This blog post will elaborate on some important legal issues to consider when negotiating a SaaS agreement or contract whether you are the provider or vendor or company seeking to contract with the SaaS services company. As a SaaS software attorney, Andrew S. Bosin, Esq. represents SaaS vendors, providers, companies, startups, suppliers, and entrepreneurs offering software and services delivered over the Internet through web based solutions in the United States, US, New Jersey, New York, New York City, Brooklyn, Connecticut, Dallas, Austin, Texas, Chicago, Illinois, Los Angeles, San Diego, California, Ohio, Provo, Salt Lake City, Utah, Miami, Florida Washington, DC, Atlanta, Charlotte, Idaho, Alaska, San Antonio, Indianapolis, Columbus, Cleveland, Pittsburgh, Pennsylvania, Toronto, Canada, UK, Europe, Amsterdam, London, Ireland, Paris, Madrid, Barcelona, Berlin, Germany, Rome, and India.
Why There Should Be Language in a SaaS Agreement About SaaS Application Availability And An Uptime Commitment Made By The Vendor
I think that most SaaS vendors would agree with the statement that their customers should have a reasonable expectation that the SaaS services or application be available and able to use as if the SaaS services were placed in the customer’s networking system maintained on the customer’s own premises. If a SaaS application is not working or is unavailable, the damages caused to the customer’s business could be catastrophic especially if the SaaS Application is critical.
That’s why it important that the SaaS Provider contractually agree to make the SaaS Services/Application available and accessible to use at least 99.5% of the time all day every day of the year. The part of the SaaS agreement that this commitment is made is called the Service Level Agreement or SLA.
It is also common for SaaS vendors to give monetary credits to the customer for failing to achieve a certain up time or availability. For example for each 1% up time or non-availability the customer could receive a 1% credit back on the contract amount.
Should the SaaS Provider Have Any Financial Liability for a Data Breach?
Given that almost every function we perform on our cell phones from Gmail to Facebook is a SaaS Application why do so many SaaS customers fear the thought of giving over control of their company’s data (sometimes confidential) to an off-site SaaS provider or in reality a third party service contracted by the provider to perform hosting and serving functions for it? Despite the state of technology and that fact that there is widespread use of robust security, intrusion detection systems and encryption to name a few there is not a week that goes by that a large data security breach is not reported. Because SaaS Vendors and Providers by their very nature are in the business of protecting other company’s confidential data and information and must do a good job of it or else a better more equipped competitor will crop up some say that SaaS providers sit in a better position to protect customer’s data that the customer.
The big legal term that SaaS Providers fear and you can expect huge pushback in contract negotiations is if you say the words, “consequential damages. “What are consequential damages? These are damages that could be predicted or anticipated as a result of a breach of contract. Most would agree that if a customer’s data is compromised and this breach caused them to suffer lost profits that this is a foreseeable damage flowing from the breach. Unfortunately, for SaaS Providers this type of damages could well exceed the monetary amount paid by the Customer for the Services in the Agreement and could cause the SaaS Provider to go out of business.
Despite the catastrophic consequences a data breach might cause a SaaS Provider in the pocket book, SaaS customers in all likelihood will attempt to hold SaaS vendors fully liable and responsible for any data loss, damages, intrusion, or unintended breach or disclosure.
Most SaaS vendors will not agree to any clauses in the SaaS Agreement where they are responsible to accept consequential damages liability. This is because all it takes is one breach of data and a client suffering enormous damages for the SaaS provider to be put out of business. On the flip side, most SaaS customers enter into contracts with their own customers obligating their companies to perform certain services. In how many of these agreements do the SaaS Customers’ obligate their companies to accept consequential damages liability? The answer is probably close to zero.
The best course of action for a SaaS customer to take is to try to convince the SaaS provider to accept liability for direct damages from a data breach for an agreed upon limit amount based on total value of the contract. Hypothetically, if the contract is $20,000 for one year perhaps the SaaS Vendor would agree to cap damages caused to the customer in the amount of 1.5 times the contract.
What is an Application Performance Warranty?
An application performance warranty simply states that the SaaS Vendor will provide the Application conforming to specifications or documentation provided to the customer by the provider. If a situation arises where the application does not meet the published standards provided by the Vendor or there is a defect or problem with the application that cannot be cured by the Vendor then the Vendor should prorate the remaining months on the contract and charge the customer only for the time that the application worked properly.
