Software-as-a-service (SaaS) contracts in Helsinki
On the last weekend of May, partners and representatives of the ALFA International European member firms gathered in Helsinki. For the first time, Estonia was represented, with the role being carried out by the partners of Lepmets & Nõges Law Firm, Ott Lepmets and Kristjan Nõges. Among other things, attorneys Ott Lepmets and Kristjan Nõges participated in an exciting panel discussion on the future of Software as a Service (SaaS) agreements. In addition to our firm's partners, the panel also included Dr. Georg Huber (GPK Pegger Kofler & Partner, Austria), and it was moderated by Pav Younis (Weinhold Legal, Czech Republic).
Our partner, Kristjan Nõges, commented on the event as follows: "It was an excellent opportunity to exchange ideas with true experts in the field. The choice of topics deserves praise as well since the market for Software as a Service (SaaS) agreements has quintupled in the last seven years, now surpassing the trillion-dollar mark. The panel discussed the principles of SaaS agreements, particularly in relation to the implementation of artificial intelligence and the use of large datasets, while exploring how it aligns with increasingly stringent data protection regulations. Additionally, we took a glimpse at the proposed European Union regulations in the field of taming artificial intelligence. It was a truly fascinating discussion."
What is software as a service (Saas)?
Software-as-a-Service (SaaS) is one of the three main cloud computing services. The other two are Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS). SaaS essentially refers to a turnkey software solution that is accessed over the internet and paid for based on usage or duration. Unlike traditional software purchases, this approach provides customers with more flexibility and lower operating costs. By keeping the software up-to-date and providing competent customer support, the need for a separate IT department in companies can be significantly reduced. Well-known examples of such software services include Gmail, Slack, and Office 365. In addition to user-friendliness, storing data in the cloud often offers enhanced security compared to local data storage.
Main elements of SaaS contracts
Software-as-a-Service (SaaS) agreements do not constitute a separate type of contract in Estonian legal system. Therefore, the legislator has not provided a specific template for drafting such agreements. That's why it is advisable to collaborate with specialists who understand the nature of the service being regulated. When drafting SaaS agreements, it is important to consider and carefully regulate elements such as service availability, licensing, fee structure, updates, data protection, security, and liability. Each of these elements encompasses various solutions and possibilities that need to be woven together into a coherent whole based on the client's interests. Let's take a closer look at licensing, data protection, and security as examples.
What should be considered regarding licensing?
Licensing pertains to intellectual property, which broadly refers to creations of the mind. In the context of SaaS agreements, this would encompass software code, branding, design, the look and feel of your software —essentially, what makes your software unique and contributes to its value. There is no doubt that intellectual property needs to be carefully protected, and this can be achieved through contractual means.
Additionally, consideration must be given to anything that originates from the customers of the software provider. It is common for most users of a software service to upload images or documents while utilizing the service. If the software provider intends to use these data for their own purposes, appropriate consent should be obtained. Therefore, the SaaS agreement should include clauses specifying what can be done with the data originating from the customers of the service. Furthermore, the agreement should also regulate the ownership and extent of intellectual property created as a result of using the software.
What should be considered regarding data protection and security?
When it comes to data protection and GDPR, it is understandable that some founders may roll their eyes. From the perspective of a software service provider, this topic may seem like another obstacle in conducting business. However, the importance of this issue cannot be overstated. This is exemplified by the recent fine imposed on Meta (formerly Facebook) for violating GDPR provisions, amounting to 1.2 billion dollars. Data protection is undoubtedly a field that should be considered as early as the product development phase.
The software service provider must understand when they are acting as the data controller and when they are acting as the data processor, and the obligations that come with each role. In both cases, the software service provider must have a clear overview of the personal data they collect, the purpose of the collection, and the legal basis for processing. This overview must be disclosed to the end user of the service. Systems must be in place to respond to queries related to personal data, and individuals responsible for this task must be designated.
Careful consideration should be given to how data is stored, who has access to the data, and at what intervals. What security measures are employed? What are the procedural rules in case of a data breach? Where is the data physically stored, and how will the provider respond if something happens to it? These aspects need to be thoughtfully addressed to ensure data protection and security.
Advokaadibüroo Lepmets & Nõges's attorneys can help you find the right answers to these and any other questions related to Software-as-a-Service (SaaS) agreements.
Related posts

The restraint of trade and confidentiality obligations for a member of the management board after their term of office
A member of the management board of a private limited company or a pub...

How to Prepare for a Court Hearing: Essential Tips and Recommendations
A court hearing can seem intimidating and even overwhelming. How shoul...
We are a top-rated law firm
A reliable partner in litigation!

Head of Litigation
Our cooperation with the lawyers Lepmets & Nõges has lasted for years and has been very successful so far. In our opinion, they offer the best quality and fastest service on the market at an extremely good price. Highly recommended!
Chairman of the Supervisory Board
I have used their legal advice and assistance on several occasions. Most recently, attorney-at-law Tauri Tigasson positively surprised me with his proactive approach, precise, and determined counseling, even pushing me to act more efficiently. It exceeded my unspoken expectations. Working with them has been a true pleasure.

Very high level, broad-minded, and reliable partner in legal matters. The sense of security is the most important thing I expect from legal assistance as a client, and this is the experience that the law firm Lepmets & Nõges always provides. Legal assistance should be like this – thank you for always being there!

I recently worked with the law firm Lepmets & Nõges, and their professionalism exceeded all expectations. Their lawyers are highly knowledgeable and skilled, offering clear advice and support at every step. I was impressed by how dedicated they were to the client's needs, always keeping me informed and answering all my questions. Excellent service and genuine care for the client make them a top-tier law firm. I highly recommend them!

My family and I are sincerely grateful to the Lepmets and Nõges bureau, whom we found through recommendations from acquaintances. A long and exhausting process had reached a dead end, but thanks to their professional assistance, expertise, resourcefulness, and, more importantly, understanding of the situation and humane attitude, we can now continue with our normal lives.
There is a saying: “promise only what you can deliver. Then deliver more than you promise”. Lepmets & Nõges has always delivered more in our business relationship. Their knowledge, professionalism and talent is what I value most about them. I can honestly say I have always been 100% satisfied with their work.
The solutions have always met and even exceeded our expectations. Pleasant attitude, friendliness and professionalism at each stage of the process. A reliable and necessary partner in all legal issues and litigations!

CEO



ALFA International is a leading network of independent law firms, established in 1980. It is the largest legal network offering effective solutions worldwide. We are the only member of this network in Estonia.
Gazelles are rapidly growing companies that have increased their revenue and profit by over 50% in three years and created many new jobs. Less than 1% of Estonian companies are gazelles. We have won the Gazelle Company title twice.
The Estonian Chamber of Commerce and Industry is the largest and most influential organization representing entrepreneurs in Estonia, with 99 years of activity. The Chamber has over 3,500 members, whose contribution accounts for more than 40% of the net turnover and tax revenue of Estonian companies.