SaaS Agreements – Data Protection – Microsoft must disclose data on EU server

Many SaaS customers falsely believe that if their SaaS data is stored in a data centre located in the EU it will be protected against disclosure to the US authorities. This is incorrect. The recent US court ruling against Microsoft has confirmed the position, namely that SaaS suppliers and SaaS customers who use data centres located in the EU, owned by US companies, cannot prevent US authorities from accessing their data.

Continue reading

SaaS Agreements – Data Protection – BYOD

Employees are increasingly using their privately owned devices (i.e. Ipads, tablets, mobile phones and laptops) for business purposes and may be accessing SaaS customer data using them. SaaS suppliers who allow staff to use such “bring your own devices” (BYOD) for work purposes should be aware of their duties to protect any SaaS customer personal data being accessed by staff using such BYODs.

Continue reading