This article has been written and provided solely for information purposes and is not intended as legal advice. If you would like to discuss any of the issues contained in the article, please call SaaS Lawyer Andrew S. Bosin for a free legal consultation at 201-446-9643.
SaaS Attorney Andrew S. Bosin has a global SaaS law legal practice group and offers sophisticated legal advice and drafts, negotiates and structures all different types of SaaS Agreements and SaaS Contracts. This includes SaaS License Agreements, SaaS Licensing Agreements, SaaS End User License Agreements, Saas Subscription Agreements and SaaS Master Service Agreements. Andrew works with companies both nationwide and in Connecticut and New Jersey.
Please call Andrew for a free legal consultation at 201-446-9643.
www.njbusiness-attorney.com | email@example.com
SaaS Attorney Andrew S. Bosin is located in New Jersey just outside of New York City and has a nationwide Law Firm serving clients in New Jersey, New York, Buffalo, Queens, Manhattan, New York City, Westchester County, Islip, Oyster Bay, Rochester, Utica, New Rochelle, Tonawanda, White Plains, Binghamton, Saratoga Springs, Rockland County, Brooklyn, Long Island, Albany, Syracuse, Suffolk County, Nassau County, Bronx, Staten Island, Allentown, Scranton, Lancaster, Harrisburg, State College, College Station, Boston, Hartford, Providence, Connecticut, Atlanta, Chicago, Washington D.C., Dallas, Florida, Ohio, California, Austin, Texas, Maryland, North Carolina, Massachusetts, Colorado, Utah, Oregon, San Antonio, Austin, San Diego, Los Angeles, Silicon Valley, San Francisco, Houston, Salt Lake City, Toledo, Akron, Dayton, Provo, Portland, San Jose, Miami, Tampa, St. Petersburg, Ft. Lauderdale, West Palm Beach, Broward County, Dade County, Newark, Delaware, College Park, MD, Cook County, Phoenix, Denver, Boulder, Ft. Collins, Nashville, Memphis, Kansas City, Raleigh, Charlotte, Indianapolis, Boise, Eugene, Manchester, Burlington, Philadelphia, Pittsburgh, Pennsylvania, Vermont, Rhode Island, Boca Raton, Arlington, Virginia, Alexandria, Virginia, Reston, McLean, Cambridge, Quincy, Riverside, San Bernadino, Minneapolis, St. Louis, Cleveland, Columbus, Baltimore, Sacramento, Cincinnati, Orlando, Las Vegas, Round Rock, San Marcos, Louisville, Richmond, Tempe, Southbend, Bloomington, Knoxville, Oxford, Tuscon, Long Beach, Ames, Ft. Collins, Lawrence, Blacksburg, Charlottesville, Champaign, Oklahoma City, Birmingham, Salt Lake City, Baltimore, Mobile, Alabama, Utah, Washington, Seattle, Oregon, Portland, Eugene, Sacramento, Pittsburgh, Wake County, King County, Redmond, Kirkland, Bellevue, San Mateo County, Contra Costa County, Cupertino, Los Gatos, Sunnyvale, Mecklenburg County, Jacksonville, Gainesville, Boynton Beach, Orange County, Palo Alto, Harris County, Waco, Columbia, Missouri, Tarrant County, Bucks County, Lehigh County, Bethlehem, Pennsylvania, Burlington, Portland, Maine, Manchester, Concord, Nashua, Cambridge, London, Paris, UK, England, Dublin, Scotland, Edinborough, Amsterdam, Germany, Munich, Berlin, Madrid, EU, European Union, Spain, Austria, Vienna, Canadian, Canada, Toronto, Ontario, Quebec, Montreal, Ottawa, Quebec City, Vancouver, British Columbia, Regina, Edmonton, Alberta, Calgary, Mexico City, Iceland, Stockholm, Helsinki, Oslo, Barcelona, Zurich, Bern, Geneva, Brussels, Copenhagen, Tel Aviv, Herzliya, Haifa, Israel, Turkey, Luxembourg City, Latvia, Riga, Estonia, Denmark, Poland, Warsaw, Lithuania, Budapest, Croatia, Australia, Australian, Sydney, Melbourne, Canberra, Perth, India, Bangalore, Singapore, Tokyo and Hong Kong.