Buckworths works with SaaS businesses at every stage, from founders building their first product through to established companies with large customer bases and complex commercial arrangements.
We advise on SaaS agreements, software licence agreements, reseller and white-label arrangements, and API access agreements. We make sure the terms protect your IP, limit your liability appropriately, and are commercially robust. Data protection is central to most SaaS businesses. We advise on GDPR compliance, DPAs, privacy policies, cross-border data transfer mechanisms, and security documentation.
We advise on IP ownership in software, making sure the IP stays with the business and is not inadvertently transferred through customer contracts or open-source usage. For businesses with employed or contracted developers, we advise on employment status, IR35, and EMI share option schemes.
For fundraising, we advise on SEIS and EIS, VC rounds, and investment documentation. For exit and acquisition, our M&A team provides full support.
Book a free consultation to discuss your SaaS business.
Our Services
- Commercial
- Commercial Property
- Corporate
- Data Protection
- Dispute Resolution
- Employee Incentivisation
- Employment
- Franchising
- Funding
- General Counsel
- Intellectual Property
- Mergers and Acquisitions (M&A)
- Regulatory Services
- Secretarial Services
- Strategy and Business Support
FAQs
A SaaS agreement should cover the scope of the licence and permitted users, uptime and service level commitments, data ownership and processing obligations, confidentiality, intellectual property rights, liability and indemnities, payment terms, and termination provisions. Getting liability and IP provisions right is particularly important for SaaS businesses. We draft SaaS agreements for providers and review them for customers.
Customer data processed through a SaaS platform remains owned by the customer. The SaaS provider processes it as a data processor on the customer's behalf and must enter into a data processing agreement under GDPR. The SaaS agreement and the data processing agreement should be consistent with each other. We advise SaaS businesses on the correct structure for their customer agreements and data processing documentation.
A SaaS business acts as a data processor for its customers' data and must have a data processing agreement in place with each customer. It must also comply with GDPR in its own right as a data controller for its own employee and prospect data. Key obligations include maintaining a record of processing activities, implementing appropriate technical and organisational security measures, and managing data breaches. We advise SaaS businesses on their full range of data protection obligations.