Does your website comply with the various legal requirements applicable to SaaS suppliers who opeate a UK website?
Below, I have set out the main legal requirements (including some optional recommendations) that apply to a SaaS supplier’s website.
SaaS suppliers must provide the following information in an easily accessible position on their website:
About Us/Contact Information
- Legal name of the company i.e. XYZ Ltd;
- Geographical address of the company;
- Contact details i.e. telephone number and email address;
- The country in which the company is registered and the company registration number;
- Details of any supervisory body who regulates the company i.e. the FSA. For regulated bodies more detailed information is required;
- If the SaaS supplier is registered for VAT and the VAT number;
- Clear details of prices and whether or not delivery and/or tax is included (where online sales can be made);
Registration under the Data Protection Act
If a SaaS supplier collects any personal data in the operation of its business, including when visitors use its website such as, email address, name, telephone number or address of a living person, the SaaS supplier is collecting and processing personal data and must register as a data controller under the UK Data Protection Act. It is a criminal offence not to register.
- Detailed information about the SaaS supplier;
- The data being collected and processed; and
- All mandatory information set out in applicable data protection laws that a data controller is required to provide to a data subject.
Cookie Banner and Cookie Notice
Before any cookie or similar technology used to track use of a website (such a web beacon, pixel etc.) can be placed on a user’s device explicit “opt in” consent must be obtained from the visitor. Consent is obtained via a cookie banner. If no consent is obtained from users no cookies other than essential cookies may be set.
Trademarks and Logos
Do not use any third party’s trademarks or logos on your website without the third party’s consent or you could be liable to pay damages for trademark infringement. This includes displaying logos of your SaaS customers, where you do not have their specific consent to use their logos for this purpose.
In addition to the above mandatory rules it is advisable for SaaS suppliers to have the following, in addition.
SaaS suppliers should set out the rules applicable to persons using and accessing the free goods and services available on their website. For example: state who may access the website i.e. businesses, persons over 18 years old. SaaS suppliers should also aim to limit their liability for information provided on their website. For example: state which law applies and limits on liability.
Protect your information on your website by inserting a copyright notice “© company name 2022. All rights reserved.” Without this notice, it may be difficult in some countries to take any action against a copyright infringement.
The above are examples of the main legal requirements for SaaS supplier websites. However, this is a very complicated area of law and the specific rules that apply to you will depend on what goods and services you are offering, whether you are acting BTB (business to business) or BTC (business to customer), where your SaaS business is physically located, where your customers are located and many other factors.
If you would like to have your website reviewed for compliance with English law or have any queries about compliance please contact:
To register for my newsletter click here