Most enterprise SaaS agreements are drafted by vendor counsel, optimized for the vendor, and signed by customers who don't realize the imbalance until something goes wrong. Gurpreet S. Bal has reviewed hundreds of these agreements in the context of M&A diligence and corporate transactions, and the pattern is consistent. "The standard SaaS contract is essentially a vendor bill of rights dressed up as a mutual agreement — customers need to know which provisions to push back on before they sign, not after," he says.
Bal advises technology companies and acquirers on commercial contract risk, and technology licensing terms frequently surface as deal-limiting issues in due diligence.
Many SaaS agreements grant the vendor a unilateral termination right — termination for convenience — while restricting the customer's exit rights to specific enumerated causes. That asymmetry has real consequences. If the vendor's product degrades, if pricing doubles at renewal, or if the company pivots away from the tool, the customer may be locked into an agreement it can't exit without triggering liability. The critical language to negotiate: ensure the customer gets a matching termination-for-convenience right, or at minimum a right to terminate for material degradation in service quality. Uncapped auto-renewal clauses compound the problem — many enterprise agreements renew automatically at higher rates unless notice is given 90 or 180 days in advance, a deadline that routinely slips past procurement teams.
What happens to your data when the relationship ends? This is the question Gurpreet S. Bal finds most companies haven't thought through at signing. The better agreements include an explicit export window — typically 30 to 90 days post-termination — during which the customer can retrieve data in a machine-readable format. Many standard agreements provide no such window, and some expressly disclaim any obligation to retain data past the termination date. For companies where the SaaS platform holds customer records, transaction histories, or trained model outputs, the absence of a portability clause isn't a minor gap — it's a business continuity risk. Negotiate: the format of export, the duration of the export window, deletion confirmation, and what the vendor can do with aggregated data derived from your usage after you've left.
Uptime SLAs are often marketed as vendor accountability but function more as pricing adjustments than genuine remedies. A typical 99.9% uptime SLA sounds strong — it allows roughly 8.7 hours of downtime annually. But the credit structure usually caps compensation at 10% to 30% of monthly fees for a given month of underperformance. If that month happened to involve a critical system outage that cost your business real revenue, a service credit worth a fraction of one month's subscription fee doesn't come close to covering it. The structural problem is that SLA credits are almost always the exclusive remedy for availability failures, and the limitation of liability clause (discussed below) will foreclose any broader damages claim. Push for: financial penalties tied to severity, not just monthly credits, and ensure that chronic underperformance triggers a termination right rather than just accumulating credits you may never use.
The limitation of liability clause is where SaaS agreements do the most damage. The standard formulation caps total vendor liability at fees paid in the preceding 12 months — often $50,000 to $200,000 for a mid-market contract — while excluding consequential, indirect, and lost profits damages entirely. For a vendor processing financial transactions, holding sensitive customer data, or providing infrastructure critical to a customer's operations, that cap is disconnected from actual risk exposure. Well-negotiated agreements carve out the liability cap for: data breaches and privacy violations, IP indemnification obligations, willful misconduct, and death or personal injury. Without those carve-outs, the vendor's financial exposure for a catastrophic failure is limited to a figure that may represent a rounding error on the actual harm.
Many SaaS vendors include provisions that assign to the vendor any improvements, modifications, or configurations developed during the customer relationship — even when the customer paid for professional services to build those customizations. The rationale is product development: vendors argue that custom features benefit the broader user base. The practical effect is that a company that spent six figures building an integration or workflow automation may have no ownership rights to what it funded. The issue becomes acute in M&A. Acquirers frequently discover during diligence that software the target company treats as proprietary is actually owned or jointly owned by a SaaS vendor under a provision no one read carefully three years earlier. Negotiate a clear assignment of custom work product, or at minimum a perpetual irrevocable license to use, modify, and distribute configurations the customer paid to build.
Gurpreet S. Bal is a corporate partner with 16 years advising on private equity, merger transactions, and public offerings for companies and investors at three of the world's top law firms. He has represented clients in hundreds of transactions with aggregate deal value exceeding $60 billion across AI, semiconductors, fintech, and emerging technology. For more information and to get in touch, visit gurpreetbal.com.