SaaS Contract Negotiation Essentials: Best Practice for Drafting Terms & Conditions (With Checklist)

Last updated: 8 February 2018

Estimated reading time: 6 minutes

Your business will likely need many different commercial contracts to operate smoothly, and given its cost-effectiveness compared to more traditional models, you may acquire and use IT software on a Software as a Service (SaaS) basis. It is important to carefully review and negotiate any SaaS contract you enter into in order to ensure that there are adequate protections for your business, especially if you are transitioning business critical systems.

Here we’ll be covering:

  1. What is a SaaS contract?
  2. Can you negotiate your SaaS contract?
  3. Your SaaS contract: Checklist of key contractual terms
  4. What other protective steps can you take, aside from contract negotiation?

What is a SaaS contract?

The acronym SaaS stands for “Software as a Service”. This usually means the provision of (generally) packaged software, hosted and maintained by a provider, who also supplies initial and ongoing support services. Examples of business systems increasingly being provided on a SaaS model are: HR, payroll, accounting, CRM and email.

The major components of the relevant software often reside on the SaaS provider’s servers (rather than on the customer’s computer) and are accessed by customers through a generic piece of software such as a web browser so that, when the subscription comes to an end, the customer’s ability to use the software (practically as well as legally) also comes to an end.

SaaS is based on a ‘one-to-many’ model, meaning that it is a standard software product, which is accessed by lots of different customers. True SaaS is not tailored for specific customer requirements, although there may well be room for a degree of configuration to suit individual business needs. The more customised the offering however, the more you move away from the ‘one-to-many’ model and its associated cost-benefits.

Can you negotiate your SaaS contract?

Yes, but a customer’s room for negotiation depends heavily on the provider; smaller providers will be much more open to wholesale changes than the larger providers, such as AWS. That said, there may well still be room for negotiation and it is important to discuss your concerns with your provider.

If you are running a competitive tender process, it is advisable to review each provider’s standard contractual terms as part of that process. Present your key contractual concerns and try to gauge how much room for negotiation you have on each issue. Whilst price is clearly a decisive factor in selecting your preferred bidder, it is important to make the decision based on more than just the financials. As many SaaS providers are start-up companies that are not making an immediate commercial return but are keen to obtain market share, deals may initially be priced attractively from the customer’s perspective. Even where you are negotiating with a more established SaaS provider, the existence of other providers willing to undercut prices may influence the level of the charges. However, certain providers will increase prices if you ask for additional contractual protections; they argue that their assumption of greater contractual risk needs to be factored in to their financial models. Therefore, when reviewing bids, consider in the round what contractual assurances are they able to provide you as part of that bid price? Are they offering service levels?  Are they comprehensive? What remedies do you have if something goes wrong?

Your SaaS contract: Checklist of key contractual terms

When considering the key terms and conditions of a potential SaaS contract, you’ll need to look out for certain things, and negotiate them if possible. Consider:

Contractual Provision Things to look out for in your SaaS contract
Price Your SaaS contract should clearly set out the service charges and the basis of calculation, such as limits on the number of users (and the cost of additional users), storage limits and the costs of additional space, if it covers configuration assistance (and if not, how much this would cost), the level of maintenance/support provided and what this includes, and if it includes transition services at termination/expiry (and if not, how much this would cost).

 

Are prices fixed throughout the term of the agreement? If not, how are price increases to be agreed or controlled?

Term SaaS providers normally offer further discounts in order to encourage customers to sign up for longer contract terms. You need to balance the cost drivers against your need for flexibility. Avoid becoming tied to a long-term arrangement which may no longer meet your changing business needs.
Termination A key question is not only if you can terminate and when (and if any financial penalties apply if you do so), but also how easy does the provider make it for you to exit/terminate in practical terms?
One often-overlooked element of SaaS is the risk of lock-in. For example, if you have to back up all of your data on your own servers to ensure that you will have access to it if you seek to terminate, then this would negate much of the cost benefit of SaaS.
Infrastructure SaaS contracts usually specify that the customer is responsible for the purchase of additional equipment. However you should look to agree a minimum infrastructure specification that the provider warrants will be fit for purpose.
Service Levels These provide objective and measurable assessments of key elements of the service. They will not always be included in the providers standard form contract, and if not, you need to ask that they are added in. The adequacy of the service levels depends on the provider and your negotiation skills. You need at least basic commitments on:

