Defectiveness of SaaS solutions – and can I adapt GTCs for this?

The increasing spread of Software as a Service (SaaS) solutions presents providers and users with new legal challenges. In particular, the question of when a SaaS solution is considered defective is becoming increasingly important. The amended definition of material defects in the German Civil Code (BGB) and the special features of SaaS contracts require careful legal examination. These changes have far-reaching effects on the drafting of contracts and the liability risks for SaaS providers. Detailed knowledge of the legal framework is therefore essential to ensure legal certainty and avoid potential disputes. In addition, providers must reconcile the expectations of their customers and the technical capabilities of their solutions in order to be able to fulfill contractual obligations.

The new concept of material defects and its impact on SaaS

With the amendment to Section 434 BGB on January 1, 2022, the concept of material defects was redefined. An item is now free from material defects if it meets the subjective requirements, the objective requirements and the installation requirements. This redefinition has a significant impact on SaaS offerings. The agreed quality is no longer the only decisive factor for freedom from defects. Even if the agreed quality is fulfilled, there may be a defect if the usual quality is not given. In the case of SaaS solutions, defects may relate in particular to the availability and functionality of the application. This requires a precise formulation of the service description and the quality standards in the contract documents.

1. Subjective requirements: The subjective requirements refer to the characteristics of the SaaS solution agreed in the contract. These include, for example, specific functionalities, performance features or compatibility with other systems. Precise documentation of these requirements in the contract is essential in order to avoid disputes later on.
2. Objective requirements: The objective requirements comprise the properties that the user can usually expect from a SaaS solution. This can relate to aspects such as data security, availability or user-friendliness. SaaS providers must ensure that their solutions not only meet the contractually agreed standards, but also the standards customary in the industry.
3. Installation requirements: Although there is no physical installation for SaaS solutions, installation requirements can be relevant in a figurative sense. This applies in particular to the integration of the SaaS solution into the customer’s existing IT infrastructure. It is advisable to have clear rules on integration support and responsibility for any compatibility problems.
4. Obligation to update: The new definition of a material defect also includes the obligation to provide updates. SaaS providers must therefore contractually regulate the scope and frequency of updates to be provided. Both security updates and functional enhancements must be taken into account.

Special features of contract design for SaaS

When drafting SaaS contracts, it is important to bear in mind a number of special features that arise from the nature of the service and the legal framework. A precise definition of the services owed is essential in order to avoid misunderstandings and potential disputes. Detailed regulations on availability, maintenance and support should be set out in a service level agreement (SLA). Limitations of liability are subject to GTC control and must be carefully formulated in order to withstand judicial review. The update obligation requires clear regulations on the provision and maintenance of the digital elements of a product, including updates. In addition, aspects such as data protection, data security and the possibility of data portability at the end of the contract should be taken into account.

1. Service description: A detailed and precise service description is the foundation of every SaaS contract. It should not only cover the functionalities of the software, but also address aspects such as availability, performance and scalability. It is important to strike a balance between detail and flexibility in order to allow for future developments of the software.
2. Service Level Agreements (SLAs): SLAs specify the performance obligations of the SaaS provider. They should define clear metrics for availability, response times in the event of faults and maintenance windows. It is also advisable to make provisions for compensation in the event of non-compliance with the agreed service levels.
3. Limitations of liability: The formulation of limitations of liability requires particular care. On the one hand, they must protect the provider from disproportionate risks, but on the other hand, they must also stand up to scrutiny under general terms and conditions. A differentiated provision that distinguishes between different types of damage and degrees of fault is advisable.
4. Data protection and data security: In view of the strict requirements of the GDPR, SaaS contracts must contain clear regulations on the handling of personal data. This includes aspects such as the purpose limitation of data processing, technical and organizational protective measures and the modalities of any commissioned data processing.

Legal risks and need for action

The application of tenancy law to SaaS contracts in the absence of individual contractual provisions can lead to far-reaching liability risks for the provider. In order to minimize these, it is advisable to draft the contract carefully, taking into account the special features of SaaS. A clear definition of defects and scope of services is essential to prevent disputes. Transparent regulations on the availability and quality of the service create clarity for both contracting parties. When formulating limitations of liability, the limits of GTC control must be observed in order to avoid ineffectiveness. Providers should also take into account the possibility of changes to the service during the term of the contract and include appropriate adjustment clauses.

1. Adaptation of warranty and liability: The warranty and liability regulations must be adapted to the special features of SaaS. It should be noted that a complete exemption from liability is generally not possible. It is advisable to make differentiated provisions that distinguish between different types of damage and degrees of fault.
2. Dealing with service disruptions: Clear rules for dealing with service disruptions are essential. This includes the definition of defects, response times in the event of faults and possible compensation. It should also be taken into account that SaaS solutions often allow faults to be rectified quickly, which can have an impact on warranty rights.
3. Contract adaptation and change management: SaaS solutions are constantly evolving. Contracts should therefore contain provisions that allow the provider to adapt or expand the service. At the same time, it must be ensured that essential functionalities are not dropped without the customer’s consent.
4. Exit strategies and data portability: In the event of a contract termination, clear regulations should be put in place for the return or deletion of data and for support in migrating to another provider. This is not only relevant from a data protection perspective, but can also be decisive for customer acceptance.

Conclusion and recommendation for action

The legally compliant drafting of SaaS contracts and GTCs requires careful legal examination due to the complex legal situation and recent changes to the law. In order to minimize liability risks and ensure legal certainty, it is advisable to have the contract documents and GTCs reviewed by a specialist lawyer. Particular attention should be paid to compatibility with the new concept of material defects, the drafting of service level agreements and the wording of liability clauses. A regular review and adjustment of contracts is essential in view of the dynamic developments in IT law. Only in this way can SaaS providers ensure that their contracts comply with current legal requirements and at the same time adequately protect their business interests. Professional legal advice can help to avoid potential pitfalls and achieve a balanced contract design that meets both the interests of the provider and the expectations of the customer.

Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.