Do SaaS suppliers need to included disaster recovery provisions in a SaaS agreement? If so, what provisions should be included and where.
Continue readingCategory: SAAS
SaaS Agreements – Terms and Conditions – Limitation Clauses
SaaS suppliers should always include limitation clauses in their SaaS terms and conditions to attempt to limit or exclude liability for certain types of losses and to cap their financial liability for breaches of contract. However, in order for limitation clauses to be valid, SaaS suppliers must ensure that the wording of the limitation clause is clear and unambiguous, otherwise the whole clause could be ruled void by a court and the SaaS supplier’s liability will then be unlimited.
Continue readingSaaS Agreements – FAQs – Reseller Agreements
SaaS suppliers who decide to use a local partner to resell their SaaS software to customers outside of the countries in which they are based, will need to have a reseller/distributor agreement in place between themselves and each SaaS reseller/distributor. What is a SaaS Reseller/Distributor? A SaaS reseller is the same as a SaaS distributor. A reseller/distributor purchases the supplier’s SaaS software and services under the terms of a reseller/distribution agreement. The SaaS reseller/distributor then resells the SaaS software and services to its own local customers in its local territory
Continue readingSaaS Agreements – Data Protection – General Data Protection Regulation (GDPR)
At the end of 2015 the European Commission published the test of the new Data Protection Regulation (“GDPR”) which will replace the existing EU Data Protection Directive and harmonise European data protection law. The GDPR is expected to be adopted in Spring 2016. Once adopted, the GDPR will come into force within 2 years and in the UK the GDPR will replace the Data Protection Act 1998. This will have a significant effect on both SaaS suppliers and SaaS customers.
Continue readingSaaS Agreements – Data Protection – EU US Privacy Shield
A new privacy agreement called the Privacy Shield has been agreed by the US and EU to replace the safe harbour scheme. The Privacy Shield is based upon safe harbour but has additional protections, particularly with regard to public authority access to personal data. The Privacy Shield must now be reviewed by the European Commission before it can be relied upon and adopted by SaaS suppliers or customers. The European Commission is currently assessing whether or not the Privacy Shield provides adequate protection in accordance with EU data protection laws. This process is expected to take up to 3 months.
Continue readingSaaS Agreements – Data Protection – Direct Marketing Rules
In September 2013 the Information Commissioner’s Office (ICO) published a lengthy guide to Direct Marketing. The guide covers compliance with the Data Protection Act 1998 (DPA) and the Privacy and Electronic Communications Regulations 2003 (PECR) in relation to the sending of unsolicited marketing. SaaS suppliers who are sending unsolicited marketing to SaaS customers and prospective customers should check their compliance with the guidance. Additionally, the Direct Marketing Association (DMA) has also published its own further supplemental guide which provides detailed guidance on how and when to obtain consent to marketing
Continue readingSaaS Agreements – Data Protection – Russian Data Centres
SaaS Suppliers who will be processing personal data of Russian citizens on behalf of SaaS customers need to be aware of amendments to the Russian Federal Law on Personal Data. From the 1st of September 2015 changes to this Russian law may prohibit foreign SaaS suppliers from processing personal data of Russian citizens on servers located outside of Russia.
Continue readingSaaS Agreements – International Agreements – Valid Execution
Where an international SaaS agreement is entered into between a non-UK SaaS customer and a non-UK company of a SaaS supplier the parties should ensure that the SaaS agreement has been properly executed in accordance with the law of the country of incorporation of each company. Even where the SaaS agreement is governed by English law, failure to properly authorise or execute the SaaS agreement in accordance with the local law of each party could result in the SaaS agreement not being binding. Integral Petroleum SA v SCU – Finanz
Continue readingSaaS Agreements – International Agreements – Interest on Late Payments
SaaS customers often delay payment of invoices. In order to protect your SaaS business and improve cash flow, SaaS suppliers usually include the right to claim interest on late payments in the terms of their SaaS agreement or rely on their statutory right to interest under the Late Payment of Commercial Debts (Interest) Act 1998 (Act”). However, following the decision in Martrade Shipping and Transport GmbH v United Enterprises Corporation SaaS suppliers should be aware of the limitations of relying upon the Act, particularly where the SaaS customer or SaaS supplier is a non UK entity.
Continue readingSaaS Agreements – Data Protection – Anonymising Data
Many SaaS suppliers use personal data, collected on behalf of SaaS customers, in an anonymised form for their own purposes, such as benchmarking. The UK Information Commissioner’s Office (ICO) Anonymisation Code and more recently the Article 29 Working Party’s Opinion on Anonymisation provide guidance on how to check that personal data is actually anonymous.
If you are a SaaS provider using anonymised personal data you should comply with the recommendations in these two guides, to ensure that you are properly anonymising data, otherwise you could be found to be using personal data in breach of the DPA.
Continue reading