5 clauses for Terms of Use for SaaS apps

If you're running a Software as a Service (SaaS) business, there are some unique clauses that you need to include in your Terms of Use agreement.

Even if the Terms of Use isn't mandatory by law, it's extremely important and recommended to have the agreement for your business.

If your app is like most SaaS applications and businesses, your service allows the user to upload their own content.

This means that there are unique intellectual property terms that you need to include as a result, and measures need to be put in place to curtail accounts that abuse this ability.

In addition, since you're running the application in the cloud, your users' information is often stored somewhere different to where you or they might be based.

For example, you may operate from the US, but 80% of your users are in India. Or, you may be based in New Zealand, but your users are primarily the US, and their data is stored by a cloud storage provider in the UK.

The end-user of your app will see little difference in how they interact with your software, but it's important to include relevant terms in your Terms of Use (or other relevant legal agreements) when you provide your app to your users.

Clause 1: Intellectual property in user-generated content

If your app has the ability to allow your users to create their own content of some kind, you need to obtain a license from your users for your app to use that content.

Basically, your users grant you a license to use and display the content they create on our platform. Since they created that content, they own it, but they're granting you permission to use that content.

Your "Terms" agreement need to explicitly state that your user gives you this license.

One example is Dropbox. If a Dropbox user uploads a photo they took, Dropbox's Terms of Service outlines that the user will grant Dropbox a license to use those photos i.e. store them, put them into folders, and share them as per user requests.

Here's another example from Google Drive:

In the example above you can see that the user grants Google (and those they work with) a worldwide license to use the user-generated content in various ways, and they also state what they will use that content for.

It's important to include both of these parts in your own Terms of Use agreement:

• Explicitly state what you can do with the user-generated content; and
• Tell the user what you'll use it for (i.e. your services).

Clause 2: Cloud storage and data security

Cloud storage is one of the primary ways in which a SaaS business operates, by keeping user data in the cloud.

One of the legal issues that you need to consider is how you will keep your users' information secure, particularly if you are using a third-party cloud storage vendor, like Amazon AWS.

When your users sign up to your service, your app will collect information about them that will be stored either by a cloud storage service that you run or by that external provider.

But what happens if that external provider has a data leak? Who is responsible to your users, you or them?

Here's an example from the the Terms of Use of Amazon Cloud Drive:

Like Amazon, most cloud storage services do not guarantee that user data will be kept and limit their liability in the case of a loss.

If you are using an external cloud storage service to keep user data for your app, make sure that you notify your users of these risks in your Terms of Use agreement, and limit your liability so that you are not responsible for any loss of data caused by the cloud storage provider.

Don't forget to include a Privacy Policy as well as most SaaS apps will need the Privacy Policy agreement. You need to make sure that the "Privacy" and the related cloud storage clauses clearly outlines what information will be kept by the app.

Your Privacy Policy should contain the following information:

• The types of information that you will collect;
• How you will keep it secure;
• Any third parties who will be holding the information on your behalf (e.g. cloud storage provider);
• What you will do with that information and in what circumstances you will release it;
• How the user can review the information you hold on them; and
• How the user can change or delete that information.

Clause 3: Prevent abusive accounts

The next clause that you need to include is a clause for preventing abusive accounts, and what response will be taken if an account is misusing your app.

It's common practice to include a "suspension" or "termination" clause where you can stop providing your app services to a user at any point if they breach your terms or are disruptive to other users.

Have a look at this example from the Terms of Use of Survey Monkey:

You can see that SurveyMonkey's clause is quite broad, which leaves them able to respond quickly to abusive users who breach their terms or cause problems for other users.

Other websites include an "Acceptable Use Policy" separately from their Terms of Use This Policy can be used to outline for users what kind of behavior is okay and not okay.

Here's an example of Dropbox's Acceptable Use Policy page:

Dropbox has included a list of all of the types of behavior that they do not accept.

Consider which of the above may apply to your app and which things a user might be able to do.

Either list out the types of misconduct in your main Terms of Use, or create a separate Acceptable Use Policy to cover these points.

Clause 4: Limitation of Liability

Make sure that you limit your liability to things that you are in control of.

If your users are able to upload information such as pictures to your service, they may be uploading illegal information or images, or things that violate the intellectual property rights of a third party, such as uploading copyrighted material.

Make sure that you exclude liability for their actions in your Terms of Use agreement, like this example from Salesforce below:

You can see that in the Salesforce section the user grants an indemnity to Salesforce if a third party brings a claim against Salesforce, or if user-generated content violates a law.

They also give an indemnity back the other way to reassure their users that Salesforce will defend the user if a third party claims that the user is breaching their IP rights by using Salesforce.

Clause 5: Governing Law

As your service may be used around the world, it's important to clearly state which country's law will govern the contract.

There are two parts to these provisions: governing law (the law that will be used to decide the dispute) and jurisdiction (where the dispute will be decided).

The jurisdiction is usually in the country or state where the business is based.

Governing law is different:

• Usually, if you're in Australia, you'll want your section to say that Australian law applies
• Or, if you're based in California, you would want the Californian law to apply. However, sometimes the law in another state in the US is more favorable to businesses, such as Delaware.

You can choose to put in your Terms of Use that your contract will be governed by Delaware law, but Courts do keep an eye out for where businesses are trying to take advantage of particular laws.

For example, if Texas law was extremely pro-SaaS providers, and you chose in your Terms of Use agreement that Texas law applies, the Courts may not allow it.

Courts usually look for some connection between the business owner or the customers, and the state or country that has been chosen as governing law. Another factor is that cases looking at corporate behavior (i.e. if you are being sued), they must usually be decided in the state of incorporation.

It's also important to state that your legal agreement is the only contract between you and your users.

Have a look at this example from Dropbox that shows their governing law and entire agreement provisions:

You need to include a similar term that's tailor-made to you and your location.

With these terms you should have a good start for your Terms of Use agreement that you need for a SaaS app. Don't forget to include the following terms as well:

• Definitions of key terms
• Subscription information (including fees, access, and how modifications will be made or new features added); and
• Customer support information.

Make sure you include the above key sections in your app's legal agreement, as well as a Privacy Policy agreement as you're most likely to collect personal information from users.