IT lawyer – Page 6

SaaS Agreements – Data Protection – Cyber Security Issues

27/03/2013 Irene Bodle

SaaS Customers are increasingly raising questions about the security provisions that SaaS suppliers include in their SaaS agreements and insisting on including onerous rights of audit to monitor and check compliance. Under the UK’s Data Protection Act (DPA) SaaS customers (data controllers) are required to take appropriate technical and organisational measures to prevent the:

unauthorised or unlawful processing of personal data; and
accidental loss, destruction or damage to personal data.

In order to comply with these duties and avoid substantial fines SaaS customers need to ensure that SaaS suppliers have adequate security measures in place to prevent data protection breaches from occurring.

SaaS Agreements – FAQs – What is SaaS?

19/03/2013 Irene Bodle

SaaS is the abbreviation for “software as a service”. You may know this under another name, for example ASP services (application service provider), software on demand or software subscription. These names all refer to the same thing – software being made available via the Internet to users.
What is a SaaS Agreement?

A SaaS agreement is simply the name used for the agreement between a SaaS supplier and a SaaS customer which sets out the terms under which SaaS software may be accessed. This will usually include a service level agreement (SLA).

SaaS Agreements – FAQs – Transferring Data Outside the EEA

07/03/2013 Irene Bodle

When negotiating a SaaS agreement with SaaS customers you will often need to transfer customer data outside of the EEA (European Economic Area). This could be at the request of your customer or more usually because you have a sub-contractor such as a data centre located outside of the EEA. SaaS suppliers should be aware of the following in order to comply with their duties under the Data Protection Act.

SaaS Agreements – Terms and Conditions – Need for an Arbitration Clause

25/02/2013 Irene Bodle

SaaS customers and suppliers entering into business to business (BTB) contracts are increasingly using arbitration clauses in their SaaS agreements to avoid going to court to resolve disputes. If you do not already have an arbitration clause in your SaaS agreement it is worth considering adding one for the following reasons.

SaaS Agreements – Data Protection – Changes to BCRs

15/02/2013 Irene Bodle

The Article 29 Working Party, which represents the European data protection authorities (DPAs), recently announced that data processors (i.e. SaaS suppliers) can now use binding corporate rules (BCRs) to transfer personal data outside the European Economic Area (EEA). Previously the use of BCRs was limited to data controllers (i.e. SaaS customers).

SaaS Agreements – Data Protection – Recent ICO Fines

06/02/2013 Irene Bodle

The Information Commissioner’s Office (ICO) has started to issue very high fines to a number of companies and individuals, not just for serious breaches of the Data Protection Act (DPA), but also for breaches of the Privacy and Electronic Communications Regulations (PECR). Below is a summary of the recent fines and the reasons for them being imposed.

SaaS Agreements – Terms and Conditions – Limitation of Liability

28/01/2013 Irene Bodle

The terms of a SaaS agreement should always include a clause limiting the SaaS supplier’s liability to the customer. The specific details of the liability clause will depend upon the type of SaaS software being supplied, the value of the SaaS agreement and what is usual in the business sector in which the parties operate.
The following issues should be covered by the limitation of liability clause in most SaaS agreements.

SaaS Agreements – Data Protection – German Customers and Data Processing Agreements

17/01/2013 Irene Bodle

If you are negotiating sales of SaaS solutions with German customers, you may be surprised by their insistence on having a separate written data processing agreement in addition to your SaaS agreement. This is a mandatory requirement under German data protection law (The BDSG) which imposes onerous obligations far beyond those found in most other EU data protection laws on the SaaS customer and the SaaS supplier.

SaaS Agreements – Terms and Conditions – Subcontractors and Outsourcing

07/01/2013 Irene Bodle

The terms of your SaaS agreement must include the right to use sub-contractors as 99% of SaaS suppliers use at least one sub-contractor – a third party data centre – to host their SaaS software. SaaS customers often try to prohibit the use of sub-contractors or place severe restrictions on their use by insisting that they must give prior consent to each sub-contractor. This is not acceptable for practical reasons as often numerous sub-contractors are used in providing the SaaS services and these sub-contractors will change over time.

Website Legal Requirements – Tweeting – 5 Legal Offences to Avoid

27/12/2012 Irene Bodle

There have recently been a number of high profile cases on liability for the sending of inappropriate tweets in the UK and the USA.

As tweeting becomes more and more the norm for many businesses it is important to consider the legal consequences of staff sending inappropriate tweets. Before allowing, permitting or encouraging staff to start tweeting on your behalf or with your brand you should consider creating a tweeting policy.

Name	Borlabs Cookie
Provider	Borlabs - Benjamin a. bornschein
Purpose	Saves the visitors preferences selected in the Cookie Box of Borlabs Cookie.
Privacy Policy	https://borlabs.io/privacy/
Cookie Name	borlabs-cookie
Cookie Expiry	180 days

Accept	Google Analytics
Name	Google Analytics
Provider	Google Inc.
Purpose	Cookies are set by Google and are used for website analytics and performance measurement. Cookies create statistical data on how visitors use our Site.
Privacy Policy	https://policies.google.com/privacy?hl=en
Cookie Name	_ga ; _ga_*
Cookie Expiry	_ga : 1 year 1 month, _ga_* : 1 year 1 month