SaaS Agreements – Data Protection – Safe Harbor Still Adequate

Recently, the Department of Commerce’s International Trade Administration (ITA) – a US government body – published a document confirming that any SaaS suppliers based in the US (and/or SaaS suppliers using a data centre located in the US) who are “safe harbor” registered must be recognised as having an “adequate” level of data protection. The ITA rejected the view that EU data protection authorities can unilaterally refuse to recognise safe harbor certification as a valid means of demonstrating that a SaaS supplier based in the US (and/or SaaS suppliers using a data centre located in the US) has an adequate level of data protection.

Continue reading

SaaS Agreements – FAQs – What is a SLA?

SLA is the common abbreviation used for a service level agreement. When providing SaaS services to customers you need to include a SLA in your SaaS agreement, either as part of the main terms of your SaaS agreement or in a specific SLA schedule. A SLA should set out the following support and maintenance services that you will provide to customers to ensure that the SaaS software is made properly available to them.

Continue reading

SaaS Agreements – Terms and Conditions – The Bribery Act 2010

If your are a SaaS supplier or SaaS customer you should be aware of the provisions of the Bribery Act when negotiating the terms of a SaaS agreement. The Bribery Act 2010 (“Act”) has been in force since July 2011. It aims to distinguish between hospitality (which is permitted) and bribes which are illegal. A breach of the Act can result in an unlimited fine and a maximum prison sentence of 10 years.

Continue reading

SaaS Agreements – Data Protection – Cyber Security Issues

SaaS Customers are increasingly raising questions about the security provisions that SaaS suppliers include in their SaaS agreements and insisting on including onerous rights of audit to monitor and check compliance. Under the UK’s Data Protection Act (DPA) SaaS customers (data controllers) are required to take appropriate technical and organisational measures to prevent the:

unauthorised or unlawful processing of personal data; and
accidental loss, destruction or damage to personal data.

In order to comply with these duties and avoid substantial fines SaaS customers need to ensure that SaaS suppliers have adequate security measures in place to prevent data protection breaches from occurring.

Continue reading

SaaS Agreements – FAQs – What is SaaS?

SaaS is the abbreviation for “software as a service”. You may know this under another name, for example ASP services (application service provider), software on demand or software subscription. These names all refer to the same thing – software being made available via the Internet to users.
What is a SaaS Agreement?

A SaaS agreement is simply the name used for the agreement between a SaaS supplier and a SaaS customer which sets out the terms under which SaaS software may be accessed. This will usually include a service level agreement (SLA).

Continue reading

SaaS Agreements – Terms and Conditions – Exit Provisions

Increasingly SaaS customers are asking for detailed exit provisions to be included in the terms of SaaS agreements. Such requests usually cover the return of data, the provision of transition assistance and non-solicitation clauses. If such terms are not already included in your SaaS agreement it is advisable to add these in order to protect your interests upon termination of the customer relationship.

Continue reading