AI clauses in a SaaS contract: why you can't ignore them anymore

More and more SaaS companies are integrating artificial intelligence components into their products. Text and image generation, recommendations, automation... AI is becoming a fully-fledged feature of many SaaS. However, contracts are not always adapted to take this into account. Most traditional models do not include any clause dedicated to AI. It is a mistake.

Here are the key points that I recommend that you address in a custom AI clause.

1. No training on customer data

It is the first instinct to have. Even if you've taken steps to comply with  GDPR, that's not enough. It is important to specify in writing that:

• Client prompts are not used to train models.
• The results generated by the AI are not fed back into the training data.
• Any secondary use of data requires express consent.

This point is contractually essential, for reasons of confidentiality, security and commercial trust. Your customers are now aware of this risk.

2. AI is part of the service... and can evolve

Artificial intelligence is a moving technology. The model used today may not be the model of tomorrow. It should therefore be noted that:

• AI is an integral part of the service.
• The SaaS company reserves the right to modify, improve or replace the model used.

This logic is similar to traditional updates. You must maintain your ability to evolve, without having to renegotiate with each technical improvement.

3. Supervised responsibilities

The results generated by AI are inherently uncertain. They can be false, incomplete, misinterpreted... It is therefore essential to set limits:

• The SaaS company does not guarantee the accuracy or completeness of the content generated.
• The use of the generated content remains under the responsibility of the customer.
• The SaaS company provides a tool, not a promise of results.

This protects your liability while clearly informing your customer.

4. Ownership of generated content

It's the most complex subject. Who has the rights to the results produced by AI?

• If the generated content is a text, a visual, a line of code: does it belong to the customer, to the SaaS company, or to nobody?
• What happens if the content is based on third party data?

It is necessary to decide:

• Or you transfer the rights to the customer. This seems to me to be the most logical case for a SaaS contract.
• Or you own them and limit their use to the duration of the contract. This seems more difficult to understand, but could be justified depending on the use case.

The important thing is to be clear and consistent with the technical reality of your solution.

5. A land without standards, to be built on a case-by-case basis

There is no solid benchmark or stable case law on IA clauses. Each service, each engine, each use case is different.

An IA clause should not be copied and pasted from another contract. It must be custom built, based on:

• The exact role of AI in your product.
• The level of autonomy of the engine.
• The type of content generated.
• Uses authorized to the customer.

Conclusion

If you integrate AI into your SaaS, the AI clause is no longer optional. It is an essential component of your legal framework, in the same way as availability, reversibility or security. I regularly assist clients in drafting tailor-made AI clauses: clear, balanced and adapted to the reality of their services. Don't wait for a customer to ask for it. Better to have it planned from the start.

‍