SaaS Agreements – SLA – Terms to Include

The following issues should always be included in any SLA, regardless of the type of SaaS product and services being supplied.


Clearly define times for all of your actions. Business hours and days need to be carefully defined, particularly if you have customers outside of the UK, or your maintenance and support staff are located across the globe.


If your SaaS agreement includes non-English speaking customers specify in which languages you provide support.


Customers expect to be given a guarantee of the availability of the SaaS product and services. This usually ranges from 95 – 99.9%, depending on the type of services being provided. It will also largely depend upon the availability guaranteed by any third party data centre you use to host your SaaS products and services.

When stating the level of availability of the SaaS products and services specify how and when availability will be measured, remembering to exclude any down-times for maintenance from the calculation.

Customer Support

Provide a short description of the support that you will provide to customers. This should include details about how you can be contacted and the way in which you will respond to, and fix software problems. Specify severity levels and state times for responding to and fixing software problems, remembering to differentiate between problems (errors that can be reproduced) and bugs.


Set out the times and days when you will carry out maintenance. Distinguish between regular maintenance and emergency maintenance, as you may need to install emergency patches and carry out emergency repairs at any time. State whether or not any prior notice will be given. Any downtime caused by you carrying out scheduled or emergency maintenance should be excluded from the calculation of availability.

Specify whether or not upgrades are included in the services. Will they be free of charge, or are they only provided upon payment of an additional fee? Are upgrades mandatory or voluntary? Also identify what is actually included in an “upgrade”.


Briefly describe the security provisions that you have in place at your data centre and internally within your organisation. These should include:

  • Details of data centre security structure and infrastructure;
  • Details of the firewalls and cryptology you use;
  • Any obligation to notify the customer of security breaches;
  • Restrictions on access to passwords;
  • Information about virus protection mechanisms.

Other Issues

Other provisions that you could consider including in your SLA are:

Commercial Considerations

The above is a general guide to the terms to include in a SLA for a SaaS agreement. The degree of detail that you provide will largely depend upon the following:

  • The type of SaaS products and services you are supplying;
  • How much the customer pays for the SaaS product and services;
  • Whether the SaaS product is business critical i.e. online banking;
  • What is standard in that particular business area.


Irene Bodle is an IT lawyer specialising in SaaS agreements with over 10 years experience in the IT sector. If you require assistance with any SaaS, ASP, software on demand contracts or any other IT legal issues contact me:

To register for my newsletter click here


Other related articles: