Irene Bodle – Page 5

SaaS Agreements – Data Protection – Microsoft must disclose data on EU server

21/05/2014 Irene Bodle

Many SaaS customers falsely believe that if their SaaS data is stored in a data centre located in the EU it will be protected against disclosure to the US authorities. This is incorrect. The recent US court ruling against Microsoft has confirmed the position, namely that SaaS suppliers and SaaS customers who use data centres located in the EU, owned by US companies, cannot prevent US authorities from accessing their data.

SaaS Agreements – Data Protection – BYOD

06/05/2014 Irene Bodle

Employees are increasingly using their privately owned devices (i.e. Ipads, tablets, mobile phones and laptops) for business purposes and may be accessing SaaS customer data using them. SaaS suppliers who allow staff to use such “bring your own devices” (BYOD) for work purposes should be aware of their duties to protect any SaaS customer personal data being accessed by staff using such BYODs.

SaaS Agreements – Terms and Conditions – Risk Assessment

16/04/2014 Irene Bodle

SaaS customers often complain that the security provisions in SaaS agreements are inadequate and lack transparency. Following a risk assessment, often using external auditors and regulators, SaaS customers often ask SaaS suppliers to add numerous additional terms and warranties to their SaaS terms. By including the security provisions set out below in your standard SaaS agreement, SaaS suppliers can avoid having more rigorous provisions imposed upon them.

SaaS Agreements – Legal Requirements – Online SaaS Sales

31/03/2014 Irene Bodle

SaaS suppliers making online sales of SaaS services to business customers in the UK need to ensure that they have the necessary legal documents and information available on their website to comply with English law. Simply having a SaaS agreement online will not cover all legal obligations in the UK when providing SaaS services online. Below is a summary of the documents and information that you should have available on a UK website.

SaaS Agreements – Terms and Conditions – Safe Harbor Adequacy

02/01/2014 Irene Bodle

European data protection authorities have recently raised serious reservations about the effectiveness of the safe harbour scheme and its ability to adequately protect SaaS customer data to the same standard as European data protection laws. If you are a SaaS supplier and are considering/or are already using a company located in the US to provide part of your SaaS services i.e. for hosting, you should be aware of the existence and limitations of the safe harbor scheme.

SaaS Agreements – SLAs – Business Continuity and Escrow Agents

23/12/2013 Irene Bodle

SaaS customers are increasingly asking for disaster recover provisions to be included within the terms of a SaaS agreement to ensure that they have access to their data and continuity of service if a problem arises at the SaaS supplier’s data centre. The costs of providing disaster recovery used to be prohibitive, due to the requirement of having mirrored servers and transferring data, however there is now a new market opening up with former escrow providers offering a variety of disaster recovery options at affordable prices.

SaaS Agreements – Data Protection – Update on the EU Draft Data Protection Regulation

13/12/2013 Irene Bodle

SaaS suppliers should be aware of the recent changes made by the EU Parliament to the draft EU Data Protection Regulation (Regulation). If this amended version of the Regulation becomes law next year the obligations of SaaS suppliers who process personal data on behalf of customers will radically change. A summary of the current main proposed provisions is set out below.

SaaS Agreements – Confidential Information – FOIA and SARs

08/11/2013 Irene Bodle

SaaS suppliers are increasingly dealing with subject access requests (SARs) and freedom of information requests (FOIAs) in relation to SaaS customers. Excessive time and costs can be spent dealing with such requests, unless a SaaS supplier’s obligation to comply with or assist a SaaS customer with such requests is clearly defined in the terms of the SaaS agreement.

SaaS Agreements – Terms and Conditions – Renegotiating Terms

29/10/2013 Irene Bodle

Customers are increasingly attempting to renegotiate the terms of existing SaaS agreements, to reduce costs as more SaaS suppliers enter the market offering competing and cheaper SaaS services. In order to pre-empt such discussions SaaS suppliers should review their current SaaS agreements to ensure that they have the following terms in place to deal with and counter such requests.

SaaS Agreements – Hosting – Encryption of Stored Data

18/10/2013 Irene Bodle

Under the Data Protection Act (DPA), SaaS customers are required to take “appropriate technical and organisational measures” to prevent the unauthorised or unlawful processing of personal data and accidental loss or destruction of, or damage to, personal data. SaaS providers who process personal data on behalf of SaaS customers are required to include such obligations in their SaaS agreement (or SLA).

Name	Borlabs Cookie
Provider	Borlabs - Benjamin a. bornschein
Purpose	Saves the visitors preferences selected in the Cookie Box of Borlabs Cookie.
Privacy Policy	https://borlabs.io/privacy/
Cookie Name	borlabs-cookie
Cookie Expiry	180 days

Accept	Google Analytics
Name	Google Analytics
Provider	Google Inc.
Purpose	Cookies are set by Google and are used for website analytics and performance measurement. Cookies create statistical data on how visitors use our Site.
Privacy Policy	https://policies.google.com/privacy?hl=en
Cookie Name	_ga ; _ga_*
Cookie Expiry	_ga : 1 year 1 month, _ga_* : 1 year 1 month