Closing the Software Deal

Is your software deal stuck in legal limbo?  Need to get it closed to ‘make numbers’ before EOQ?  If your company offers SaaS or licenses software to other businesses, consider these three tips to close deals with less legal hassle.

Don’t bury the lead

SaaS agreements and licenses that do not make the fees obvious to your customer’s counsel do no one any favors.  If the deal means your customer will pay you $25,000 or less per year for three years, and their legal counsel can quickly see that, counsel will very likely treat it accordingly – hopefully with a lighter touch than a deal 20 times that size.

If you instead bury the dollars and cents deep in the agreement, or worse still – put them on a separate file your customer’s lawyer never receives – the lawyer may be more likely to spend more time and more money aggressively negotiating with you.  $25,000 worth of negotiation for a $75,000 deal makes no sense.  For large deals, expect a thorough review no matter where you put the financial details.  But don’t encourage your prospective customer to spend more on legal expense than makes sense relative to the deal size.

Also, take a moment to describe your platform in the agreement.  In my experience, agreements from some hot names in tech right now lack minimal descriptions of their platforms.  If your customer’s attorney knows nothing about the offering, you’re much more likely to wind up negotiating issues that are totally irrelevant to your deal.  That’s nuts.  Take a moment to describe the offering, if only at the most basic level.  You will save your team and your customer valuable time and legal expense.

Know your market

Are you selling into a regulated industry?  If so, do you know what regulatory burdens your customers face, and if they’re changing?  Does the platform you’re pitching impact your customer’s ability to comply?  If you don’t know the answers to these questions, you’ll find out sooner or later – perhaps painfully.

For example, if you’re selling into the healthcare industry, you should know whether your offering will impact your customer’s ability to comply with HIPAA.  You should know what a BAA is, and you should be prepared to answer why your company will or will not sign one.  Another example . . . if your offering will gather information from people residing in the EU, you should be aware of European privacy law and potential changes that may impact you and your customers.

Don’t wait until your customer’s counsel brings up these and other market-specific issues during negotiation.  Draft a deal that accounts for them and be prepared to explain your thinking.

Plan for what comes next

If you’re like most in the software business, you live and die with churn and LTV.  You’re much less likely to see positive movement on those metrics if you don’t have a clear plan to ensure customer success with your software or platform.  In other words, you need to meet customer expectations about your offering.  Great software companies exceed those expectations.  Others let sales teams close the deal and throw it over the wall – leaving things like implementation or integration to another day.  Don’t be that guy.

One way great software companies set expectations is with a plan that the customer approves early in the relationship.  This doesn’t make sense for every provider, especially low price providers, and the plan doesn’t require every little detail.  But for high-touch, high-end solutions, customer users and leaders should play a role in crafting a plan that the customer approves.  Be open to this, even if it impacts CAC in the short-term.  It saves both you and your customer time and money in the long run, establishes trust among their users and your staff, and reduces the risk of buyer’s – or seller’s – remorse.  Critically, you’ll be more likely to start customers on a path to upsells, renewals, and referrals.  If your platform isn’t just “plug and play,” and your sales team already poured time and money into cultivating the deal, take a little extra time to set clear expectations and consider an early sign-off on the same.

Got EU Data?

Emerging tech companies take note – if you collect the personal data of European citizens from the United States, or otherwise transfer that data to the U.S., recent developments mean your legal obligations may change soon.


Citizens of EU member states have an explicit right to privacy.  In practice, this means companies can transfer EU citizens’ personal data out of the EU only if the destination country has an adequate level of protection.

Historically, it has not been a problem to store EU citizen data in the United States.  Under an agreement between U.S. and EU regulators, which is often referred to as the “Safe Harbor,” a U.S. company could transfer that data to the U.S. by certifying to the U.S. Department of Commerce that it would adhere to European privacy principles.  The U.S. Federal Trade Commission, in turn, could bring enforcement actions against the company if it failed to comply.  More than 4,000 companies took advantage of the Safe Harbor to transfer data to the U.S., from Amazon and Google to emerging tech companies in the upper Midwest.

After Edward Snowden revealed that the US government may have indiscriminately conducted mass surveillance of EU citizens’ personal data, an Austrian Facebook user complained to EU authorities that the U.S. lacked adequate protections. On October 6, 2015, the Court of Justice of the European Union ultimately agreed and invalidated the Safe Harbor framework.

Bad Alternatives

The ruling had an immediate impact on businesses of all stripes that relied on the Safe Harbor, particularly emerging tech companies.  They were left with a handful of bad alternatives –

  • keep the data in the EU – potentially expensive or unworkable;
  • obtain user consent or use model contract provisions – also potentially expensive or unworkable, especially for companies already processing data on behalf of existing business customers with an EU presence; or
  • leverage binding corporate rules – a time-consuming process ultimately requiring approval of EU data authorities.

Worse still, the Court of Justice of the European Union ruling implicitly called into question some of these alternatives.  Recognizing the problem, EU regulators gave themselves and their U.S. counterparts until January 31, 2016 to find an alternative.  This set off intense negotiations among regulators.

