Is Your SaaS Agreement The Only Website Legal Document You Need?

I’m often asked questions about SaaS (Software as a Service) agreements. What I have to prompt SaaS webmasters to ask is – “Is my SaaS agreement the only website legal document I need?”

To most Saas site webmasters, the answer may be surprising.

What Is a SaaS Agreement?

A SaaS Agreement is a customer agreement, and for this reason, it’s usually the focal point for webmasters of SaaS websites. However, they’re rarely called a “customer agreement” or even a “SaaS agreement”.

More often than not, they’re titled as a “membership agreement”, “subscription agreement”, or “services agreement”.

SaaS agreements are typically presented to the user during the registration process in electronic form – usually with a significant portion partially visible from a scroll box. The user is not permitted to continue with registration until there is an acceptance that is indicated by checking the “I ACCEPT” checkbox (or by clicking on an “I ACCEPT” button). In order to require the user to make an affirmative action to indicate acceptance, the checkbox for “I ACCEPT” is presented either as unchecked, or if there is a checkbox for “DECLINE” (instead of a button), it’s checked as the default choice.

The Typical Fact Pattern For SaaS Websites

If we look at the typical fact pattern associated with SaaS websites, the readily apparent facts are these:

  • there is an unrestricted, public area of the site that is accessible to all site visitors,
  • there is a restricted, private area that is accessible only by registered users with a valid user ID and password, and
  • in the process of registration, personal information of the registrant is collected (i.e. name and email address at the least, and if payment is made, credit card information).

The Basic SaaS Documents

From the typical fact pattern, the following documents are generally recommended or required for legal compliance and legal protection of the webmaster and owner of the SaaS site:

  • Legal Page – linked from the bottom of the home page; provides intellectual property notices (copyright, trademark, patent) and special legal disclaimers; links to Terms of Use and Privacy Policy;
  • Terms of Use – linked from the bottom of the home page; provides legal notices and disclaimers for all site visitors (both unregistered visitors and registered users); there is no I ACCEPT button;
  • Privacy Policy – linked from the bottom of the home page; notifies all site visitors (both unregistered visitors and registered users) regarding site’s policies for collection, use, sharing, storing, and security of data (both passive and personal); and
  • SaaS Agreement – customer agreement that binds registered users to terms and conditions for using the site; if the agreement is in the required form and presented as required by well-established case law, it will be an enforceable online contract.

Additional SaaS Documents

Additional SaaS documents may be recommended or required depending on additional facts and circumstances. They are:

  • DMCA Notice And Registration Form – for sites that allows visitors to post text or files to the site (e.g. via a Blog or forum), the site may be liable for copyright infringement arising out of these postings based on strict liability copyright principles; the Digital Millennium Copyright Act (DMCA) provides a “safe harbor” from such liability provided the site posts a DMCA notice (usually in the Terms of Use) and files a Registration Form with the U.S. Copyright Office;
  • Service Provider Privacy-Security Agreement – for sites that outsource hosting or website services that also permit these service providers to access the website server and website internals that archive personal information; and
  • Red Flag Identity Theft Policy – for sites that are “financial institutions” or “creditors” with “covered accounts” under the U.S Fair Credit Reporting Act, as amended by the Fair and Accurate Credit Transactions Act of 2003 (FACTA), it’s required that they adopt and implement an identity theft policy and program prior to the extended deadline of August 1, 2009; “creditors” with “covered accounts” include sites that permit payment over time such as monthly or quarterly.


Webmasters of SaaS sites should think of legal compliance in terms of a system – not just in terms of a single SaaS agreement.

This system should include at least four agreements that are recommended or required for each SaaS site for legal compliance and legal protection of the webmaster and owner of the SaaS site.

Depending on facts and circumstances, there may be as many as three additional documents that are recommended or required for each SaaS site.

These documents do not operate alone. They should be consistent from document to documents, and should work together as a system for maximum effectiveness.

Copyright © 2009 Chip Cooper

For additional information, visit our SaaS Legal Resource.

This article is provided for educational and informative purposes only. This information does not constitute legal advice, and should not be construed as such.

WANT TO USE THIS ARTICLE IN YOUR BLOG OR WEBSITE? You may, as long as you reprint the article in its entirety with live links and include this blurb with it:

From SaaS Attorney, Internet Attorney Chip Cooper: “SaaS Startups – You know how frustrating it is to find a top-rated SaaS attorney who can help you set up your business… on a budget? I solve this. I do this with my SaaS Marketer Pro online platform that empowers you to generate your SaaS Agreement and winning strategies by leveraging my experience as a top-rated SaaS Attorney, Internet Attorney. Top-quality results, fast, hassle-free, and on a budget.” ==>