SaaS agreement (standard)

SaaS agreement (standard) contents

1. Definitions: definitions.
2. Term: commencement of term; end of term.
3. Set Up Services: obligation to provide set up services; set up services timetable; delays in set up services consequent upon
   Customer
   delays; hosted services set up and intellectual property rights.
4. Hosted Services: provision of hosted services access credentials (set up services option); grant of licence to use hosted services; limitations on use of hosted services; prohibitions on the use of the hosted services; security of access credentials; availability of hosted services and SLA; hosted services acceptable use policy; no damaging use of hosted services; no excessive use of the hosted services; no unlawful use of hosted services; no access to platform code; suspension of hosted services.
5. Scheduled maintenance: right to suspend hosted services for scheduled maintenance; notice of scheduled maintenance to hosted services; times for provision of scheduled maintenance; maximum aggregate time for scheduled maintenance of hosted services.
6. Service Data: licence to use service data (business purposes); prohibitions on use of service data (hosted services); security of service data; service data contains AI output data; limitation of liability for AI output data.
7. Support Services: support services provision; standard of support services; support services in accordance with SLA; suspension of support services.
8. Customer
   obligations: general second party obligations; access to computer systems.
9. Customer
   Data: licence of
   Customer
   data; licence of
   Customer
   data for AI purposes; licence of 
   Customer
    data for aggregation purposes; warranties relating to
   Customer
   data; back-up of second party data; restoration of
   Customer
   data.
10. Integrations with Third Party Services: integration of third party services; right to integrate third party services; activation of third party services integration; right to remove third party services integrations;
    Provider
     not responsible for supplying third party services;
    Customer
     responsibilities in relation to third party services; charges relating to third party services; no warranties or liability in relation to third party services.
11. Mobile App: mobile App governed by separate terms.
12. No assignment of Intellectual Property Rights: no assignments of intellectual property rights.
13. Charges: obligation to pay charges; time-base charges limitations; amounts inclusive or exclusive of VAT; variation of charges.
14. Payments: issue of invoices; time for payment of charges following invoice; payment methods; interest on late payments; interest on late payments.
15. Provider
    's confidentiality obligations:
    Provider
    confidentiality undertaking; disclosure of confidential information by
    Provider
     to certain persons; exceptions to
    Provider
    confidentiality obligations; disclosures of
    Customer
    confidential information mandated by law etc;
    Provider
    confidentiality obligations after termination.
16. Data protection: compliance with data protection laws; warranty of
    Customer
    's right to disclose personal data (GDPR); details of personal data processed by 
    the Provider
     (GDPR); purposes of processing of personal data by 
    the Provider
     (GDPR); duration of personal data processing by
    Provider
    (GDPR); personal data processed by
    Provider
    on instructions (GDPR); authorised international transfers of personal data (GDPR); informing 
    Customer
     of illegal instructions (GDPR); personal data processed by
    Provider
    as required by law (GDPR); confidentiality obligations on
    Provider
     persons processing personal data (GDPR); security of personal data processed by 
    Provider
     (GDPR); appointment of sub-processor by
    Provider
    (GDPR); authorisation for
    Provider
    to appoint sub-processors (GDPR);
    Provider
     to assist with exercise of data subject rights (GDPR);
    Provider
     to assist with compliance (GDPR); obligation to notify 
    Customer
    of personal data breach (GDPR);
    Provider
     to provide data protection compliance information (GDPR); deletion of personal data by 
    Provider
     (GDPR);
    Provider
     to allow audit (GDPR); changes to data protection law.
17. Warranties: first party general warranties; hosted services general warranties; warranty of legality of hosted services; hosted services intellectual property infringement warranty; breach of hosted services infringement warranty;
    Customer
    warranty of authority; exclusion of implied warranties and representations.
18. Acknowledgements and warranty limitations: hosted services not error free; hosted services not entirely secure; hosted services compatibility limitation; no legal etc advice with hosted services.
19. Indemnities: indemnity (flexible, with definition); conditions upon first party indemnity; indemnity (flexible, with definition); conditions upon second party indemnity; limitations of liability vs indemnities.
20. Limitations and exclusions of liability: caveats to limits of liability; interpretation of limits of liability; no liability for force majeure; no liability for loss of profits; no liability for loss of revenue; no liability for loss of use; no liability for loss of opportunities; no liability for loss of data or software (subject to back-up obligations); no liability for consequential loss; per event liability cap upon services contract; aggregate liability cap upon services contract.
21. Force Majeure Event: obligations suspended for force majeure; force majeure notification and information; mitigation of effects of force majeure.
22. Termination: termination without cause (optionally asymmetric, initial term and renewal term); termination by either party without cause (initial term and renewal term); termination upon breach; termination upon insolvency; termination upon non-payment; rights of termination supplemental or exclusive.
23. Effects of termination: surviving provisions upon termination; termination does not affect accrued rights; charges on termination of contract.
24. Notices: methods and deemed receipt of contractual notices; first party contact details for contractual notices; substitute contact details for notices.
25. Subcontracting: no subcontracting without consent; subcontracting permitted; first party responsible for subcontracted obligations; subcontracting of hosting.
26. Assignment: assignment by first party; assignment by second party.
27. No waivers: no unwritten waivers of breach; no continuing waiver.
28. Severability: severability of whole; severability of parts.
29. Third party rights: third party rights: benefit; third party rights: exercise of rights.
30. Variation: variation only in accordance with section; variation by signed written agreement; variation on first party's notice.
31. Entire agreement: entire agreement: documents; no misrepresentation; section subject to caveats to limits of liability.
32. Law and jurisdiction: governing law; jurisdiction.
33. Interpretation: statutory references; section headings not affecting interpretation; calendar month meaning; no ejusdem generis.

