Software Deals Using the Customer’s Form

Ever try to license software or provide SaaS to a Fortune 500 company or some other high profile company? Did they insist on working from “their paper”? You know enough not to simply hope for the best and sign whatever contract they put in front of you, but you also don’t want to delay further a months-long sales effort over the paperwork. What do you do?

The Customer’s Form Contract

You want the deal, so you tell them to send you the draft. BigCo sends you its contract. It’s a long, complex document that rivals the King James Bible. You send it to your lawyer, who spends an hour or two reviewing it. The lawyer comes back with a list of concerns that go something like this:

  • The intellectual property terms don’t apply to the deal you’re trying to close. You simply want to provide access to your SaaS platform, and the contract has your company assigning over all of its IP – effectively preventing you from offering a SaaS platform to your other customers.
  • The security terms are totally overbearing. You’ll only receive publicly available, anonymized information, but the contract has your company submitting to monthly penetration tests, annual SOC 2 Type 2 audits across all five principles, and background checks on all your employees by a third party of your customer’s choosing.
  • The renewal and termination provisions give your customer a right to terminate at any time, for any reason, with a pro-rata refund.

You then call your counterpart at BigCo and negotiate the renewal and termination provisions, while your lawyer rewrites the intellectual property and security terms. You’ve now spent your own relationship capital negotiating a key term, you’ve spent money on legal expenses, and the revisions haven’t even been sent to your customer’s attorney yet. Worse still, you’re beginning to wonder why they sent over a contract that requires this much hassle.

Here’s the problem: When they told you they wanted to work from their paper, you felt like you were in no position to negotiate. You spent a long time to get the deal to that point, and the economics were finally set. Your counterpart may have even said, “Our legal can be a pain. I don’t like having to deal with them, but it’s how we do things at BigCo.”

A Better Way Forward

Assuming you are even willing to work from their form, consider an alternative. Imagine instead that you told your counterpart at BigCo, “Certain legal items are really important to us. They are X, Y and Z. If we can work from a contract with those included, I’m confident the lawyers can hammer out the rest and we can quickly get this deal done.”

So what are X, Y, and Z? Here’s a sample of issues that are critical in many software deals:

  • Intellectual Property – Are you assigning your software (literally giving the code and full ownership to your customer), licensing it and reserving ownership rights to yourself, providing user access to a SaaS platform, or something else?
  • Data – If you’re providing a SaaS platform, who is responsible for the content of the data uploaded into it? Who owns it? What can (and can’t) you and your customer do with it?
  • Termination – Under what circumstances can your customer terminate the agreement?

Obviously that’s not an exhaustive list, and critical issues vary from deal to deal and company to company. Ideally, you already know your X, Y and Z.

When you communicate key legal concerns the moment you are willing to concede on using their paper, you send some important signals to BigCo:

  • You’re willing to work with them if they’re willing to work with you.
  • You know that the legal terms matter, and you know which issues are especially critical for your deal.
  • You want to learn quickly whether they will insist on dealbreaker terms.
  • You will expedite the process to get the deal done.

If your counterpart at BigCo also wants to get the deal done soon, your message will reach BigCo’s legal department. And if BigCo’s legal department takes cues from your counterpart, you’re much more likely to receive an agreement that actually applies to your deal. This saves everyone time and money in the long run.

But suppose your counterpart doesn’t want to close quickly or doesn’t relay your message, or suppose the legal team doesn’t take cues from your counterpart. Suppose the contract you receive from BigCo’s legal department isn’t any better. Are you really any worse off than if you had not tried this approach?

Closing the Software Deal – Part 2

Closing software deals with less legal hassle demands more than just a good agreement – it requires a well-informed and well-equipped sales team. If your company offers SaaS or licenses software to other businesses, consider these additional tips to close deals quickly and at a lower legal cost.

Build a Legal FAQ

Your team should know most of what’s in its agreement and why it’s there. Customer stakeholders who are not attorneys are quite likely to ask your sales team questions that are both ‘legal’ and important to the deal, long before an attorney is involved. Getting the answers right demonstrates your company’s experience, preparation, and ability to ensure customer success, all while speeding the deal to close. Getting the answers wrong – or not knowing the answers – simply decreases the likelihood of closing the deal or increases customer acquisition cost for no good reason.

