Over on LairdOnDemand, Peter has posted the findings of his research into the terms of service (ToS) of eight different SaaS providers. ToS are the sort of things that bore the tears out of everyone but lawyers, but they’re also the things that can come back and haunt a business over time.
Peter found some interesting results (reproduced under the fold). I would say that his analysis, while thorough, doesn’t take into account the fact that the requirements of a paid service provider (NetSuite for example) should be much higher than a free SaaS provider (Zoho for example). Congrats on the excellent analysis Peter, and a word of caution to those considering SaaS providers – do your due diligence thoroughly.
The following are the bright spots in the collection of ToS:
- Netsuite: there are reports that this company has onerous licensing practices, but I see no evidence that. Of the 8 contracts I reviewed, Netsuite’s is by far the best written and the most consumer friendly. They have the best data retention policies and termination procedures.
- Boomi, Netsuite, Taleo: offer warranties for the various aspects of their systems, and not just “as-is”.
- All but Concur: all of these services affirm that you own the data that you upload. This is key. However, there are a couple of vendors that reserve too many rights to use your data, see below.
- Boomi, Coghead, Netsuite, Salesforce, Taleo: these companies indemnify the customer in cases where the application is found to infringe on a 3rd party’s IP, and the customer is sued. Taleo is the only vendor of the 8 that does not demand to be indemnified in return from someone suing them for your use of the system.
The following are terms that you should be wary of when entering into a service contract. Try to negotiate better terms:
- Box.net, Coghead, Concur, Salesforce, Taleo, Zoho: these companies have contracts that can change at any time without any notice. In a way, this could be the ugliest line item of them all because the company could write in whatever nasty thing they want. But I will leave it at “bad” until one of the companies does something evil with it.
- Salesforce, Taleo: have a line item that allows the company to advertise your name as a customer, merely by signing up for a paid account. Customer references should be earned, not mandated.
- Salesforce: prohibits direct competitors from using the Service. But at the rate SFDC is expanding offerings, will you become a competitor tomorrow? For example, anyone that offers software development tools became a competitor when they launched force.com.
The following is the list of contract terms that are unacceptable. I would not recommend using the following services unless you negotiate better contract terms:
- Box.net: by uploading contentÂ that you own to this service you are giving Box.net an irrevocable license to use, copy, create derivative works of, sublicense, etc etc of your content. Think about that. The only redeeming argument is that this contract is for personal, not business use. But they put this item in there for a reason – why? Imagine uploading your personal pictures and then seeing one in the next promotional campaign for Taco Bell. This could happen because Box.net has the right to sublicense as they wish.
- Coghead: if Coghead terminates your account, you have just 2 days to send written notice to request your data. Otherwise they can permanently delete all of your data. What’s the rush?
- Concur: (caveat: this is the Trial license, which can only be assumed to match closely the production license) has the most worrisome contract as it relates to your data. It is the only one that has no explicit line to indicate that you still own your data (filed business expenses, in this case). But it does have a line saying that Concur has an irrevocable right to use that data – this includes your personal data and financial info! Why is this in the contract? This seems quite broad for data that is of utmost sensitivity.