ICO, Ealing Council breached the Seventh Data Protection Principle of the 1998 UK Data Protection Act, as it issued unencrypted laptops, and had insufficient processes in place to check that the relevant policies were being followed or understood by staff. Hounslow Council was found to have breached the Act for failing to have a written contract in place with Ealing Council.

The fines were imposed even though to date there is no evidence that any data on the computers has been accessed and no complaints have been received by the data controller from clients.

How to Avoid Fines

If the Council had taken the simple step of encrypting the data (in accordance with its own policies), thousands of people’s privacy would not have been potentially compromised.

In view of the above, it is imperative that you take reasonable steps to avoid data protection breaches to limit your exposure to having such fines imposed. The following basic precautions should be taken:

  • ensure that all laptops, memory sticks and backup tapes are encrypted;
  • have appropriate data protection policies and procedures in place;
  • carry out due diligence on your security procedures and those of your sub-contractors and third parties;
  • audit compliance with your  security procedures of sub-contractors and third parties regularly.

Help

Irene Bodle is an IT lawyer specialising in SaaS agreements with over 10 years experience in the IT sector. If you require assistance with any SaaS, ASP, software on demand contracts or any other IT legal issues contact me:

irene.bodle@bodlelaw.com
www.bodlelaw.com

To register for my newsletter click here

______________________________________________________

Other related articles:

  
Bodle Law
Assign a menu in the Left Menu options.
Assign a menu in the Right Menu options.

This website uses cookies. You may not use this website, unless you agree to our use of cookies. For further details about the cookies we use please visit our Cookie Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close