Human resources (HR) departments are increasingly turning to SaaS or ASP agreements for their recruitment and talent management needs. Often referred to as software as a service, SaaS or on demand services many suppliers are now providing SaaS solutions specifically designed to assist employers with their HCM (human capital management), ATS (applicant tracking systems) and e-recruitment requirements. Here are some of the legal issues which HR professionals and suppliers need to consider when negotiating a SaaS agreement.
Third Party Access to the Software
Although the customer enters into the SaaS agreement with the supplier, quite often HCM functions will be outsourced to recruitment agencies or IT outsourcing providers. It is therefore essential that the software licence permits such third parties to access the software and services, on behalf of the customer. The supplier should specifically name such third parties in the SaaS agreement and only grant them a limited licence to access the software on behalf of the customer for the purposes of the SaaS agreement.
Third parties who are granted access to the software and services will not be bound by the terms of the SaaS agreement to the supplier, or the customer, as they are not a contractual party to the SaaS agreement.
The supplier should protect itself by requiring the customer to warrant that the customer will be liable for any acts or omissions or breaches of the SaaS agreement caused by such third parties, as if these had been caused by the customer itself.
The customer should protect itself by having a “back to back” agreement with the recruitment agency/IT outsourcing provider which mirrors the terms of the SaaS agreement and makes the third party liable to the customer for any breaches, acts or omissions.
Candidate Data & Employee Data
The customer must provide information to candidates and employees about any third parties to whom their data will be passed. This should include the supplier, the supplier’s third parties (i.e. the hosting centre, remote backup provider and disaster recovery provider), the customer’s subsidiaries, recruitment agencies and IT outsourcing providers.
Data Protection – Warranties
Under UK data protection law the supplier will be the data processor and the customer will be the data controller. The supplier is obliged to process data in accordance with the customer’s instructions and should protect itself against claims from third parties that such processing was illegal. Likewise, the customer will also need to protect itself against claims from third parties caused by the supplier or its other third parties not processing data in accordance with its instructions or the SaaS agreement.
For assistance with SaaS, ASP, software on demand contracts, SLAs or any other IT legal issues contact me at:
To register for my newsletter click here
Other related articles:
- SaaS, ASP, Software on Demand – Confused?
- SaaS, ASP Agreements – Essential Elements
- SLAs Explained – Essential Elements
- Cloud Based Software, Technology, Services
- Cloud Computing and the Legal Cloud
- SaaS, ASP Agreements – FAQs – Disaster Recovery
- SaaS, ASP Agreements – FAQs – Security
- SaaS, ASP Agreements – FAQs – Confidential Information
- SaaS, ASP Agreements – FAQs – Software Licence
- SaaS, ASP Agreements – FAQs – Source Code and Object Code
- SaaS, ASP Agreements – FAQs – Escrow
- SaaS, ASP Agreements – FAQs – Data Protection
- Web Site – Legal Requirements