Irene Bodle – Page 6

SaaS Agreements – Data Protection – IT Security Requirements

17/09/2013 Irene Bodle

n January 2013 Sony was fined 250,000 GBP for failing to take “appropriate technical measures” to protect the security of personal data stored on its PlayStation Network (PSN) in breach of the Data Protection Act (DPA). In light of the lack of guidance currently provided by the Information Commissioner’s Office (ICO) on data protection security SaaS suppliers should be aware that the ICO plans to draw up new guidelines.

SaaS Agreements – Social Media – Ownership of Accounts

07/09/2013 Irene Bodle

Increasingly SaaS suppliers encourage employees to use social media accounts i.e. LinkedIn and Twitter to promote their products and business. However this often results in a conflict arising between claims of misuse of confidential information and “ownership” of accounts and contacts when the employment relationship comes to an end.

The High Court has recently highlighted the need for SaaS suppliers to have a clear policy on the ownership of such social media accounts and contacts when they are used by employees for business purposes.

SaaS Agreements – Data Protection – Advantages of Hosting in Switzerland

24/08/2013 Irene Bodle

SaaS suppliers are increasingly using data centres located in Switzerland to host SaaS software and store customer data. In light of recent media revelations about “prism” and the already existing concerns over access to customer data under the Patriot Act and FISA this could be an increasing trend. The advantages of hosting SaaS data in Switzerland are summarised below.

SaaS Agreements – FAQs – Prism

14/08/2013 Irene Bodle

In light of recent and ongoing “prism” revelations, SaaS suppliers are having to deal with numerous queries about the safety of SaaS customer data. Many customers mistakenly believe that by using a non-US data centre their SaaS customer data is safe against disclosure to the US authorities. Below is a summary of the most common concerns being raised by SaaS customers.

SaaS Agreements – FAQs – Data Controller

29/07/2013 Irene Bodle

It is important for a SaaS supplier to understand the legal obligations imposed upon a data controller when negotiating a SaaS agreement as the duties of a data controller are not the same as the duties of a data processor. In a SaaS relationship the supplier is always the data processor of the SaaS customer. The SaaS customer is always the data controller. Below is a summary of the obligations of a data controller.

SaaS Agreements – IPR – Software Patents

18/07/2013 Irene Bodle

The issue of software patents has recently been highlighted by a proposal to change German patent and copyright law. The proposal recommends preventing computer software being registered as a patent, arguing that computer software should only be protected using copyright law, as this is sufficient to protect a software developer’s rights. In light of the current German proposal, below is a brief summary of patent and copyright law in relation to SaaS software in the UK, Germany and non-EU countries.

SaaS Agreements – Data Protection – Prism and US Laws

08/07/2013 Irene Bodle

SaaS suppliers should be aware of relevant US laws when outsourcing SaaS services (data storage and hosting) to US companies or companies located in the USA. SaaS customers are becoming increasingly concerned about outsourcing in the USA following media reports about “Prism”. Namely, that the National Security Agency (NSA) accesses personal data stored on the servers of Microsoft, Apple, Google, Yahoo, Facebook and a few other major US public companies. Below is a summary of the most relevant US laws that SaaS suppliers should be aware of.

SaaS Agreements – Data Protection – HIPAA

28/06/2013 Irene Bodle

On January 25th 2013, the US Department of Health and Human Services modified the rules of the Health Insurance Portability and Accountability Act 1996 (“HIPAA”). HIPAA applies to any SaaS suppliers who process protected health information (“PHI”) on behalf of customers to whom the Act applies, regardless of whether or not the SaaS supplier is located in the USA.

SaaS Agreements – FAQs – Applicable Law and Jurisdiction

19/06/2013 Irene Bodle

It is important to understand the difference between applicable law and applicable jurisdiction when negotiating a SaaS agreement. Applicable law specifies which country’s laws will apply to your SaaS agreement. Jurisdiction specifies which courts will have authority to deal with a dispute. Usually a UK SaaS agreement will specify the laws of England and Wales as the applicable law and the courts of England will have jurisdiction.

SaaS Agreements – Dealing with Late Payment or Non-payment of Invoices

09/06/2013 Irene Bodle

In the current economic climate, SaaS customers often deliberately delay payment of invoices. In order to protect your SaaS business and improve your cash flow, you should consider including the following in the terms of your SaaS agreement.

Name	Borlabs Cookie
Provider	Borlabs - Benjamin a. bornschein
Purpose	Saves the visitors preferences selected in the Cookie Box of Borlabs Cookie.
Privacy Policy	https://borlabs.io/privacy/
Cookie Name	borlabs-cookie
Cookie Expiry	180 days

Accept	Google Analytics
Name	Google Analytics
Provider	Google Inc.
Purpose	Cookies are set by Google and are used for website analytics and performance measurement. Cookies create statistical data on how visitors use our Site.
Privacy Policy	https://policies.google.com/privacy?hl=en
Cookie Name	_ga ; _ga_*
Cookie Expiry	_ga : 1 year 1 month, _ga_* : 1 year 1 month