SaaS Agreements – Data Protection – Customer Privacy Policy

SaaS Customers often ask or expect SaaS supplier’s to provide them with a privacy policy for use in conjunction with their SaaS products. SaaS suppliers should firmly refuse such requests. Firstly, as they could face liability claims from the customer if the privacy policy is in appropriate and secondly while you will have no adequate knowledge of the issues set out below, which will need to be covered in the privacy policy.

Continue reading

SaaS Agreements – Data Protection – Anonymising Data

Often SaaS suppliers or SaaS customers anonymise personal data for use in statistical or marketing information but are unaware that by using such anonymised data they could be breaching the Data Protection Act 1998 (DPA). The Information Commissioner’s Office (ICO) has recently confirmed that anonymised personal data may be disclosed without the consent of the data subject, provided that the anonymised data when linked with other information will not lead to the identification of an individual.

Continue reading