Part 1 - Terms of Business – easy improvements to key risks in the changing world
This is the first part in the series designed as a starting point for an audit, or set of questions you could be asking yourself as the world starts to turn again, around key legal issues that may have changed, what industry standards may now look like, and to check that you understand the related risks and opportunities.
- Review your Terms of Business / customer contracts - updates, industry norms and looking professional.
- Protect your IP and know-how properly - from use or misuse by the customer.
- Who owns the IP in any bespoke or integration – and does this put at risk the IP in the core platform?
- Do you need to provide an SLA, and service credits or termination rights – should you try to avoid these?
- US Customers – is it ok for the contract to be subject to US law? Is that a risk?
1. Review your Terms of Business / customer contracts – updates, industry norms and looking professional.
Every now and again it is worth stepping back and checking your Terms of Business (ToB). Maybe you wrote them when you were still at a really early stage and did a very practical, but light weight job on them. Maybe your business has changed a little in terms of the services provided or types of targets as you have grown. And no doubt you will have learned a lot from how your customers have responded to your ToB, and which issues keep coming up as questions or that cause friction.
Key things to audit / improve
- Often key issues and risks will have changed as your service / product has developed, and you may be more exposed than you need to be in key areas;
- The law may have changed or bedded in. GDPR for example is now 2 years old, and the industry norms have settled down and more standard clauses and risk profiles have emerged;
- There may be new practicalities that create new industry norms – for example the COVID-19 crisis has meant that all businesses should consider their “Force Majeure” clauses to give as much protection as possible in relation to future unforeseen circumstances;
- Which topics are always coming up in negotiation, and can these wrinkles be smoothed out without weakening your position;
- The rest of this Part 1 and the further Parts of this series go into more detail.
In any event making your Terms of Business balanced, with all industry standard questions already addressed (but still securely protecting your interests), whilst looking and feeling properly professional, will provide confidence to the customers, encouraging them to sign up more easily with less review and less questions.
2. Protect your IP and know-how properly - from use or misuse by the customer.
Technology platform businesses rely on creating and protecting their core IP and methods in their unique solution. Even if the customer does not get full access to the code base of a SaaS platform, or other IP in a services solution, there is still a risk that customers and competitors will be able to infer of derive key know-how and propriety information about your tech, and may use it to reversion or replicate your platform.
Key protections that are often missed out
- Do your ToB with your customers, or your User T&C / EULA, do everything possible to make it clear what limited rights the customer has to use your IP, and properly reserve the core propriety rights to yourself with the right legal language?
- You can also add further stronger practical provisions to the terms to further restrict what they can and cannot do with your platform and know-how.
- Standard confidentiality provisions protect disclosed information. But are they correctly constructed to additionally protect your know-how, including the ideas and developments arising during the service?
- Have you also thought about further non-compete restrictions on those customers that have had insights into your business from their use as a customer – you don’t want them rebuilding your solution in-house based on those insights.
What about the data and know-how that is generated during the service? The output directly derived from the customer’s data and content, that is the objective of the service, should of course belong to the Customer. But what about improvements to, and know-how about, the platform functionality, generic data about usage, and statistical learnings about the industry? This is extremely valuable to your business and future success. Have you separated that concept out properly from the IP and data that the customer should validly own and retained it for yourself?
3. Who owns the IP in any bespoke or integration – and does this put at risk the IP in the core platform?
Often suppliers will also be creating bespoke outputs or deliverables, or adding tools or integrations to their platforms for their customers. The big question is who owns these bespoke elements and what if they overlap with the proprietary IP?
Specific deliverables can be owned by the customer, but great care should be taken in any assignment (transfer of rights) provisions which facilitate this, so that they do not accidently transfer rights in the underlying platform, propriety tech and IP. This is especially the case for integrations or add-ons as often it is extremely hard to separate out the IP in these situations. Suppliers can validly negotiate retention of ownership of these bespoke elements – this protects the core IP, and is a big benefit in terms of reuse of those tools for other customers.
4. Do you need to provide an SLA, and service credits or termination rights – should you try to avoid these?
SLA’s may or may not be reasonable or appropriate, depending on the context of the service. They are often a good thing to offer not least for presentation purposes to give the customer confidence in your processes and professionalism.
But what if the customer starts asking for Service Credits – is this appropriate, how are they calculated, and how do these relate to other remedies? If they are the “sole remedy” they can be a good thing as they avoid you being sued for larger amounts that you did not anticipate; but often they are also linked to termination. However, there are some established industry norms here to create a good balance of protection for the supplier.
5. US Customers – is it ok for the contract to be subject to US law? Is that a risk?
Running a global business with customers in multiple territories can be challenging. This relates to a degree to the “applicable law” points in Part 2 below about what rules you need to comply with. But separately the whole contract itself will have a law and jurisdiction clause which says which law applies when interpreting the contract and which country’s court will assess any dispute. If you are based in the UK, English law is preferable and this is often acceptable to customers from other countries.
US law brings different risks
However, often (and almost always with US customers) the customer will ask for the relevant law and jurisdiction to be that of their home country. The resolution here often comes down to who has the most power, and that will often be the customer. US law is not a disaster, but you should be aware of the additional risks and financial liabilities this can bring with it, and when is it ok to push back.