Software as a service (SaaS) contracts

• Home
• Technology law
• This insight

In a world increasingly reliant on technology it is important that the promoters of new business models understand some of the legal issues that their new business models present.  In recent years, the development and reliance on software has spawned a new category of business model – software as a service (SaaS).  The SaaS contract usually differs from a software licence because the end user is not making a copy of the software but is obtaining a right to access it as a service.  This article discusses some of the legal issues that need to be considered by those commercialising a SaaS business model.

What is a SaaS contract?

A SaaS contract is a contract that governs the right to access and use a SaaS application (Application) provided to a subscriber (Subscriber) for (generally) a defined period of time.  In turn for the right to access and use the Application, the Subscriber will generally pay a fee, usually a recurring fee (such as monthly or annually), but may also include lump sum payments (such as initial fees).  As each SaaS Application is different, there is not a “one size fits all approach” that can be taken to drafting a SaaS contract.

Background to a SaaS contract

Before a business commercialises a SaaS Application, it is important that the business has an effective SaaS contract in place.  While the terms of the SaaS contract will set out the basis on which the Subscriber may use the Application, it also provides the business with security to protect itself in the event that a party (including third parties) suffers damage or loss as a result of using the Application.

Below we discuss a number of considerations for businesses and drafters of SaaS contracts.

Business model

What is the business model that the SaaS contract is based on? The key elements to consider here are:

• What is the service that the SaaS Application provides to the Subscribers?
• How will Subscribers be charged to access the Application?
• Who owns the intellectual property in the Application – the business or another person or company?
• Is there anything else that goes with the Application which would require a right to reproduce (Licence)?
• Where does the SaaS Application fit into the business’ product offering – does it have a number of product offerings, or will the Application be the only product the business sells?
• Will the Business use third party providers to assist in delivering the Application – such as tech support and data hosting?

Given the wide scope of requirements for different business models, it is important that the business consider how its business model may affect the terms of its SaaS contract.  As a result, a SaaS contract drafter needs to carefully consider and understand the business model and the terms that are be required to give effect to it.

Is it a consumer contract under the Australian Consumer Law?

In Australia, consumers are granted a layer of protection by the Competition and Consumer Act 2010 (Cth) (CCA) which sets out certain rights and remedies for consumers who are unsatisfied with purchases of goods and services.  It is important for a business to consider whether its sale of the SaaS Application falls under the Australian Consumer Law (being schedule 2 to the CCA).  If any of the following apply, it may be the case that the SaaS Application falls under the CCA:

• the SaaS Application is sold to consumers at a price less than $40,000; or
• the SaaS Application is an application usually acquired by consumers for personal, domestic or household use or consumption.

If it is the case that the Australian Consumer Law applies, the business must be aware of the warranties and guarantees that it is required to provide to Subscribers.  These include:

• the Application is of acceptable quality;
• the Application matches any description provided by the business;
• the Application is fit for the purpose it was advertised; and
• the maker of the Application complies with any express warranties made about the Application (such as warranties relating to the quality, condition, performance or characteristics of the Application).

Jurisdiction and choice of law

As it is common for SaaS Applications to be used globally, it is important for a SaaS contract to set out the laws that apply when interpreting the contract in the event of any dispute.  While it may seem inevitable to elect Australia, the laws of Australia can be more (or less) favourable, depending on the business model being pursued.  In a lot of cases, the choice of law can be an important and complex issue which requires some thought and consideration.  It is usually not as simple as agreeing that the law of the United States applies to the contract when your entire business is located in Sydney.

Third party access to the Application

It is common for a SaaS Application to provide that Subscribers may allow third parties users (Third Party Users)(such as their customers) to access their version of the Application.  If it is intended that the SaaS Application creates a subdomain for each Subscriber which is then accessed by Third Party Users, then the right to grant and revoke access, needs to be addressed in the SaaS contract.  In this instance the roles of the parties and the rights and responsibilities of each need to be considered.

Data

It is common for a SaaS Application to allow Subscribers to upload data (Data) in order to utilise and gain the full benefit of the Application.  Who owns the Data uploaded to the Application, the nature of the Data and how it is uploaded to the Application are important considerations.  Whether the Data is for the Subscribers own use of for the use of Third Party Users is also important and gives rise to different legal considerations.

User generated content (UGC)

If Subscribers are able to create user generated content (UGC) for Third Party Users, then the ownership of the intellectual property in the UCG needs to be considered.  The owner of the Application needs to be able to remove this content promptly because of the potential liability as the publisher under Australian law. If the UGC is for the use of Third Party Users, then the agreement must incorporate some sort of licence.  For a further discussion on this issue see “ACCC Guidance for online user reviews” by Dundas Lawyers.

