Contracts are a necessary part of the business process, albeit sometimes a necessary evil. When done right, however, all parties are happy. But if done wrong, they can be costly.
For example, bad contracts can lead to litigation, and with litigation comes diverted resources and focus. Put another way, bad contracts can become more costly while reducing productivity.
To help you avoid being surprised by a contract’s terms, we’ll share how to read and review a SaaS agreement here—from understanding your company’s needs to ensuring that an agreement’s terms and conditions meet those needs. But first, let’s define what precisely is a SaaS agreement.
A SaaS agreement, or SaaS license, is a service agreement that defines the terms and conditions of a software delivery model. And in a typical SaaS model, end-users access the software and data through the internet from its vendor on a subscription basis, of course.
Unlike SaaS agreements, companies physically install software and sometimes hardware under software license agreements. Also, with license agreements, vendors grant customers rights to copy and use the software, mainly to protect a vendor’s interests like copyrights, patents, and intellectual property rights.
But with a SaaS agreement, the subscriber receives a service without installing anything anywhere. In other words, a SaaS provider only permits a customer to use the software.
SaaS agreements establish the vendor and customer relationship in writing so both parties know what to expect from each other. Should either party forget, or if new people become a part of one of the parties, they can reference this record for clarity. You and the SaaS vendor should get what you want out of your new relationship in either case.
SaaS agreements vary based on industry, product, and service. Moreover, specific clauses can adjust a contract to a customer’s unique needs. But most SaaS service agreements will share similar terms and conditions due to vendors delivering them via a cloud service. Here is a list of those terms and conditions and what questions to ask.
#1. Access rights and users:
- What defines a user?
- How many users get access?
#2. Customer service and support:
- How will the vendor provide support services?
- How quickly will they respond?
- Are there any other guarantees?
#3. Data ownership:
- Who owns the rights to the data entered into the platform or service? (Ideally, this should be the customer.)
#4. Data security:
- Who is responsible for encryption?
- How often is data backed up?
- What other protections does the vendor offer?
- How secure and private are confidential information and personal data?
- What happens to the data in the case of a security breach, bankruptcy, or service use termination?
- Where is the data stored?
#5. License scope:
- Are any rights to the SaaS application transferrable? (Not typical for SaaS agreements.)
- If so, what are they?
#6. Limitation of liability and disclaimer of warranties:
- For what damages are the vendor liable, especially when it comes to downtime, loss of data, and functionality?
- What warranties do they offer?
#7. Performance objectives:
- What can you expect from the vendor in terms of guarantees and results?
- What does the vendor not promise?
- What does the vendor charge for service at monthly, quarterly, or yearly intervals?
- What is the minimum performance standard stated in the vendor’s service agreement?
- What are the vendor’s consequences should they not meet the agreed-upon standard?
#10. Subscription plan and model:
- What does the vendor’s subscription plan include?
- How will they deliver service?
#11. Term(s), termination, and renewal clauses:
- When does service begin (effective date)?
- When does service end?
- What are the renewal terms?
- How much advance notice does the vendor need for cancellation before renewal?
While you can potentially negotiate for every clause in a SaaS agreement, CSO Magazine recommends “5 best practices for negotiating SaaS contracts for risk and security.” Here’s our summary of these practices.
1. Create a master list of risks relevant to your organization: Consider how your company will use the service. For instance, will you use it internally or externally? Also, will your customer data reside on the vendor’s platform? And if so, do they have all relevant security and privacy policies in place to protect the data?
2. Communicate what’s non-negotiable to stakeholders: Do you know who the stakeholders are? If so, do you know if they’ve been involved or considered from the start of negotiations? What are the non-negotiable security items?
Possible stakeholders can include:
- Approvers, like customer success, product teams, or finance leadership
- Authorized signatories
- Legal counsel or law firm
- Sales managers and account executives
- Sales operations managers
3. Negotiate additional protections: Vendors might only offer certain protections based on their physical and non-physical limitations, but you could still negotiate on the insurances and which cybersecurity events they’ll cover.
4. Insist on early breach notification: When it comes to regulations like the General Data Protection Regulation (GDPR) and Payment Card Industry (PCI), notifying customers within a specific timeframe of a security incident is a must. So negotiate with the vendor to include provisions for breach notifications.
5. Pay special attention to contract termination conditions: Ensure your rights to reclaim your data. Will you need a transition support clause granting you extra time to move to another service provider? If so, include it. Also, ensure the SaaS vendor deletes all of your customer’s data from their infrastructure.
To protect your company, its interests, and its customers’ data, you should always use a SaaS agreement when procuring a software service. Any reputable SaaS vendor will require one, provide clear terms and conditions for you to review. After all, the agreement protects their interests, too.
Stay on top of your contracts, never miss a renewal, set up an approval process that works, and keep spending under control with Blissfully Vendor Management.
- Automatically detect invoices across the company to help identify duplicate spend and shadow IT.
- Upload contracts and documents and record key metadata in one platform for easier access.
- Track all your opt-out and renewal dates in one place with the Renewal calendar.
- Extract and maintain up-to-date metadata on all of your vendor agreements through the Contract Concierge service.
To learn more about how Blissfully can help you manage your SaaS agreements, request a demo.
Further reading: “What Is A SaaS License? What You Need To Know In 2021.”