Recently, the Department of Commerce’s International Trade Administration (ITA) – a US government body – published a document confirming that any SaaS suppliers based in the US (and/or SaaS suppliers using a data centre located in the US) who are “safe harbor” registered must be recognised as having an “adequate” level of data protection. The ITA rejected the view that EU data protection authorities can unilaterally refuse to recognise safe harbor certification as a valid means of demonstrating that a SaaS supplier based in the US (and/or SaaS suppliers using a data centre located in the US) has an adequate level of data protection.Continue reading
SLA is the common abbreviation used for a service level agreement. When providing SaaS services to customers you need to include a SLA in your SaaS agreement, either as part of the main terms of your SaaS agreement or in a specific SLA schedule. A SLA should set out the following support and maintenance services that you will provide to customers to ensure that the SaaS software is made properly available to them.Continue reading
SaaS suppliers who use US public cloud providers to store, process or host their SaaS customer’s data as part of their SaaS services may now experience customers raising concerns about the risk of disclosure to, and monitoring of, their data by the US government under the Foreign Intelligence Amendments Act (FISA).Continue reading
If your are a SaaS supplier or SaaS customer you should be aware of the provisions of the Bribery Act when negotiating the terms of a SaaS agreement. The Bribery Act 2010 (“Act”) has been in force since July 2011. It aims to distinguish between hospitality (which is permitted) and bribes which are illegal. A breach of the Act can result in an unlimited fine and a maximum prison sentence of 10 years.Continue reading
SaaS Customers are increasingly raising questions about the security provisions that SaaS suppliers include in their SaaS agreements and insisting on including onerous rights of audit to monitor and check compliance. Under the UK’s Data Protection Act (DPA) SaaS customers (data controllers) are required to take appropriate technical and organisational measures to prevent the:
unauthorised or unlawful processing of personal data; and
accidental loss, destruction or damage to personal data.
In order to comply with these duties and avoid substantial fines SaaS customers need to ensure that SaaS suppliers have adequate security measures in place to prevent data protection breaches from occurring.Continue reading
SaaS is the abbreviation for “software as a service”. You may know this under another name, for example ASP services (application service provider), software on demand or software subscription. These names all refer to the same thing – software being made available via the Internet to users.
What is a SaaS Agreement?
A SaaS agreement is simply the name used for the agreement between a SaaS supplier and a SaaS customer which sets out the terms under which SaaS software may be accessed. This will usually include a service level agreement (SLA).Continue reading
Increasingly SaaS customers are asking for detailed exit provisions to be included in the terms of SaaS agreements. Such requests usually cover the return of data, the provision of transition assistance and non-solicitation clauses. If such terms are not already included in your SaaS agreement it is advisable to add these in order to protect your interests upon termination of the customer relationship.Continue reading
Most SaaS suppliers use distributors to enable them to sell their software and services to customers who would not otherwise purchase the SaaS software, due to the Supplier’s:
– lack of physical presence in the customer’s country
– lack of sales channels of contacts in the reseller’s country
The following legal issues should be included in any ASP or SaaS agreement, whether you are a SaaS supplier or a SaaS customer.Continue reading
Customers thinking of purchasing software delivered via the Internet (SAAS) are often unaware of what terms should be included. Jargon in the SLA can seem like a foreign language. Customers often tend to simply accept the SLA provided by the supplier, rather than struggle to understand it.Continue reading