With the advent of cloud computing whether we like it or not the majority of our information will be stored in the cloud. The software industry has shifted rapidly over the last few years with Software as a Service (SaaS) now being the preferred option for customers when upgrading their enterprise systems. According to IDC, SaaS will remain the dominant computing type worldwide with the use of public cloud services set to grow at a 19.4% annual rate over the next five years (from nearly US$70 billion in 2015 to more than US$141 billion in 2019). So what are the important issues you need to look out for when reviewing or drafting SaaS Agreements?
A clearly defined Scope – Support Agreement not a Licence
The main area to consider in your SaaS Agreement is what rights are you granting and what services you are providing the customer? Many SaaS Agreements make reference to the granting of a licence or delivery of software to a customer, however this should be avoided as it creates confusion and uncertainty. The SaaS Agreement needs to focus on granting the customer access to the service provided by the SaaS Provider on a hosted basis only. Another consideration is how will this service be accessed by the customer? For instance, by a paid subscription, online account or profile or does the customer need to meet specific technical requirements or customisation? Will the SaaS provider provide support and maintenance? Are there Service Levels and will the customer retain ownership of its data? A well structured SaaS Agreement will (a) include a detailed description of the services being provided, (b) how they will be provided, (c) how the services will be paid for, (d) what standards the SaaS provider will meet including service level commitments, and (e) the consequences of not meeting these obligations.
Service Levels
This aspect of the SaaS Agreement needs to be drafted with care as the Service Levels set the customer’s expectations regarding the time the service is available (uptime) and if there is any downtime how is this defined. For instance, are scheduled maintenance and system upgrades considered “downtime”? If there is any downtime, then how quickly will the SaaS provider respond once they are notified of a problem which may depend on the severity of the problem (a severity level 4 will receive a faster response time than a severity level 1). Does the customer have a remedy if the response time is not met? Generally, the SaaS provider will offer a service credit against further payments or prorated refund based on the amount of time the service is unavailable. From a SaaS provider point of view, it is very important if you offer a service credit or rebate that this is the sole and exclusive remedy for a failure to meet the Service Levels.
Limitation of Liability and Indemnities
As a SaaS provider the limitation of liability clause is one of the most important (other than getting paid) as it will limit the kinds of damages customers can seek against you and in what amount. A well drafted SaaS agreement will limit damages to the amount the customer pays under the agreement per annum and carve out liability for indirect damages such as consequential loss. A sensible indemnity should limit claims to intellectual property infringement and the usual carve-out for claims arising for modifications made by customers or use of the service other than in accordance with the agreement.
Data Management & Security
Another big consideration with SaaS Agreements is data management and where the data is being hosted. Many SaaS providers use overseas data warehouses with companies such as Amazon to store customer data. This could create problems in the event of a security breach and it is pertinent to ask your Saas provider whether they have back to back warranties and indemnify you and your customers in the event of a data breach. Some SaaS Agreements will also limit the SaaS providers’ liability to the fees paid per annum under the SaaS Agreement which would not provide adequate compensation in the event of a data breach. To minimise this risk you may want to consider a SaaS provider that offers to secure your data in Australia.
Bayard Lawyers’ SaaS Agreement is one of the most widely used by our clients.
To download a SAAS Agreement please visit Software As A Service (SAAS) Agreement or pre-book some time to speak with one of our Technology Law experts.