SaaS Agreements – FAQs – EU Model Clauses

EU model clauses are standard data processing agreements that have been approved by the EU Commission as providing adequate protection. There are currently two sets of standard contractual clauses for transfers of personal data between data controllers and one set for transfers between a data controller and a data processor. EU model clauses must be used unamended (other than where specific details may be added, as set out in the notes to the clauses).

Where personal data is transferred from:

a data controller in the EU (SaaS customer) to a data processor outside of the EEA (SaaS supplier); or
a SaaS supplier within the EU to a sub-processor located outside of the EEA;

the SaaS supplier will need to enter into EU model clauses with the SaaS customer or SaaS sub-processor, as applicable.

Continue reading

SaaS Agreements – SLA – Security Issues

As a SaaS supplier you will have noticed the increasing concerns about security voiced by SaaS customers. Your SaaS agreement should provide comfort to your customer by including security provisions in the service level agreement (SLA). The specifc matters covered will depend on a number of factors set out below.

Continue reading

SaaS Agreements – E-Discovery

As a SaaS supplier you may be ordered by a court as part of a litigation process to identify and disclose physical documents and electronically stored information (e-discovery). This creates problems for SaaS suppliers on a number of levels.

Continue reading

SaaS Agreements – Data Protection – Liability for Loss of Backup Tapes

A SaaS supplier can be liable for the loss of backup tapes, not just under the terms of its SaaS agreement but also the Data Protection Act 1998, the Financial Services Authority regulations or other UK rules or regulations regardless of whether the SaaS supplier, its data centre or a third party losses the backups of customer data.

Continue reading

SaaS, ASP Agreements – Data Protection Issues with Sub-contractors – Model Clauses

Using a sub-contractor to process your SaaS customer data is a problem under data protection law, where the sub-processor is based outside of the European Economic Area (EEA). Incorporating EU model clauses into your SaaS agreement is NOT the solution to this common problem. EU Model Clauses Under data protection

Continue reading

SaaS Agreements – SLAs – Essential Elements

Customers thinking of purchasing software delivered via the Internet (SAAS) are often unaware of what terms should be included. Jargon in the SLA can seem like a foreign language. Customers often tend to simply accept the SLA provided by the supplier, rather than struggle to understand it.

Continue reading
Bodle Law