A few examples of questions for which most sales teams should know the answers, particularly in SaaS deals:

  • What are the details of your SLA? Do you offer credits or refunds? If so, how are they calculated? What’s been your uptime historically? When do you schedule routine maintenance? Are you using third party hosting providers? If so, who?
  • Do you use data uploaded by your customers into the platform for any reason other than providing your service? If so, what are you using and why are you using it?
  • Are customers able to download their data from your platform? If so, how quickly can it be done? In what formats? Where are you storing that data?

You may even find it helpful to develop a ‘legal’ FAQ written by your attorney with guidance from your sales leaders. Sales leaders can ensure the FAQ includes answers to the legal-related questions they commonly field in the trenches, while your attorney can ensure the answers reflect what’s in your agreement. When new questions come up on a recurring basis, your attorney can also update your agreement where appropriate.

Create a Decision Tree & Fallbacks

Assuming you’ve closed enough software deals to know what is and is not negotiable in your agreement, how can you be more efficient? When you’re part of a small startup, virtually everything filters up. But, as your company grows, that cannot continue when the number of deals grows as well. What types of matters need to be on your plate – and what types of matters can you leave to the head of sales? Are you leveraging what you negotiated in prior deals?

They say the most important question in law is, “Who decides?” That’s absolutely true when closing a software or SaaS deal. If certain issues are commonly negotiated and you concluded they are minor, then consider whether it’s more efficient for your company to leave those issues to someone else. If other issues are more significant, then make clear who does and does not have the power to negotiate those items.

When you leave certain issues to someone else, provide alternative provisions that you and your attorney wrote and approved. You can even create an alternative version of your contract with footnotes for each of those alternatives.

Train the Team

Obviously, these solutions will not matter if your team does not know how to use them. But by this point, you may be asking yourself whether they have the time for what amounts to legal training. After all, they are busy trying to close deals, and they want to stay focused on the big picture.

If you’re convinced that some basic tools and process can help your company close software or SaaS deals with less legal hassle, put those tools to good use. Build an FAQ and iterate on it. Document a decision tree. Provide written alternatives. Critically, take the time to train your staff on how to use them. An hour of legal training and negotiating during employee onboarding or annual meetings can prevent more expensive back and forth months later. At the very least, the materials become simple resources your reps can leverage if they don’t remember the details.

Closing the Software Deal

Is your software deal stuck in legal limbo?  Need to get it closed to ‘make numbers’ before EOQ?  If your company offers SaaS or licenses software to other businesses, consider these three tips to close deals with less legal hassle.

Don’t bury the lead

SaaS agreements and licenses that do not make the fees obvious to your customer’s counsel do no one any favors.  If the deal means your customer will pay you $25,000 or less per year for three years, and their legal counsel can quickly see that, counsel will very likely treat it accordingly – hopefully with a lighter touch than a deal 20 times that size.

If you instead bury the dollars and cents deep in the agreement, or worse still – put them on a separate file your customer’s lawyer never receives – the lawyer may be more likely to spend more time and more money aggressively negotiating with you.  $25,000 worth of negotiation for a $75,000 deal makes no sense.  For large deals, expect a thorough review no matter where you put the financial details.  But don’t encourage your prospective customer to spend more on legal expense than makes sense relative to the deal size.

Also, take a moment to describe your platform in the agreement.  In my experience, agreements from some hot names in tech right now lack minimal descriptions of their platforms.  If your customer’s attorney knows nothing about the offering, you’re much more likely to wind up negotiating issues that are totally irrelevant to your deal.  That’s nuts.  Take a moment to describe the offering, if only at the most basic level.  You will save your team and your customer valuable time and legal expense.

Know your market

Are you selling into a regulated industry?  If so, do you know what regulatory burdens your customers face, and if they’re changing?  Does the platform you’re pitching impact your customer’s ability to comply?  If you don’t know the answers to these questions, you’ll find out sooner or later – perhaps painfully.

For example, if you’re selling into the healthcare industry, you should know whether your offering will impact your customer’s ability to comply with HIPAA.  You should know what a BAA is, and you should be prepared to answer why your company will or will not sign one.  Another example . . . if your offering will gather information from people residing in the EU, you should be aware of European privacy law and potential changes that may impact you and your customers.

Don’t wait until your customer’s counsel brings up these and other market-specific issues during negotiation.  Draft a deal that accounts for them and be prepared to explain your thinking.

