A 10 Step Beginner’s Guide to SaaS Agreements

Picture this. Sam has created a great new SaaS product and has found some early customers who are equally excited but his solution. These same customers have all asked Sam for a copy of his standard SaaS Agreement so they can sign up. 

Sam googles “Drafting SaaS Agreements” but finds blocks of information that are difficult to apply to his situation and none of it is very user friendly.

Sam feels overwhelmed and uncertain about where to start, what’s important, what’s not, what do his customers expect to see, how does he protect himself?

Sam is not alone.


Feeling overwhelmed in regards to the legal obligations of your business and your future is a natural and common problem experienced by people the world over. Many people arrive at this bump in the road of their journey and simply stop driving before considering legal advice, as it all gets too difficult.

We are here to assist you to tackle those bumps and continue your journey smoothly. 

Overcoming these obstacles will:

  • benefit you and your team greatly by ensuring you get off to the right start;
  • mean you don’t miss out on signing up customers;
  • make you look professional and established; and
  • give you comfort that you have done all you can to protect your business.

Do not fear, help is at hand. This article will provide 10 step beginner’s guide to SaaS agreements so that you can know exactly what’s involved and how to get started.



Like many other services, SaaS Agreements may be for a fixed term which is secured by a direct debit agreement or upfront payment, or it could be simply month to month and the service is turned off if the customer doesn’t pay the next month’s subscription fee.

To determine the appropriate terms for your agreement, consider your underlying business model which will influence which of these is best for your SaaS solution.


Customers will want to know what SaaS services will be provided. A common way to direct customers to the service description is simply to refer to the services as they are set out in your website.

Alternatively a broad description in the agreement itself can be provided.  But sometimes customers will want more clarity around the functionality of the services. This may include an assurance that the SaaS solution will comply with any published specifications, online documentation and/or manuals that describe the services.

We suggest that when deciding how to describe your SaaS services that you consider who your customers are and what level of detail they require in regards to your SaaS offering.


It is important you stand behind a standard by which your services will be provided. In fact it will be a selling point to convince potential customers of the reliability of your services. 

Service level stipulations should spell out minimum levels of acceptable performance, including response time, uptime/availability (eg 99%), customer satisfaction, etc. 

You should be careful to protect yourself from service level breaches that may arise due to third party defaults, technical or delivery failures, communication failures etc.  


As with any other service, if there are ever any errors or problems with your service the agreement will likely require you to fix any bug or error in a reasonable time frame and to maintain the site by regular checks.

Such support services may range from assisting the user to change or update account details, to fixing any technical errors.

If scheduled maintenance is to be regularly undertaken and will require the service to be unavailable for a period of time, it is recommended that you state these fixed times in the agreement so users can plan accordingly.

You should also state that the hours during which yours customers may receive support from your team are properly set out in the agreement. Be mindful of time zones if you are located in a different country to your customers.


The flexibility of the SaaS model allows you to offer creative and innovative pricing structures to attract users. 

The flexibility of SaaS also means customers can scale their use of the service both up and down, and do not need to lock into an expensive fixed price agreement based on an assumed average level of use over a long period. 

For example:

  • your SaaS offering may be best suited to a fixed monthly fee whereas for another offering, fees may be based on the number of users or quantity of data uploaded to the platform;
  • some customers may opt for a more expensive version of the service which has full functionality whereas others may only need the budget option with only basic functionality – tiered pricing can really help you generate more revenue!; and
  • there may also be other fees in relation to bringing the customer on board the platform such as uploading data. 


(a)  Customer Retains Ownership

Your customers will in almost all cases expect to retain full ownership of data which they upload to your service. But by the same token, your customers have sole responsibility for the legality, integrity, reliability, accuracy and quality of their data.

You will need to obtain a non exclusive license from your customers to process data uploaded to the service but also full protection from the customer if, for example, when processing the customer’s data through the service you infringe a third party’s intellectual property rights. 

