Software as a Service Contract in Germany | SaaS

SaaS products have become essential business tools, dramatically streamlining operational processes. In this cloud-based delivery model, providers make software accessible to customers via the internet for defined periods of time without requiring local installation. The software operates on the provider’s servers and reaches customers through internet connectivity. Since customers do not purchase traditional licenses, they bear no responsibility for maintenance or technical support. Providers handle all software updates, security measures, and technical infrastructure management.

Leading SaaS providers include:

• Adobe: Offers comprehensive digital creativity, documentation, communication, marketing, e-commerce, and data analysis solutions.
• Google: Google Workspace provides integrated business tools, including Calendar, Drive, and Gmail.
• Microsoft: Delivers extensive product portfolios, with Microsoft Office 365 representing its flagship SaaS offering.
• Zoom: This cloud-based communication platform experienced explosive growth, particularly during the onset of the 2020 pandemic. It provides video conferencing and chat services that enable seamless mobile communication and collaboration.

While server-based alternatives exist, their usage continues declining as cloud computing gains prominence. The transition to cloud-based SaaS products offers several compelling advantages:

• Enhanced Flexibility and Mobility: SaaS access is not constrained by location or device limitations, requiring only stable internet connectivity for universal accessibility.
• Reduced Administrative Burden: Providers handle setup complexities and ongoing maintenance tasks, including updates and bug fixes, eliminating internal IT overhead.
• Cost Efficiency: SaaS products offer advantages in maintenance expenses and initial investments compared to on-premises software. On-premises solutions typically require higher acquisition costs plus additional expenses for dedicated maintenance personnel.

Liability and warranty considerations depend heavily on the specific legal classification of the service provision model. SaaS contracts may involve multiple areas of German law:

• Service contract law, §§ 611 ff. BGB,
• Rental contract law, §§ 535 ff. BGB,
• Contract for work and services law, §§ 631 ff. BGB.

This creates what German law recognises as a “mixed-type contract” – an arrangement not explicitly regulated by statute. Since SaaS involves temporary software provision comparable to the possession transfer found in tenancy relationships, tenancy law typically governs the primary contract framework.

Contract law for work and services generally applies to ancillary components, such as performance-based obligations like data migration and software customisation. In contrast, service contract law covers activity-based elements like training programs.

The applicable legal framework during disputes between contracting parties depends on the specific issues involved and governing law provisions. These classifications primarily apply to business-to-business (B2B) relationships. When one party qualifies as a consumer under German law, the provisions of Sections 327 ff. BGB take precedence.

SaaS contracts typically use pre-formulated terms, making the German legal provisions on general terms and conditions (Sections 305 ff. BGB) particularly relevant. This becomes especially critical when dealing with international contracts, as foreign agreements may contain clauses conflicting with German legal requirements.

Invalid clauses that violate German law become unenforceable, while the remainder of the contract remains valid under Section 306 BGB. Invalid provisions are then replaced by applicable statutory requirements.

Organisations should also recognise that SaaS offerings may evolve during contract terms. Any modifications occurring during the agreement period must be properly documented and formally incorporated into the contract.

At Schlun & Elseven, our legal team provides comprehensive SaaS contract review services. We particularly focus on analysing contract duration clauses, respective party obligations, data protection provisions, and termination conditions. Our attorneys guide clients through all contract provisions and provide ongoing support throughout the contract lifecycle.

Service Level Agreements typically accompany main SaaS contracts as critical supplementary documents. SLAs establish specific regulations regarding service content, including software availability guarantees, contractual obligations for all parties, and protocols for handling service disruptions.

Since software availability cannot always be guaranteed without interruption – despite potential requirements under tenancy law – any deviations from this obligation and their consequences should be clearly documented. SLAs typically address response times during failures, penalty clauses, compensation provisions, and termination procedures.

Service level agreements require regular review to align with evolving business requirements. Technical developments and industry changes play significant roles in these updates. The growing integration of artificial intelligence deserves special attention in modern SLA frameworks. Our lawyers regularly review existing contracts and SLAs, implementing legally compliant modifications as business needs evolve.

Artificial intelligence adoption continues to accelerate across all business sectors. Companies increasingly deploy AI systems to optimise workflows and human resource management. SaaS contracts should provide clear, comprehensive definitions of included AI technologies and specify which data undergoes processing. Liability regulation becomes particularly crucial in these arrangements.

Liability issues may arise from various scenarios, including personal rights violations by AI systems. Given the rapidly evolving legal landscape surrounding AI law, regular adjustments to SaaS contracts and associated agreements are anticipated, particularly in this domain. Similar considerations apply to product liability law following the implementation of the new EU Product Liability Directive.

Data protection and personal data security remain paramount concerns, especially with increasing AI integration. SaaS product usage typically involves processing personal data, requiring data protection-compliant justification and appropriate protective measures for sensitive information.

As previously noted, providers maintain software management responsibility and must ensure the transmission of information security. Beyond data protection regulation compliance, organisations should establish Data Processing Agreements (DPAs) in accordance with Article 28 of the General Data Protection Regulation (GDPR). These agreements should specify which collected data may be processed and establish the legal basis for such processing.