Plan for what comes next

If you’re like most in the software business, you live and die with churn and LTV.  You’re much less likely to see positive movement on those metrics if you don’t have a clear plan to ensure customer success with your software or platform.  In other words, you need to meet customer expectations about your offering.  Great software companies exceed those expectations.  Others let sales teams close the deal and throw it over the wall – leaving things like implementation or integration to another day.  Don’t be that guy.

One way great software companies set expectations is with a plan that the customer approves early in the relationship.  This doesn’t make sense for every provider, especially low price providers, and the plan doesn’t require every little detail.  But for high-touch, high-end solutions, customer users and leaders should play a role in crafting a plan that the customer approves.  Be open to this, even if it impacts CAC in the short-term.  It saves both you and your customer time and money in the long run, establishes trust among their users and your staff, and reduces the risk of buyer’s – or seller’s – remorse.  Critically, you’ll be more likely to start customers on a path to upsells, renewals, and referrals.  If your platform isn’t just “plug and play,” and your sales team already poured time and money into cultivating the deal, take a little extra time to set clear expectations and consider an early sign-off on the same.

Got EU Data?

Emerging tech companies take note – if you collect the personal data of European citizens from the United States, or otherwise transfer that data to the U.S., recent developments mean your legal obligations may change soon.

Background

Citizens of EU member states have an explicit right to privacy.  In practice, this means companies can transfer EU citizens’ personal data out of the EU only if the destination country has an adequate level of protection.

Historically, it has not been a problem to store EU citizen data in the United States.  Under an agreement between U.S. and EU regulators, which is often referred to as the “Safe Harbor,” a U.S. company could transfer that data to the U.S. by certifying to the U.S. Department of Commerce that it would adhere to European privacy principles.  The U.S. Federal Trade Commission, in turn, could bring enforcement actions against the company if it failed to comply.  More than 4,000 companies took advantage of the Safe Harbor to transfer data to the U.S., from Amazon and Google to emerging tech companies in the upper Midwest.

After Edward Snowden revealed that the US government may have indiscriminately conducted mass surveillance of EU citizens’ personal data, an Austrian Facebook user complained to EU authorities that the U.S. lacked adequate protections. On October 6, 2015, the Court of Justice of the European Union ultimately agreed and invalidated the Safe Harbor framework.

Bad Alternatives

The ruling had an immediate impact on businesses of all stripes that relied on the Safe Harbor, particularly emerging tech companies.  They were left with a handful of bad alternatives –

  • keep the data in the EU – potentially expensive or unworkable;
  • obtain user consent or use model contract provisions – also potentially expensive or unworkable, especially for companies already processing data on behalf of existing business customers with an EU presence; or
  • leverage binding corporate rules – a time-consuming process ultimately requiring approval of EU data authorities.

Worse still, the Court of Justice of the European Union ruling implicitly called into question some of these alternatives.  Recognizing the problem, EU regulators gave themselves and their U.S. counterparts until January 31, 2016 to find an alternative.  This set off intense negotiations among regulators.

Privacy Shield

On January 28, 2016 the U.S. Senate Judiciary Committee approved a bill that would allow EU citizens to sue the U.S. government for privacy violations.  Just a few days ago, on February 2, the European Commission and the U.S. Department of Commerce announced the outline of a potential Safe Harbor replacement, dubbed the “Privacy Shield.”  According to the releases:

  • U.S. companies will have stronger obligations to protect personal data of EU member state citizens. Among other things, they will be required to comply with the decisions of the EU data protection authorities regarding personnel data.
  • U.S. companies will remain subject to enforcement actions for privacy violations by the FTC, and EU privacy regulators will have the ability to refer complaints of EU member state citizens to the FTC.
  • If an EU citizen lodges a complaint regarding inappropriate activity by U.S. authorities, a new Ombudsperson at the U.S. State Department will review it.
  • Alternative dispute resolution for certain complaints will be made available for free.
  • The U.S. will commit not to indiscriminately conduct mass surveillance of EU citizens. S. guarantees regarding limits and oversight will be reviewed annually by the European Commission and the U.S. Department of Commerce.  U.S. national security agencies will be invited to participate in those reviews.

