SaaS Agreements – FAQs – Data Controller

It is important for a SaaS supplier to understand the legal obligations imposed upon a data controller when negotiating a SaaS agreement as the duties of a data controller are not the same as the duties of a data processor. In a SaaS relationship the supplier is always the data processor of the SaaS customer. The SaaS customer is always the data controller. Below is a summary of the obligations of a data controller.

Continue reading

SaaS Agreements – IPR – Software Patents

The issue of software patents has recently been highlighted by a proposal to change German patent and copyright law. The proposal recommends preventing computer software being registered as a patent, arguing that computer software should only be protected using copyright law, as this is sufficient to protect a software developer’s rights. In light of the current German proposal, below is a brief summary of patent and copyright law in relation to SaaS software in the UK, Germany and non-EU countries.

Continue reading

SaaS Agreements – Data Protection – Prism and US Laws

SaaS suppliers should be aware of relevant US laws when outsourcing SaaS services (data storage and hosting) to US companies or companies located in the USA. SaaS customers are becoming increasingly concerned about outsourcing in the USA following media reports about “Prism”. Namely, that the National Security Agency (NSA) accesses personal data stored on the servers of Microsoft, Apple, Google, Yahoo, Facebook and a few other major US public companies. Below is a summary of the most relevant US laws that SaaS suppliers should be aware of.

Continue reading