Software as a Service (SaaS) can be a highly cost-effective and valuable solution for businesses of all sizes. However, SaaS suppliers often draft contracts that heavily favour themselves, which could leave your business exposed to big risks.
You should carefully review and (where you can) seek to negotiate a SaaS contract before you enter it, to ensure the terms are workable and suited to your operational needs practically - particularly for business-critical software.
In this guide, we’ll explore some of the key terms and considerations your business should address when negotiating a SaaS contract, to help you avoid common pitfalls and reduce risk.
If you need support with a SaaS contract or other type of commercial contract, our experienced IT & Commercial Technology solicitors are here to help.
Here we’ll be covering:
What sets SaaS contracts apart?
SaaS contracts are unique, as while they concern software, they are service agreements that address a range of key terms and can involve various risks.
SaaS products often follow a ‘one-to-many’ model, meaning suppliers provide a standardised software product to multiple businesses via shared infrastructure. As such, suppliers usually push for contracts to be on their own standard terms with little room for movement. Your business must evaluate whether this model works for you or if you need a more bespoke solution.
How to approach SaaS contract reviews and negotiations?
In a SaaS set-up, who the supplier is usually determines your ability to negotiate, but it’s important to understand that many SaaS agreements (especially from large suppliers) are provided on a ‘take it or leave it’ basis. Additionally, there are likely to also be onerous terms which favour the supplier such as aggressive limitation of liability provisions and caps. Smaller suppliers may offer more flexibility than larger ones (e.g. tech giants such as AWS or Microsoft) who will rarely alter their standard contracts.
When comparing software suppliers or conducting a tender process, you or your solicitor should review each supplier’s standard terms to inform your selection. If you have concerns about a supplier’s terms, identify the key issues and assess their willingness to negotiate.
Before entering a contract, you should also take steps to evaluate the supplier’s financial stability and preparedness for any service disruptions. Further, carefully assess your business’s reliance on the software and the contingencies you’ll need in place to address downtime or outages – especially for critical business functions.
Critical considerations in SaaS contract negotiations?
There are several key issues to consider when reviewing a SaaS contract, including the following:
Permitted usage
SaaS contracts often restrict how your business can use the software. You must make sure that these restrictions meet both your current and future needs.
Key areas to review include:
- Business identity: Usage provisions in a SaaS contract may limit access to the contracting company, which could create issues if your business is part of a group or collaborates with third parties. You can often address this in the contract e.g. by negotiating sub-licensing rights.
- Machines and users: The contract may restrict the number or identity of machines, users, or concurrent users.
- Location limits: Geographical limits on software use might affect businesses with remote or overseas workers.
- Processing volume: If your business grows, exceeding processing limits might trigger penalties.
Ignoring permitted use restrictions can result in serious consequences. The software supplier could claim damages, seek an injunction to stop your use or terminate the contract for breaching the software licence. As such, make sure you review these provisions carefully. Note that SaaS suppliers might also include clauses allowing them to audit your software usage to ensure compliance with any licensing limits. You’ll need to ensure these audits are reasonable, with enough advance notice and safeguards to protect your business operations.
Price clarity
Transparency in pricing is critical to avoid unexpected or hidden costs – as SaaS set ups often include multiple costs. Your contract should clearly lay out the charges, including limits on users, data storage, configuration costs, and transition services. Confirm whether prices are fixed or adjustable, and ensure any increases are controlled or agreed upon in advance.
Term and termination
SaaS suppliers often offer discounts for longer terms. But you’ll need to think carefully about how long you want to be tied in and balance cost savings against flexibility, as long-term contracts may not suit your changing needs. As such, check that there is a clear termination clause that allows early exit with notice to mitigate this risk.
Understand if, when, and how you can terminate the contract, including any financial penalties. You should also check if the supplier will help facilitate a smooth exit, including data access and transitions. Be wary to avoid contracts that effectively lock you in.
Infrastructure agreements
SaaS contracts often require you to purchase additional equipment, so seek to negotiate a minimum infrastructure specification that the supplier guarantees as suitable.
Service levels and service credits
It’s important to check that the contract includes measurable commitments for availability, response times, and helpdesk support. Note that these will often be non-negotiable, so they should be checked thoroughly. Service credits can help ensure financial accountability for service level failures but avoid agreeing to credits as your sole remedy e.g. also negotiate the right to terminate or claim damages for serious failures.
Also be aware that SaaS suppliers may reserve the right to update or modify their software to add features, fix bugs etc. While such changes may improve the service, they can also lead to disruptions or a loss of functionality critical to your operations. To mitigate this risk, check if there are provisions ensuring that any changes are communicated in advance what impact they’d have. This is particularly important if the software supports your business-critical functions.
Disaster recovery
Review the supplier’s contingency plans for unexpected events, including disaster recovery strategies. Make sure these plans address potential service outages and set out their practical solutions to minimise disruption to your operations.
Protect your IP
Many SaaS suppliers will agree to indemnify you against claims of intellectual property (IP) infringement. However, not all offer such indemnities, so you should confirm this when reviewing the contract. For international SaaS arrangements, you should ensure the indemnity covers all jurisdictions where the software is going to be used.
Data protection
Where the supplier will process your personal data, make sure the terms include UK GDPR-compliant provisions, along with an indemnity protecting your business from breaches by of data protection laws by the supplier. Also make sure you check the contract specifies how your data will be returned when the agreement ends.When you’re dealing with international suppliers, it’s extremely important to make sure the appropriate wording for English law compliance purposes is covered.
Protecting your business in SaaS deals
In addition to reviewing the contractual terms, your business should conduct due diligence before signing a SaaS contract, including looking at the following issues:
- Data protection and recovery plans: Verify the supplier’s data protection and recovery measures, including their approach to lost or corrupted data and the frequency and method of backups. Assess what internal steps your business can take to bridge gaps between backups.
- Legal compliance: Confirm the contract complies with domestic and where necessary any international legal requirements, including UK GDPR and other data protection laws.
- Disaster recovery plans: Ensure the supplier has a robust disaster recovery plan. Your technical team should review it to confirm it meets your business needs.
- Data centres: Confirm where data centres are located. If they are outside the UK, ensure data transfers comply with UK GDPR.
- Software Escrow: Check if the supplier has software escrow arrangements in place, so you can access the source code in specific circumstances e.g. on the supplier’s insolvency (though this would typically be for more bespoke SaaS solutions).
- Network security: Evaluate the supplier’s network security credentials and if they comply with any recognised security standards, such as ISO 27001 or SOC 2. These certifications demonstrate their commitment to maintaining secure systems and protecting your data.
Testing and ownership
Where you are transitioning business critical systems it’s vital to use a test environment, allowing you to verify the interoperability of the service with your other APIs. Early testing can help you identify and resolve compatibility issues,
Your business should also consider appointing an internal Contract Owner to manage the SaaS agreement, to oversee the relationship with the supplier, monitor performance, and address any issues. Without a clear point of contact, your business may struggle to resolve problems promptly or ensure the contract terms are fully implemented.
Investing in SaaS
Carefully reviewing and negotiating your SaaS contracts will help your business mitigate risks, push for robust protections, and ensure the software aligns with long-term goals. It is vital that your agreements address key terms such as service levels, termination rights, and UK GDPR compliance.
SaaS agreements can be a big investment and business critical - legal advice can offer you vital support to understand the risks and negotiate terms that protect you. If you need support with SaaS negotiations, contact our team for help.
