2016 – Bodle Law

SaaS Agreements – Data Protection – Cyber Insurance

17/10/2016 Irene Bodle

Currently most SaaS suppliers and SaaS customers do not take put specific cyber insurance and rely upon the provisions of a general insurance policy to cover liabilities in the event of a claim for a cyber incident or a data breach. This is partly due to the fact that few insurers offer adequate cyber insurance policies and SaaS customer and SaaS supplier’s failure to consider the need for a specialist policy of insurance, to ensure that they are covered in the event of a claim being denied under a general insurance policy.

SaaS Agreements – Data Protection – Privacy Shield Update

03/10/2016 Irene Bodle

Similar to the rules under the Safe Harbor scheme, SaaS customer and SaaS suppliers need to self-certify their compliance with the principles of the Privacy Shield. The following are the core principles which must be adhered to.
Core Principles

Notice must be given to data subjects about specific issues;
Choice to opt out of disclosure of data to third parties;
Accountability for onward transfer to third parties;

SaaS Agreements – Data Protection – Microsoft Irish Data Centre Decision

14/09/2016 Irene Bodle

Many SaaS customers are concerned whne using data centres which are owned by a US parent company i.e. Microsoft or Amazon, that even if their SaaS data is stored in a data centre located in the EU it will not be protected against disclosure to US authorities. The recent US court of appeal ruling won by Microsoft has confirmed the position, namely that SaaS suppliers and SaaS customers who use data centres located in the EU, owned by US companies, can prevent US authorities from accessing their data in some circumstances.

SaaS Agreements – Data Protection – Privacy Shield Approved

28/07/2016 Irene Bodle

EU data protection law prohibits SaaS suppliers and SaaS customers from transferring personal data to countries or territories outside the EEA unless they are considered to provide adequate protection. Below is a summary of the current position following the recent announcement that the EU-US Privacy Shield has been adopted by the EU Commission and will now replace Safe Harbor.

SaaS Agreements – Data Protection – Brexit and the GDPR

14/07/2016 Irene Bodle

SaaS suppliers and customers must currently comply with the terms of the Data Protection Act 1998 (DPA) which governs data protection law in the UK. SaaS suppliers and SaaS customers should be aware that from the 25th of May 2018, the General Data Protection Regulation (GDPR) will apply directly in all Member States of the European Union (EU). Currently the UK is a Member State of the EU and even if the UK gives the European Council notice of its intention to leave the EU, it has 2 years in which to negotiate the terms of a “Brexit”. It is therefore likely that the UK will still be part of the EU on the 25th of May 2018

SaaS Agreements – Legal Implications of Brexit

01/07/2016 Irene Bodle

SaaS suppliers and SaaS customers wondering about the business implications of a Brexit and how to prepare for this should be aware of the following. Despite the result of the referendum in the UK indicating that the UK will leave the European Union (EU), currently this has no legal consequence or effect upon the operations of SaaS suppliers or SaaS customers.

SaaS Agreements – FAQs – Disaster Recovery

01/04/2016 Irene Bodle

Do SaaS suppliers need to included disaster recovery provisions in a SaaS agreement? If so, what provisions should be included and where.

SaaS Agreements – Terms and Conditions – Limitation Clauses

14/03/2016 Irene Bodle

SaaS suppliers should always include limitation clauses in their SaaS terms and conditions to attempt to limit or exclude liability for certain types of losses and to cap their financial liability for breaches of contract. However, in order for limitation clauses to be valid, SaaS suppliers must ensure that the wording of the limitation clause is clear and unambiguous, otherwise the whole clause could be ruled void by a court and the SaaS supplier’s liability will then be unlimited.

SaaS Agreements – FAQs – Reseller Agreements

01/03/2016 Irene Bodle

SaaS suppliers who decide to use a local partner to resell their SaaS software to customers outside of the countries in which they are based, will need to have a reseller/distributor agreement in place between themselves and each SaaS reseller/distributor. What is a SaaS Reseller/Distributor? A SaaS reseller is the

SaaS Agreements – FAQs – EU Standard Contractual Clauses

22/02/2016 Irene Bodle

EU model clauses are standard data processing agreements that have been approved by the EU Commission as providing adequate protection. There are currently two sets of standard contractual clauses for transfers of personal data between data controllers and one set for transfers between a data controller and a data processor. EU model clauses must be used unamended (other than where specific details may be added, as set out in the notes to the clauses).

Where personal data is transferred from:

a data controller in the EU (SaaS customer) to a data processor outside of the EEA (SaaS supplier); or
a SaaS supplier within the EU to a sub-processor located outside of the EEA;

the SaaS supplier will need to enter into EU model clauses with the SaaS customer or SaaS sub-processor, as applicable.

Name	Borlabs Cookie
Provider	Owner of this website
Purpose	Saves the visitors preferences selected in the Cookie Box of Borlabs Cookie.
Privacy Policy	https://www.bodlelaw.com/cookie-policy
Host(s)	www.bodlelaw.com
Cookie Name	borlabs-cookie
Cookie Expiry	90 days

Accept
Name	Google Analytics
Provider	Google LLC
Purpose	Cookies set by Google used for website analytics. Generates statistical data on how the visitor uses the website.
Privacy Policy	https://policies.google.com/privacy?hl=en
Cookie Name	_ga, _gid, _utma, _utmb, _utmc, _utmt, _utmz
Cookie Expiry	_ga : 2 Years, _gid : 1 day, _utmz : 6 months, utma : 2 years