Today’s #SaaS applications are complex beasts and involve complex issues that need to be carefully unraveled.
One aspect that I’ve been dealing with increasingly is third party #software (TPS). A SaaS application may need software from a third party to provide the range of functionality it promises. This could be open-source software or other proprietary software it licenses or partners with to provide the holistic solution.
The SaaS application can (i) embed the TPS in its software (ii) integrate with the TPS through external APIs or similar mechanisms. or simp;y provide a customer a link to the TPS.
So as the lawyer, why do you care? Because what TPS is being provided and how it is provided is important to understand who will be responsible if the SaaS application fails because of a problem with the TPS.
The SaaS supplier ideally wants the customer to hold the provider of the TPS responsible. The customer ideally wants to have one neck to wring (the supplier’s) if something goes wrong. Add to that the high risk personal data and financial transactions can bring to the engagement.
The key is to ask as many questions as you need to understand what’s happening under the hood to get a full appreciation of the risk allocation in your SaaS contract.