Does your website comply with the various legal requirements applicable to SaaS suppliers who opeate a UK website? SaaS suppliers must provide the following information in an easily accessible position on their website:
Continue readingTag: privacy policy
SaaS Agreements – Terms and Conditions – Data Processing Agreement
Under the Data Protection Act 1998 (DPA) UK SaaS suppliers currently have limited obligations to SaaS customers when processing personal data as part of their SaaS services. However, from the 25th of May 2018 the General Data Protection Regulation (GDPR) will impose numerous new data processing obligations on SaaS suppliers. In particular, the obligation for SaaS suppliers to enter into a written data processing agreement with SaaS customers and sub-contractors.
Continue readingSaaS Agreements – Data Protection – New obligations for SaaS Customers
From the 25th of May 2018 the EU General Data Protection Regulation (GDPR) will come into force and change existing UK data protection laws. The GDPR will place further more onerous obligations on SaaS customers (data controllers) in relation to all data processing. SaaS customers need to amend the terms of their existing SaaS agreements and privacy policies and implement the changes into internal policies and procedures in order to comply with the upcoming changes in UK data protection law.
Continue readingSaaS Agreements – Data Protection – Email Marketing and Consent
As a SaaS supplier you will undoubtedly be sending marketing emails in your own name to existing and potential clients to advertise your own products and services, or possibly as a SaaS service on behalf of a customer. In any event you should be aware that the Information Commissioner’s Office (ICO) has issued new guidance on direct marketing, with regard to complying with the Data Protection Act (DPA) and the Privacy and Electronic Communications Regulations (PECR) both of which apply to sending direct marketing to consumers (BTC).
Continue readingWebsite Legal Requirements – Privacy Policy – Basics for your Website
If you are operating a website and require users to register in order to use your website or you are simply using Google analytics on your website then you are collecting and processing personal data. Under the Data Protection Act 1998, if you collect, store or process personal data you must provide specific information to the persons whose personal data you are using. This information is usually provided to users in a privacy policy which should be published on your website.
Continue readingSaaS Agreements – Data Protection – Customer Privacy Policy
SaaS Customers often ask or expect SaaS supplier’s to provide them with a privacy policy for use in conjunction with their SaaS products. SaaS suppliers should firmly refuse such requests. Firstly, as they could face liability claims from the customer if the privacy policy is in appropriate and secondly while you will have no adequate knowledge of the issues set out below, which will need to be covered in the privacy policy.
Continue readingSaaS, ASP Agreements – FAQs – Data Protection
Data protection issues must be adequately covered in any SaaS agreement to protect both the supplier and the customer. Data Protection Act 1998. The Act applies to the processing of personal data, for example name/email addresses, dates of birth, national insurance number of any living individual.
Continue readingWebsite Legal Requirements – Ecommerce
About Us/Contact Information. You must provide the following information in an easily accessible position on your web site:
* your legal name i.e. XYZ Ltd
* your geographical address
* contact details i.e. telephone number, fax number and email address
* which country your business is registered in and the registration number
* details of any supervisory body which regulates your business i.e. the FSA. For regulated bodies more detailed information is required.
* where you are registered for VAT and your VAT number
* clear details of prices and whether or not delivery and/or tax is included