What you need to know before you start negotiating a SaaS contract?
What industry is the SaaS being applied in and what is the use case? Based on these factors, the use of the SaaS may be subject to additional legal and regulatory requirements that will need to be addressed in the contract.
A few examples:
– a SaaS contract for software that sends automated emails will bump up against anti-spamming legislation
– if the SaaS provides reports on investments, you may need to consider securities regulations
– does your SaaS application process medical information or health information? HIPAA, PHIPA, and other health-related laws may dictate how the data may be used and transferred
– SaaS applications that involve banking and financial data may be subject to OSFI regulations in Canada and other similar regulations in other jurisdictions
– and of course, any SaaS application that handles personal information (which is most SaaS these days) will be subject to a myriad number of privacy laws.
As the SaaS customer or a supplier of specialized SaaS, you’re likely well aware of these additional legal requirements. But if you supply SaaS that is pretty generic, you may come across some of these special requirements depending on your customer’s use case and industry.