(b) Data Security And Backups

In terms of data security, you will need to take appropriate technical measures against unauthorised or unlawful disclosure of customer data or its accidental loss, destruction or damage. 

However because SaaS providers rarely personally host the service and data uploaded to it (usually outsourced to a major data centre operated by the likes of Amazon), it is recommended that you require that your customers keep backups of all data uploaded to the service. 

From the customer’s perspective this may be a frustrating reality that needs to be dealt with.

(c) Who is Hosting the Service?

Following on from this, because many SaaS services are hosted on third party servers (eg Amazon) you will not be able to promise absolute data security. 

As such, it is likely that your customers will research where the service will be hosted, and if it’s on third party servers, who operates them and where the servers are located. 

The location of the servers is important because some countries have laws which enable the local government to access data on servers operated by nationals of that country. 

This can sometimes be a deterrent for some customers but it should always be looked at in the broader picture and given the appropriate weight relative to other factors such as track record and general security.

(d) Retrieval of Customer Data from the Service

What happens to customer data if the customer wants to leave your service or the SaaS Agreement is terminated? We recommend you give customers the right to extract their data upon termination, at least for short period after termination.

Corporate customers with a large amount of data uploaded to a service will likely consider in what format the data is stored, how easily it can be migrated to another service, how long it will take & cost, and how much assistance they will need from you to extract their data from the service. 

If you want to draw a hard line, like Oracle, the SaaS Agreement can confer authority upon the provider to delete the customer’s data if the data is not removed from the service within the stated period. 

Customers may well find that a startup SaaS provider may be more willing to work with the customer on migration of their data out of the service compared to a major organisation – bigger isn’t always better!


It is imperative with a SaaS Agreement that you retain all proprietary rights and intellectual property rights (patents, copyrights, database rights, trade secrets, trade names, trademarks, or any other rights or licences) in the software services being provided.  

You should ensure the new intellectual property which is created as a result of improvements or modifications to the software vest in you. 

For example improvements which result in any customisation of the SaaS to your customer’s specific needs.

We suggest that when deciding how to describe your SaaS services that you consider who your customers are and what level of detail they require in regards to your SaaS offering.


Your SaaS Agreement should always include a clause limiting your liability to the customer. Issues covered under these are:

(a) Amount of Liability

Following on from this, because many SaaS services are hosted on third party servers (eg Amazon) you will not be able to promise absolute data security. 

Another option to consider if offering a rebate of the previous month’s subscription fees or linking the monetary cap on liability to a prior payment period eg your liability is limited to the subscription fees for the previous 3 months immediately preceding the claim.

(b) Type of Loss Covered

You should also limit the types of damages and losses for which you will be liable.

Generally in SaaS Agreements, liability is excluded for indirect, consequential and economic losses.

If there are any particular losses that you do not want to be liable for, it is prudent to specifically state these so that they are excluded.

Service down time due to the internet being unavailable is one such example.

(c) Consumer Protection Laws

Depending on whether the SaaS services are being provided business to business, or business to customer, in many jurisdictions there are customer protections which have been legislated and cannot be contracted out of.

Therefore, any limitation of liability you implement must take these consumer protections into account.


By its nature, SaaS is able to connect with customers across the globe.

To avoid the potential of fighting law suits in far flung countries where your customers are located, you should ensure the agreement is governed by the law and courts you reside.


You should make no representation or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or correspondence with, any third party.

For example, where a link to a third party website is incorporated into your site, you will want to accept no liability where your consumer clicks onto the link.


We’ve covered a lot by now, all the bumps have been leveled out, you can travel forward smoothly with you SaaS Agreement. 

It is important to remember that your legal obligations and responsibilities are never to hard to be managed and that, once you have it under your belt, the relief and rewards you receive are well worth it.

The process will also help identify certain risks and opportunities in your SaaS business, giving you the power to drive growth and minimise risk.

To discuss your Saas Agreement or any other tech legal matters further, please contact Brad Vinning who will happily join you on your journey.