Privacy Shield

On January 28, 2016 the U.S. Senate Judiciary Committee approved a bill that would allow EU citizens to sue the U.S. government for privacy violations.  Just a few days ago, on February 2, the European Commission and the U.S. Department of Commerce announced the outline of a potential Safe Harbor replacement, dubbed the “Privacy Shield.”  According to the releases:

  • U.S. companies will have stronger obligations to protect personal data of EU member state citizens. Among other things, they will be required to comply with the decisions of the EU data protection authorities regarding personnel data.
  • U.S. companies will remain subject to enforcement actions for privacy violations by the FTC, and EU privacy regulators will have the ability to refer complaints of EU member state citizens to the FTC.
  • If an EU citizen lodges a complaint regarding inappropriate activity by U.S. authorities, a new Ombudsperson at the U.S. State Department will review it.
  • Alternative dispute resolution for certain complaints will be made available for free.
  • The U.S. will commit not to indiscriminately conduct mass surveillance of EU citizens. S. guarantees regarding limits and oversight will be reviewed annually by the European Commission and the U.S. Department of Commerce.  U.S. national security agencies will be invited to participate in those reviews.

To Be Determined

The outline lacks many details that will prove vital to providing a meaningful and lasting legal alternative for U.S. technology companies.  Important outstanding questions include:

  • Will free alternative dispute resolution result in an increased number of complaints?
  • Will U.S. security agencies take up invitations to participate in annual reviews, and will those reviews be meaningful? If not, will the Court of Justice ultimately invalidate the Privacy Shield as it did the Safe Harbor?
  • Will the Privacy Shield be suspended if EU authorities conclude that the U.S. failed to comply with the Privacy Shield’s limits?
  • By when will the EU and U.S. finalize these and other Privacy Shield details? EU regulators suggested that final approval could take up to 3 months, but some EU lawmakers and privacy advocates are already arguing the Privacy Shield is not enough.

In The Meantime

While the Privacy Shield winds its way through the EU legislative process, the chair of the group composed of EU data protection agencies said the group will not take enforcement action against U.S. companies that continue to use existing legal alternatives like model contract clauses and binding corporate rules.  While these alternatives may be difficult for many emerging technology companies, they currently remain likely the only legal way to collect data from the U.S. of EU citizens or otherwise transfer EU personal data to the U.S.

AlphaTakes – The Basics of Capitalization Tables

In this AlphaTakes video, paralegal Macy Stoneback provides a brief summary of the capitalization table (“cap table”) for an emerging technology.

Here are the key takeaways from this video:

    (1) The cap table shows the outstanding equity of the company as of a given date, broken down by shareholder and equity type.

    (2) Officers refer to cap tables often when considering issuing equity to employees, advisors, and others.

    (3) A pro forma cap table can be prepared to see how shareholders and option holders are affected by actions like adding shares to the stock incentive pool, raising a round of financing

AlphaTakes – Most Common Types of Securities Issued in Investor Financings

In this AlphaTakes video, Matt Storms discusses the most common types of securities issued in investor financing of privately held emerging technology companies. Since most emerging technology companies are organized as corporations due to investor requirements, he is going to focus on the types of securities issued by corporations.

Here are the key takeaways from this video:

    (1) Common stock is the base form of security issued and is typically sold to founders and friends and family.

    (2) Convertible debt is the most frequently used security in between priced financing rounds.

    (3) Convertible preferred stock is the security of choice for angels and institutional investors.

    (4) Other forms of securities include convertible equity and preferred stock without a conversion feature.

AlphaTakes – Anti-Dilution Provisions

In this AlphaTakes video, Matt Storms discusses anti-dilution provisions in investor transactions involving an emerging company.  He outlines the different types of anti-dilution protection provisions that are typically negotiated and how they commonly impact the company.

Here are the key takeaways from this video:

    (1) Anti-dilution provisions contain rights in which the company provides some level of downward price adjustment to the holders of the rights in the event that the company sells securities at a lower price

    (2) The two most common types of anti-dilution provisions are full ratchet and weighted average, with weighted average being used in the overwhelming majority of circumstances

    (3) The exceptions or carveouts to the anti-dilution adjustments can be important in negotiating anti-dilution provisions

AlphaTakes – Determining the Size of the Stock Option Pool

In this AlphaTakes video, Meechie Pietruczak discusses calculating the number of shares in an emerging technology company’s option pool.

Here are the key takeaways from this video:

  1. Emerging technology companies usually create stock option pools to compensate and incentivize employees, directors, consultants and other independent contractors.
  2. The size of the option pool is typically calculated as a percentage of all capital stock, which is often in the range of 10 to 20%.
  3. The size of the option pool may have a significant impact on the price per share paid by an investor.

AlphaTakes – Series A Preferred Stock Term Sheet (part two)

In this second of a two part AlphaTakes video series, Matt Storms discusses the second half of the Series A Preferred Stock term sheet for an emerging technology company, using the Series A term sheet published by the National Venture Capital Association.

Here are the key takeaways from this video:

  1. The three most common alternatives to anti-dilution provisions:
    • Weighted average
    • Full ratchet
    • No anti-dilution provisions
  2. Several provisions are not typically heavily negotiated in Series A financings:
    • Pay to play requirements
    • Attorneys’ Fees
    • Registration rights
    • Participation rights
    • Drag-along rights
    • No shop requirements
  3. Keep an eye on the big picture