HomeEducation

Intellectual Property Rights in SaaS: Who Owns the Data?

man holding mug in front of laptop

Photo by Andrea Piacquadio on Pexels.com

With the emergence of the novel phenomenon of Software as a Service (SaaS) in the modern world, it is pertinent to define the requirements regarding intellectual property (IP) rights among the subjects of SaaS offerings. Most SaaS applications involve several interdependencies, including the application software, the data it stores and manipulates, and the other applications it interacts with. 

Most of these complexities lead to uncertainty about who owns the Software, the user and other application data the Software may be processing, and the third-party products that may be included. Defining the ownership of IP in SaaS agreements reduces legal risk and promotes clarity of responsibilities for data protection, usage, and software license. Both the SaaS providers and the users should consult a SaaS lawyer to better understand these agreements and the legal expectations.

  1. Software Ownership

In SaaS agreements, it is commonplace that IPR in the Software developed will lie with the SaaS provider. This is because the provider deploys, manages, and maintains the platform and owns the code and the technology behind the service. Customers can use computer software, but the license granted is often subject to the service contract. Thus, it is non-exclusive, non-assignable, and limited. For example, Salesforce, one of the biggest SaaS solutions providers, provides clients with limited licenses for using Software but owns all rights to the Software’s intellectual property. Software product owners must ensure that they shield their IP in a way that would bar anyone from using, copying, or repudiating their products.

  1. User Data Ownership

The question of who owns the user data is critical in SaaS contracts. Virtually all SaaS contracts specifically state that data fed into or created within the SaaS platform belong to the user (or the organization utilizing the Software). For example, tools like HubSpot or Zoho CRM process enormous amounts of user data as part of customer relationship management, but customer data belongs to customers. However, the provider often reserves the right to transform, analyze, and sometimes even anonymize this data for performance enhancement or analytical reasons so long as it complies with data privacy laws such as GDPR or CCPA.

Third-Party Integrations

Therefore, third-party integration also forms another layer for SaaS IP rights. These kinds of integration enable SaaS platforms to offer additional functions by linking Software or services created by third parties. Ownership of the IP belt in third-party software integration is presumed to lie with a third party that offers the integration, not the SaaS provider. However, SaaS agreements still make some provisions regarding the licensing of these integrations to satisfy both the SaaS provider and the SaaS user on permission to use the third-party components. For instance, implanting Google Analytics in a SaaS application does not vest ownership of the IP in the user but provides a license to use it under the regulation of Google’s terms of service.

Final Thoughts 

Determining IPR protection in SaaS contracts requires dissection of the ownership of Software and user data and third-party use. The technically oriented SaaS model entails SaaS users purchasing the right to use applications while the Software remains the property of the SaaS provider; ownership of data is decentralized. Third-party integrations need more attention because the IP ownership for these components rests with third parties. Because of these issues, SaaS providers and users need to review SaaS agreements with the help of a SaaS lawyer to be guided properly on the issue of IP ownership and avoid legal conflicts.