Don't SaaS Me: Key Areas of Negotiation in Software as a Service Agreements
Today, most businesses use some form of software platform or other similar technology, whether as part of their core product or service offerings or internal operations or processes.
March 14, 2019 at 10:15 AM
5 minute read
Today, most businesses use some form of software platform or other similar technology, whether as part of their core product or service offerings or internal operations or processes. While the term “software” may to some imply the traditional program and operating information that one downloads onto a computer or a network, software as a service, also known as “SaaS,” has become an increasingly popular method of software delivery for technology providers and their customers. Under a typical SaaS arrangement, the provider remotely hosts and manages software applications which are made available to customers over the internet or a private network.
To many businesses, this difference between “traditional” software and SaaS is virtually (pun intended) seamless, at least at first glance. But the use of a SaaS platform over a traditional software model inserts several new layers of risk about which SaaS providers and their customers should be aware. The parties to a SaaS transaction can attempt to mitigate these issues and risks by virtue of the agreement between them regarding delivery of the SaaS. In some cases, the terms upon which a SaaS provider delivers its services are set forth in a “click-through” document to which a user agrees prior to accessing the technology. In these cases, and unless the customer has some leverage, there is typically little to no negotiation regarding the terms, which are often one-sided in favor of the provider. In other cases, however, such as those involving narrowly tailored, enterprisewide, or otherwise more complex platforms, the bargaining power between the parties is typically more even handed, and the terms upon which a SaaS provider delivers its services are often set forth in a separate SaaS agreement or something similar. Here, certain key areas of the SaaS terms can and should often be heavily negotiated. Some of these issues are described below.
- Technical Specifications. While important for any product or service offering, technical specifications in the context of SaaS are often cast by the wayside. But defining appropriate technical specifications is crucial for establishing expectations between the parties and avoiding disputes down the road. This is especially true where the SaaS will be customized to the customer's business or processes. So, the SaaS agreement should contain technical specifications that adequately (and specifically) describe the expected functionalities of the SaaS. In most instances, the technical specifications provide the measure against which performance by the SaaS will be measured, whether by virtue of the acceptance testing process (if any), or predefined warranties or service levels.
- Warranties and Service Levels. The extent of negotiations with regard to warranties and service levels is almost always a function of how critical the SaaS is to a particular customer's business operations. Essentially, if unavailability of the SaaS means significant impediment to the effective or efficient operation of a customer's business or internal processes, then the customer would likely (and reasonably) demand warranties and service level guarantees more robust than would a customer which would not be similarly affected. In either case, however, the SaaS agreement can and should address how the parties will handle unavailability or otherwise “bad” service.
- Ownership and Protection of Data. Because SaaS providers will remotely host and make the SaaS available over the internet or a private network, customer data might also be hosted remotely and transferred over the internet or across a private network. Ownership of data, including customer data, any data derived from customer data, and any data otherwise produced by the SaaS, should always be clearly defined. And depending on the sensitivity of customer data, it might also be appropriate to address storage, transmission, restrictions on access and other security requirements.
- Data Conversion and Transition. If customer data will be imported into the SaaS, the parties will need to consider whether customer data from legacy systems can be directly imported. If it cannot, then the SaaS agreement should address data conversion, including each party's responsibility for associated costs. The agreement might also address the provider's obligations (if any) on termination with respect to data, such as the obligation to return or destroy it. Where data must be returned, the agreement should also specify the format in which it will be provided.
- Indemnity and Limitation on Liability. Indemnities and limitations on liability are relevant for purposes of any significant commercial transaction, and the same is true in the context of a SaaS. Here, the most often covered issues include intellectual property infringement and, if the SaaS provider will host or otherwise store customer data that is confidential or proprietary, security breaches. Regardless of the scope of each party's indemnification obligations, these provisions can and should be read together with the agreement's limitation on liability provisions, which serve to limit one or both party's total liability under the agreement.
Of course, the above list is nonexhaustive, and it is important to remember that each situation is different and will require its own, unique approach. In any event, when providing or procuring SaaS services, all business owners should be sure to consider the above-listed issues, among others. Without doing so, a party to a SaaS transaction could find itself locked into a unfavorable arrangement or, in the worst case scenario, subject to an unreasonable degree of risk or liability.
Stephanie Quiñones is a member of Gunster's corporate and technology & entrepreneurial companies practice group. She regularly counsels entrepreneurs and in-house counsel with business, technology, IP licensing, internet/social media and privacy issues. Contact her at [email protected].
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllNavigating Claims Under the Florida Telephone Solicitation Act and Florida Telemarketing Act
4 minute readSecond Circuit Ruling Expands VPPA Scope: What Organizations Need to Know
6 minute readTrending Stories
- 1Legal Speak at General Counsel Conference East 2024: Virginia Griffith, Director of Business Development at OutsideGC
- 2Legal Speak at General Counsel Conference East 2024: Bill Tanenbaum, Partner & Chair, AI & Data Law Practice Group at Moses Singer
- 3Morgan & Morgan Looks to Grow Into Complex Litigation While Still Keeping its Billboards Up
- 4Thursday Newspaper
- 5Public Notices/Calendars
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250