SaaS is the abbreviation for “software as a service”. You may know this under another name, for example subscription agreement, software on demand, software subscription agreement, cloud computing or ASP services (application service provider). These names all refer to the same thing – software being made available via the Internet to users.Continue reading
When providing SaaS services you must specify in your SaaS agreement who is responsible for the backup/loss of customer data. The extent of your backup duties should be included in the service level agreement (SLA) and these will be dependent on a number of factors set out below.Continue reading
On the 8th of February 2011 Ealing and Hounslow Councils were fined £80,000 and £70,000 respectively by the Data Commissioner for serious breaches of the Data Protection Act (DPA) following the theft of two laptops from the house of an employee of Ealing Council.Continue reading
What confidentiality provisions need to be included in a SaaS agreement?Define Confidential Information.
Parties will obtain and have access to the business critical information of each other as a result of entering into a SaaS Agreement. For example, they may have access to customer lists, banking information, IPR, source code and object code or business secrets and processes. Confidential information should be defined in the SaaS agreement to make clear what is, and what is not, confidential. Do not simply refer to documents which are “marked as confidential” or “which should be treated as confidential”. Not all confidential information exists in a physical format, particularly in a SaaS scenario – so do not restrict your definition to just documents.
What data security provisions need to be included in a SaaS agreement? Customer’s Security Obligations – These should be set out in the software licence. Access to the software and services should not be permitted to third parties without prior authorisation from the supplier. The customer should provide the following warranties:
– existence of adequate security measure to ensure access to the software and services does not breach the terms of the SaaS agreement