14 Agreements and Policies Every Software as a Service (SaaS) Company Should Have

If you’re running a software-as-a-service company, you should have several key agreements and policies in place protecting your company, your intellectual property, and your investors. These agreements will become important during due diligence with any Investor or potential Acquirer. Here are 14 important agreements and policies every SaaS company should have, broken down into 4 categories:

Company and Corporate Level Agreements

  • Shareholders Agreements – In-depth agreements outlining the duties and abilities of shareholders of the company. Shareholders include Founders, Investors, and Employees alike. This agreement includes provisions such as regulation of voting rights, control and management of the company, dispute resolution between shareholders, and outlines how shares can be sold or exchanged.
  • Employment Agreements – Appropriate employment agreements should be in place between the Company and all employees that the terms of their employment, their duties, their promises, their rights as an employee, your rights as an employer, intellectual property assignment (more on that below) and any ancillary documentation regarding additional compensation such as stock.
  • Invention Assignment Agreements – Also known as an “IP Transfer Agreement” – this agreement assures that intellectual property created by your employees, your contractors, or your freelancers belong to your company, and not to the employee, contractor, or freelancer – and guarantees they have no right to what they’ve created for your company.

Customer Facing Agreements

  • SaaS Agreement – The agreement for the actual sale of your product to your customer, payment and billing terms, and warranties. This agreement should outline your intellectual property rights, and your information security/data privacy protocols. This could come as a published “Terms and Conditions” on your website that every Customer agrees to, or an individually signed contract with Customers.
  • Master Services Agreement – Usually requested by enterprise level customers – this is a more extensive SaaS Agreement that is often negotiated by larger customers for favorable terms. Your MSA should incorporate other important agreements as well.
  • Service Level Agreement – An agreement between you and your customers promising a certain level of service delivered by your team as they use your product.
  • Data Processing Addendum/Agreement – Due to current and future data privacy laws and regulations, if you are processing the Personal Data of your Customers or their end users, you will likely need to enter into a Data Processing Addendum that outlines requirements around data protection, following applicable laws and regulations, and referring out to ancillary agreements such as the European Union or United Kingdom Standard Contractual Clauses.

Third Party Agreements

  • Advisor Agreement – An agreement formalizing a relationship between your company and an advisor – including scope of their work, and compensation details.
  • Independent Contractor Agreement – An agreement formalizing a relationship between your company and a contractor/freelancer – including scope of their work, compensation details, and intellectual property assignment.
  • Partner/Affiliate Agreement – An agreement between your company and any marketing partners/affiliates, highlighting the terms of your engagement, promises made by your partner/affiliate, and details around how compensation is exchanged.
  • Non-Disclosure/Confidentiality Agreement – An agreement between your company and another party – whether an employee, contractor, vendor, or customer – that establishes confidential information you want to share with each other, but not with anyone else.

Public Facing Policies

  • Terms of Use – This Policy should be published on your website and governs the rights of anyone visiting your website, not just paying customers. This lays out information around accessing your website, IP rights, prohibited uses, user contribution standards, how you monitor your users work, how you can kick a user off, warranties, and indemnification. 
  • Privacy Policy – An increasingly important policy that should be published to your website highlighting how you are gathering, using, disclosing, and managing the personal data of your users, and essentially making a promise that you will not use the data for any other reason.
  • Security Policy – You may or may not choose to publish this, but it should be drafted and made available to Customers that request it. Another increasingly important policy that highlights how your SaaS company approaches data security. This includes your policies around encryption, database backups, audit logging, disaster recovery, how you adhere to compliance standards (such as HIPAA and GDPR), and any third party security certifications your company has (such as SOC 2, ISO 27001, HITRUST, etc.)

Let us Help

I’ve listed 14 agreements and policies above, and this is by no means an exhaustive list. There may be more contracts and policies for your particular company and use case. If you’d like assistance with the above needs, feel free to Contact us today.

This post is not legal advice, and does not establish any attorney client privilege between Law Office of K.S. Kader, PLLC and you, the reader.