Ownership of underlying intellectual property

It’s rare nowadays that a Subscriber obtains any rights in the Application other than a right to access it.  However, it important that the chain of title to the intellectual property in the Application is confirmed prior to entering a SaaS contract to avoid a situation where the Subscriber is breaching a third party’s intellectual property rights at the outset.  Put another way, does the business promoting the Application actually own it?

What are the major clauses to include in a SaaS contract?

Because each Application is unique, SaaS licenses can be extremely diverse and it can be somewhat challenging to provide a complete nomenclature of the major clauses to be considered.  That said, common clauses may be grouped into the following areas:

Contract formation

• Conditions precedent – is there anything which has to be done before the contract can commence?
• Agreement – how does the Subscriber agree to the terms of the contract?
• Dependent software – is there any software that the Subscriber must have installed in order to access and use the Application?
• Parties – who are the parties to the agreement?
• Trial period – is a free trial available, if so, how long is it for?
• Prevalence of documents – is it possible that the subscribers could sign a physical document that supersedes a contract formed online?
• Commencement – when does the right to access the application commence?

Consideration – who pays how much and what do they get for their money?

• Subscription fee – how much to Subscribers have to pay and at what intervals?
• How many Third Party Users is the Subscriber is permitted to have, or is the Subscriber the Third Party User?
• Term – how long does the right to access the Application go for?
• What is the name of the Application to be accessed?
• Where can the Application be accessed from?
• How does the Subscriber pay the provider?
• Over what intervals does the Subscriber have to pay?
• Renewal – how is the agreement renewed?

Subject matter of the contract

• What is it that Subscribers obtain access to?
• Is user generated content involved? If so is it provided for the Subscribers own use or the use of third parties?
• Who owns the Data and content that is uploaded to the Application?
• Does the operator of the Application have a right to remove user generated content?

Requirements for accessing the Application

• System requirements – is there any unique hardware or software that is required to access and the Application?
• Bandwidth – is there any minimum requirements? (clearly more is always better)…
• Device requirements – are there any minimum requirements or excluded devices?
• Who will downtime and scheduled maintenance of the Application be managed?
• How will accounts access credentials be managed?
• Privacy obligations – how will you collect and manage personal information?

Threshold – Is your business is above the $3M revenue threshold then you’ll have to comply with the provisions of the Privacy Act 1988(Cth) – if your business isn’t then what about your customer’s businesses?  Could your actions cause your customers to breach the Australian Privacy Principles?

Read more about your businesses obligations under the Privacy Act 1988 (Cth).

Dependent contracts

If the access to the software is dependent on the service levels provided by the Microsoft Azzure Platform or Amazon’s AWS platform, then the service levels embodied in those contracts need to be incorporated into the SaaS contract.

Express prohibitions of use of the SaaS Application

New business models give rise to new mischief and subsequently the question “what sort of things should subscribers be expressly prohibited from doing?”

• Should they be expressly prohibited against reverse engineering the Application?
• Should users be prohibited from publishing defamatory or offensive material?
• What about infringing third party copyright?
• Using the services to spam end users?

It’s usual to consider incorporating a whole range of express prohibitions depending on the nature of the business model.

Warranties

What warranties should you consider obtaining from each of the parties to the SaaS Contract?

• Warranties to be provided by the business in regard to the Application; and.
• Warranties to be obtained from the Subscriber and end users.

Termination

The issue of termination, the circumstances where a party has the right to terminate in addition to the implications of termination all need to be considered.

• What actions give rise to a right to terminate?
• What is the effect of termination?
• Can customers transition out their Data?
• Will any clauses of the agreement survive termination?

In the case of termination care needs to be taken to ensure that the provisions are actually enforceable and not a penalty.

General provisions

General provisions are those clauses which a lawyer usually drafts to give legal effect to the contract.  These are usually provided towards the end of the SaaS contract and won’t make much sense to anyone other than a lawyer.

Ownership of Data

What are the obligations in relation to Data uploaded by Subscribers and End Users? Data management and security play a more important role in SaaS contracts than in most software licenses.  The nature of this Data including whether it contains personal information will need to be considered in the SaaS contract.

Takeaways

The terms of SaaS contracts need to be considered carefully in light of what the Application does, the laws that may apply and the business model adopted.  SaaS contracts are certainly not something that is suitable for a one size fits all approach, and must be considered on an individual basis.

Links and further references

Legislation

Competition and Consumer Act 2010 (Cth)
Corporations Act 2001 (Cth)
Copyright Act 1968 (Cth)
Privacy Act 1988 (Cth)

Need a Technology Lawyer to draft a SaaS Contract?

If you need assistance with drafting SaaS contract, please telephone me for an obligation free and confidential discussion.

Disclaimer

This article contains general commentary only.  You should not rely on the commentary as legal advice.  Specific legal advice should be obtained to ascertain how the law applies to your particular circumstances.

---

Related insights about SaaS contracts and technology law