SaaS Agreements – FAQs – Transferring Data Outside the EEA

When negotiating a SaaS agreement with SaaS customers you will often need to transfer customer data outside of the EEA (European Economic Area). This could be at the request of your customer or more usually because you have a sub-contractor such as a data centre located outside of the EEA. SaaS suppliers should be aware of the following in order to comply with their duties under the Data Protection Act.

Continue reading

SaaS, ASP Agreements – Data Protection Issues with Sub-contractors – Standard Contractual Clauses

Using a sub-contractor to process your SaaS customer data is a problem under data protection law, where the sub-processor is based outside of the European Economic Area (EEA). Incorporating EU standard contractual clauses into your SaaS agreement is NOT the solution to this common problem. EU Standard Contractual Clauses Under data protection law personal data may only be transferred to countries outside of the EEA where there is adequate protection. In order to deal with the problem of transfers of personal data from a customer (data controller) in the EEA

Continue reading