SaaS Agreements – Data Protection – Liability for Loss of Backup Tapes

A SaaS supplier can be liable for the loss of backup tapes, not just under the terms of its SaaS agreement but also the Data Protection Act 1998, the Financial Services Authority regulations or other UK rules or regulations regardless of whether the SaaS supplier, its data centre or a third party losses the backups of customer data.

Continue reading

SaaS, ASP Agreements – Data Protection Issues with Sub-contractors – Standard Contractual Clauses

Using a sub-contractor to process your SaaS customer data is a problem under data protection law, where the sub-processor is based outside of the European Economic Area (EEA). Incorporating EU standard contractual clauses into your SaaS agreement is NOT the solution to this common problem. EU Standard Contractual Clauses Under

Continue reading

SaaS, ASP Agreements – Transfer of Personal Data outside of the EEA

There are no restrictions on transferring personal data within the EEA. However, due to the global nature of SaaS or ASP agreements personal data often needs to be transferred outside of the EEA, for example to an IT outsourcing provider in India, a subsidiary of your company in China or a data centre or software development centre in Vietnam.

Continue reading

SaaS, ASP Agreements – HCM, ATS & Erecruitment

Human resources (HR) departments are increasingly turning to SaaS or ASP agreements for their recruitment and talent management needs. Often referred to as software as a service, SaaS or on demand services many suppliers are now providing SaaS solutions specifically designed to assist employers with their HCM (human capital management), ATS (applicant tracking systems) and e-recruitment requirements.

Continue reading

SaaS, ASP Agreements – FAQs – Confidential Information

What confidentiality provisions need to be included in a SaaS agreement?Define Confidential Information.
Parties will obtain and have access to the business critical information of each other as a result of entering into a SaaS Agreement. For example, they may have access to customer lists, banking information, IPR, source code and object code or business secrets and processes. Confidential information should be defined in the SaaS agreement to make clear what is, and what is not, confidential. Do not simply refer to documents which are “marked as confidential” or “which should be treated as confidential”. Not all confidential information exists in a physical format, particularly in a SaaS scenario – so do not restrict your definition to just documents.

Continue reading

SaaS, ASP Agreements – FAQs – Data Protection

Data protection issues must be adequately covered in any SaaS agreement to protect both the supplier and the customer. Data Protection Act 1998. The Act applies to the processing of personal data, for example name/email addresses, dates of birth, national insurance number of any living individual.

Continue reading
Bodle Law