To Be Determined

The outline lacks many details that will prove vital to providing a meaningful and lasting legal alternative for U.S. technology companies.  Important outstanding questions include:

  • Will free alternative dispute resolution result in an increased number of complaints?
  • Will U.S. security agencies take up invitations to participate in annual reviews, and will those reviews be meaningful? If not, will the Court of Justice ultimately invalidate the Privacy Shield as it did the Safe Harbor?
  • Will the Privacy Shield be suspended if EU authorities conclude that the U.S. failed to comply with the Privacy Shield’s limits?
  • By when will the EU and U.S. finalize these and other Privacy Shield details? EU regulators suggested that final approval could take up to 3 months, but some EU lawmakers and privacy advocates are already arguing the Privacy Shield is not enough.

In The Meantime

While the Privacy Shield winds its way through the EU legislative process, the chair of the group composed of EU data protection agencies said the group will not take enforcement action against U.S. companies that continue to use existing legal alternatives like model contract clauses and binding corporate rules.  While these alternatives may be difficult for many emerging technology companies, they currently remain likely the only legal way to collect data from the U.S. of EU citizens or otherwise transfer EU personal data to the U.S.

The Confusing World of Joint Ownership of Intellectual Property

A confusing topic for many entrepreneurs is joint ownership of intellectual property.  It often comes up in connection with joint development arrangements, subcontracting portions of work, joint ventures, and other collaborative projects involving intellectual property development, whether it be in connection with software, cleantech, medical device, drug development, or other technology-based initiatives. Continue reading →

Developing Your SaaS Agreement

An increasing number of traditional software and hardware companies are accepting the idea that software as a service (SaaS) is here to stay for some time. In September, Oracle announced that it was significantly increasing its on-line, subscription-based software tools available for middle market companies. Salesforce.com and Cisco announced last week a partnership that brings together Salesforce.com’s online customer service software with Cisco’s IP telephony. The service, called “Customer Interaction Cloud,” is designed to provide a complete, cloud-based customer service offering for small to medium sized businesses. Even Dell, with its recent acquisition of Perot Systems, has signaled an interest in expanding its presence in the SaaS space. From a customer’s standpoint, SaaS generally offers quick deployment, low upfront cost, easy management and scalability.

Legal Difference Between Traditional Software Licenses and SaaS Agreements

Before delving into the SaaS market, it is important for traditional software companies (whether that be off-the-shelf product companies or customized software developers) to understand the differences between a typical software license or software development agreement and a SaaS agreement. At a fundamental level, what is being conveyed in a software license or software development agreement is different than a SaaS agreement. A software license or development agreement typically grants either a limited or exclusive right to use the software. In some cases, they include an assignment or transfer of the actual code from the developer to the purchaser of the software. A SaaS agreement, on the other hand, typically grants only a limited right to use a “service,” with no rights to the underlying software.

Key elements of a SaaS Agreement

With the legal difference between the two business models in mind, as well as the practical differences (web based offering versus an on-site thick client or server-based offering), below are some highlights of the provisions of a typical SaaS agreement:

Subscription for a Service.

Typically, SaaS agreements provide for a subscription to a service for a specified period of time. Many states give this structure more favorable sales tax treatment over traditional shrink-wrap software license agreements.

Performance and Up-Time Guaranties.

Most SaaS agreements address at least a base level of performance and functionality requirements of the service. For more sophisticated SaaS offerings, it is common to see Service Level Agreements (SLAs). The SLAs typically address issues like site and application downtime limits, support response times, and system response times.

Privacy and Security.

SaaS agreements usually address privacy and security issues as the SaaS provider typically holds its customers’ sensitive data. SaaS vendors generally provide some base level of assurances of privacy and security, even in low price SaaS offerings. For the large and more sophisticated offerings or where there are unique confidentiality concerns, the privacy and security provisions in the SaaS agreement can be very detailed. For example, many public companies require that a SaaS vendor’s systems and offerings be compliant with Statement on Auditing Standards No. 70 (SAS 70), which is a rigorous audit standard for controls on accuracy and security.

Data Backups and Data Porting.

In most sophisticated SaaS offerings, the SaaS agreement should address data backup, redundancy, and disaster recovery. Similarly, many customers of sophisticated SaaS offerings will want assurances on the ability to move the customer’s data either to an internal system or another vendor.

Renewals, Termination, Fees and Payment Terms.

Having a continuing relationship requires that the SaaS agreement address items like automatic renewals, termination (who has the ability to terminate upon how much notice), fees (when and how often charged and for what and the ability to change), and payment terms.

Obviously, there are other provisions as well, such as warranty disclaimers, indemnification, limitation on liabilities, export laws, etc. How much these terms vary from traditional software licenses or development agreements are dependent upon the particular SaaS offerings.