Friday, 10 March 2017

Factors to consider while making a SaaS contract

Kentico Software Development Companies

SaaS contract: It’s a term used to describe the agreement between a SaaS service provider and a SaaS client. It sets the conditions under which the specified software might be accessed by the employees of the organization developed by software outsourcing companies or service provider. It controls the use of software and specifies the entitlements and commitments of service provider and the client.
Some of the factors that are of concern to both the parties while making a SaaS contract are mentioned below.

Service Level Agreement (SLA)

SLA is a type of service guarantee for SaaS services which are used to support business critical functions of the organization by the software developed by software outsourcing companies. Often, SaaS SLA’s are made keeping in mind the interests of a service provider. The terms that need to be covered in SLA are:
The contract should clearly specify when the service will be accessible for the users. Availability is mostly expressed in terms of number nine. The more number of nines, in your SLA, indicates lesser downtime. To achieve this availability percentage, the client might have to pay a higher cost.
The service providers do not want the client to orient SLA to the business value they get from the software. Many service providers will simply start with 100% availability and then cut the duration in which their internal systems report an error. From a client’s perspective, both unscheduled errors and schedule maintenance count as downtimes but for a service provider, only the unscheduled ones count. The compensation in case of downtime plays a primary role in making of an agreement. The Mean Time to Respond and Mean Time to Repair are the terms to look for in the downtime section of SLA.

Escalation Flow

When there is a problem with your internal system, you call your IS department or raise a ticket in an outsourcing company. In SaaS, you can’t talk to the service provider with admin privileges on infrastructure. A SPOC on the service provider side is what you need. There is no holding back with the call center for the service provided by the vendor. The hours of support is also a key factor considering the escalations that need to be addressed.

Charging of services and Discounts

The service providers charge on monthly or annual basis. The metrics commonly used to measure subscription based charging are number of users or number of records. SaaS service providers specify the charging of services openly. As a client, there is still a room for negotiation. The discounts offered by service providers to win your business is a key factor. Upgrading and Downgrading of the plan as the time progresses is also a factor that should be considered while making the agreement.

Security of information
Concerns regarding the information that a software outsourcing company in India generates, due to its daily operations include:
  • What type of information is collected by the software?
  • Who is the owner of the information?
  • Where is the information stored?
  • How often is the data backed up?
  • What happens in case of a security breach?
So there is always a need of creating provisions for securing your data. Here are some examples of such provisions:
  • A requirement that the service provider comply with the client's information security practices.
  • Warranties with respect to information security, leakage and modification.
  • The client's right to perform audits and periodic security evaluations.
  • BCP-DRP, Service provider’s associated obligations along with a properly drafted force majeure clause.
  • Clear statements with respect to ownership of the data and return.
  • Service provider's obligation to perform frequent backups.
  • Service provider’s requirements regarding data restoration.
Other factors

SaaS raises legal considerations, including privacy issues (e.g., what type of information is being stored and for how long, and who is accessing the information); and export and administrational matters arising out of the location of the servers, which can trigger export control laws (e.g., if the provider’s servers are located outside of the USA, storing of data abroad may trigger a legal obligation) and subject your information to the laws of the jurisdiction in which a server is located.

Thus company’s business and technical personnel need to understand, and the legal advisories need to carefully review and then negotiate the SaaS contract before making an agreement with the service provider. Software development companies should consider legal aspects into consideration before devising correct contract with the company.