 

  • Service availability;
  • System response times; and
  • Service and helpdesk response times.
Service Credits Service credits provide a financial mechanism for you to ensure that your provider meets the service levels.
SaaS providers will often state in their standard terms that service credits are the customer’s only remedy in the event of a service level failure. This should be resisted, and the option to terminate (and sue for damages) for the most serious service failures should be included.Consider also whether it might be more beneficial in terms of incentivising your SaaS provider, to allow for a bonus or uplift in fees in the event of exceptional service, rather than a service credit in the event of sub-standard service.
Intellectual Property It is standard practice for SaaS providers to provide customers with an indemnity in the event that that a third party claims that the use of the SaaS software by the customer infringes the third party’s intellectual property rights (IPR).

 

Where SaaS arrangements are established on an international basis, the IPR indemnity needs to be sufficiently broad to protect you in all jurisdictions in which the software will be used.

Data Protection As we approach the dawn of the GDPR era (the GDPR came into force in the UK on 28 May 2018), it is vital that comprehensive GDPR-compliant data protection provisions are included in your SaaS contract.  These should include an indemnity from the provider in the event of their breach.

What other protective steps can you take, aside from contract negotiation?

Due diligence is key. In addition to checking that the software fits your practical business needs, find out:

  • What steps have been put in place by the provider if something goes wrong. Do they have a disaster recovery plan?  Ensure that your technical team have reviewed it in detail and have confirmed its adequacy.
  • Understand their back-up processes. How frequently does your data get backed up and how does it get backed up? What can you do internally to ‘fill the gap’ between scheduled back-ups?
  • Do they have software escrow arrangements in place?
  • Where are the provider’s data centres located? Is data kept within the EEA?  If not, is it being transferred outside the EEA in a way which is compliant with data protection legislation?
  • How are the provider’s data centres protected? Protection should be in the form of both technological and physical measures. How are their personnel vetted?
  • What network security credentials do they have?
  • Ask for testimonials.

Use a test environment. This is especially important where you are transitioning business critical systems. This also allows you to verify the interoperability of the service with your other APIs.

Contract ownership. Appoint somebody internally as the ‘Contract Owner’, who is responsible day-to-day for managing the relationship with the provider, reviewing performance and ensuring any issues are ironed out. Without this clear point of contact and sense of accountability, issues may not be prioritised as they arise and may escalate. It is the Contract Owner’s role to ensure, throughout the length of the contract term, that you get the most out of your SaaS product.

Access the full article

Please complete this short form to continue reading and gain access to over 275 articles.
  • Your data will only be used by Harper James Solicitors. We will never sell your data and promise to keep it secure. You can find further information in our privacy policy.

  • This field is for validation purposes and should be left unchanged.
  • This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

What next?

For support with any of your legal needs as a business, get in touch with our expert solicitors. We can help with commercial legal advice across a huge range of topics. Fill out the form below or call us on 0800 689 1700.

  • Your data will only be used by Harper James Solicitors. We will never sell your data and promise to keep it secure. You can find further information in our privacy policy.

  • This field is for validation purposes and should be left unchanged.
  • This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

A national law firm

We mainly work remotely, so we can work with you wherever you are. But we can arrange face-to-face meeting at our offices or a location of your choosing.

Our commercial lawyers are based in or close to major cities across the UK, providing expert legal advice to clients both locally and nationally.

Floor 2, Cavendish House, 39-41 Waterloo Street, Birmingham, B2 5PP
Stirling House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9QE
10 Fitzroy Square, London, W1T 5HP
13th Floor, Piccadilly Plaza, Manchester, M1 4BT
Harwell Innovation Centre, 173 Curie Avenue, Harwell, Oxfordshire, OX11 0QG
2-5 Velocity Tower, 1 St Mary’s Square, Sheffield, S1 4LP

Our other locations

Immeuble Danica B, 21, avenue Georges Pompidou, Lyon Cedex 03, Lyon, 69486