Schedule 1 (Hosted Services particulars)

1. Set Up Services: specification of software set up services prompt.
2. Specification of Hosted Services: specification of hosted services prompt.
3. Financial provisions: financial provisions prompt.
4. Contractual notices: prompt for
   Customer
   contractual notice address details.

Schedule 2 (Acceptable Use Policy)

1. Introduction: definitions for acceptable use policy; parties to policy; agreement to policy by using services; express agreement to policy; services user minimum age under policy.
2. General usage rules: no damaging use of services; no unlawful use of services; content must comply with provisions of part.
3. Unlawful Content: no unlawful user content: general prohibition; no unlawful user content: specific prohibitions; previous complaints and user content.
4. Graphic material: age suitability of user content; no violence, self-harm or suicide depicted in user content; no encouragement of violence, self-harm or suicide; no pornographic user content.
5. Factual accuracy: content must be truthful; content must not risk defamation.
6. Negligent advice: no professional advice in user content; no negligent advice in user content.
7. Etiquette: content appropriate etc; no offensive content; no annoying content; no hostile communications; no deliberate offense; no content flooding; no duplicate content; categorisation of content; appropriate content titles; courtesy to service users.
8. Marketing and spam: prohibition on marketing activities; no spam in user content; sending spam using email addresses; no promotion of marketing schemes; avoidance of IP blacklisting.
9. Regulated businesses: no gambling-related activities; no pharmaceutical activities; no weapon-related activities.
10. Monitoring: acknowledgement relating to monitoring.
11. Data mining: no data mining.
12. Hyperlinks: no hyperlinks to prohibited content.
13. Harmful software: no harmful software; no risky software.

Schedule 3 (Availability SLA)

1. Introduction to availability SLA: purpose of hosted services availability SLA; informal definition of uptime.
2. Availability: uptime commitment; measurement of uptime; reporting of uptime measurements.
3. Service credits: earning service credits; amount of service credits; application of service credits; service credits are sole remedy; service credits upon termination.
4. Exceptions: list of exceptions to availability commitment.

Schedule 4 (Support SLA)

1. Introduction: introduction to support SLA.
2. Helpdesk: helpdesk obligation; purpose of support services helpdesk; access to helpdesk; times of helpdesk availability; all requests for support to go through helpdesk.
3. Response and resolution: hosted services support issue categorisation; allocation of support issue severity categories; support response times; contents of response to support request; support resolution times.
4. Provision of Support Services: support services to be provided remotely.
5. Limitations on Support Services: excessive use of hosted services support; support services training and misuse limitations.

Schedule 5 (Data processing information)

1. Categories of data subject: prompt for categories of data subject.
2. Types of Personal Data: prompt for types of personal data.
3. Purposes of processing: prompt for personal data processing purposes.
4. Security measures for Personal Data: prompt for security measures for personal data.
5. Sub-processors of Personal Data: prompt for identifying sub-processors of personal data.