Using SaaS.... for SaaS - Contract Clauses to use third parties

User: "Beth Twigger"
Updated by Beth Twigger
Hi GGR community! 

Long time observer, first time poster. This ones a bit of a legal conundrum, 

We are a SaaS company working with typically risk-averse clients (healthcare, banks etc) who are very strict on third-party infosecurity. Any CS tooling we've used thus far has been in-house built or on-premise solutions, but we've reached a scale where this is starting to become problematic. The primary concern is that personal data about our users will be stored processed by any SaaS solutions we choose for usage analytics/CRM/onboarding journeys etc and therefore need to be disclosed as a fourth-party, or have something in our MSA... but perhaps there is a more creative solution out there! How are other SaaS companies with similarly infosecurity-sensitive clients handling this?

Any suggestions much appreciated - thank you!!

Beth

Find more posts tagged with