Updated November 18, 2020:

A SaaS subscription agreement covers the buyer's rights and limitations to use the SaaS application. They are primarily for use in situations where the parties are signing the documents. Sometimes, the parties may enter a SaaS agreement by agreeing on a service order form, either offline or online. In these situations, the terms and conditions of SaaS documents are more applicable.

What Is in a SaaS Agreement?

SaaS agreements have an obligation for the SaaS provider to make its software or application accessible to the customer through the internet. Buyers are granted the right to use the software, and restrictions can be customized for each client. The SaaS provider may be obligated to provide some support services as well. Furthermore, the provider must make sure the application is compliant with various requirements, such as notice requirements, regarding software maintenance.

The data the customer supplies will remain the property of the customer, and it should be covered under a data-processing clause. The customer data can be specified to be confidential as a whole. In exchange for these services, the customer will:

  • Agree to pay the SaaS provider whatever the applicable charges are.
  • Ensure the customer's data does not create any liability on the side of the service provider.

Limitation of Liability in SaaS Customer Agreements

In SaaS subscription agreements, the boilerplate language that is typically all in caps is the most important clause. It is the limitation of liability, and it discusses what types of damages the customer can hold the provider accountable for and how much the customer can legally sue for.

In almost all situations, a well-drafted liability clause can cap the provider's contractual liability. Customer damages are usually capped under the contract at the amounts paid. Some customers might find a way to leverage their position and try to negotiate this amount up to a multiplier of the amount they paid.

Data Breaches and Financial Liability

SaaS vendors should take precautions to mitigate any risk for a data breach, including:

  • Encryption
  • Intrusion detection systems
  • Multiple firewalls
  • Personnel training
  • Third-party reviews, including certifying their adequacy.

Customers will most likely try to hold the SaaS vendor liable and fully responsible for items such as:

  • Damage
  • Intrusion
  • Data loss
  • Corruption
  • Breach
  • Unintended disclosure.

Speaking from a contractual standpoint, this means the SaaS vendor would need to accept liability for what could potentially be enormous consequential damages resulting from one of these situations. Any foreseeable financial loss that arises from a breach that exceeds the dollar amount the customer paid is consequential damages. One example would be a data breach where the business lost profits or customers, along with incurring significant cost to notify all parties the data breach affected.

SaaS vendors typically will not agree to accept liability for consequential damages if they want to keep their business afloat. It's also not realistic for customers to expect the SaaS vendor to accept this liability, especially since these same customers wouldn't accept consequential damages liability in their own contracts with customers.

Both the SaaS vendor and customer should look into cyber-liability insurance, which protects them against risks that cannot be contractually allocated to the other party.

Have Strong Payment Provisions in Your SaaS Agreement

A common occurrence is that a customer purchases a subscription agreement that his or her company doesn't end up using. The value of the subscription is spread out over the length of the term. However, customers may assume they won't continue paying the subscription fee if they cancel halfway through. Alternatively, they may assume they should get a refund for any unused portion. If the contract language is vague and ambiguous, the customer may end up being right.

Having detailed payment provisions are important. It should explain that subscription fees are based on the purchased services, not the customer's usage. This is essential when giving a customer a discount for purchasing a long-term commitment.

Performance Warranty

In addition to availability commitments on the SaaS application, the vendor will often warrant that the software will perform substantially, or in all material respects. This is in agreement with applicable documentation or specifications. There is no time limit when the customer is paid up for an annual subscription plan. Remedies can be rather limited and may be limited only to agreement termination if the performance doesn't meet the warranty terms, and the vendor is unable to correct it. At a minimum, there is a reasonable expectation of a prorated refund for the unused subscription period.

If you need help with a SaaS subscription agreement, you can post your legal need on UpCounsel's marketplace. UpCounsel accepts only the top 5 percent of lawyers to its site. Lawyers on UpCounsel come from law schools such as Harvard Law and Yale Law and average 14 years of legal experience, including work with or on behalf of companies like Google, Menlo Ventures, and Airbnb.