Accepting the test of a SaaS without a contract: what are the risks for the SaaS company?
Testing a SaaS without a contract exposes you to major legal risks. Discover how to secure your POCs and test phases while contracting quickly.
It is not uncommon, in the life of a SaaS company, for a prospect to want to test the solution before engaging.
Nothing unusual: to convince a customer, especially a large account, a demonstration or test phase is often essential.
The problem arises when this test is carried out without any contract.
This scenario, which may seem trivial, nevertheless exposes the SaaS company to significant legal risks. These risks are all the greater when the test goes beyond a simple demonstration to involve real deployment, under production conditions.
Without a contract, the SaaS company has no safety net. Three points are particularly problematic:
In the absence of limiting clauses, the SaaS company may be held liable without limit. If a malfunction occurs during the test phase — service interruption, data loss, security breach — there is no contractual mechanism to limit the amount of potential damages.
If the test involves the processing of personal data, article 28 of GDPR imposes a written data subcontracting contract between the customer and the SaaS company. Without DPA, both parties are in a situation of non-compliance, which may result in sanctions from the CNIL or another supervisory authority.
Without a contract, the use of the software by the prospect is not subject to any license. This means that the rights of use are not regulated: no limitation on users, on duration, or on the functional scope. In the event of a dispute, the SaaS company will find it difficult to demonstrate abusive use.
A test without a contract not only poses a legal problem: it can also disorganize the commercial relationship.
For example:
In a B2B context, these situations can quickly compromise the relationship with a promising prospect.
Fortunately, there are several solutions to secure a test phase, while maintaining the commercial flexibility necessary to close the sale.
The Proof of Concept (POC) is a contract dedicated to the test phase. It states:
The advantage: a clear and specific framework that protects both parties.
The downside: you have to negotiate and sign an additional contract, which can make the sales process longer.
This option consists in signing the final SaaS contract directly, but with a termination clause for convenience, valid for an initial period (30, 60, or 90 days, for example).
If the customer is not convinced, they can end the contract without penalty.
Advantage: only one contract to negotiate, which speeds up the closing phase.
Disadvantage: the customer may not be ready to close the contract immediately.
For SaaS companies who have an online offer with direct registration, it is possible to provide a trial period (7, 14 or 30 days) integrated into the customer journey.
In this case, the acceptance of the terms and conditions and a DPA is integrated into the registration process, which automatically secures the test phase.
It is the fastest option but also the least secure:
This solution considerably reduces legal risk, but does not always allow the customer to validate the solution in conditions close to real life.
Whichever option is chosen, certain clauses must be included in the contract. I covered this topic in this article: https://www.pacaud-avocat.fr/blog/poc-saas-contrat-specifique
The challenge for a SaaS company is twofold:
The key is therefore to adapt the contractual solution to the context:
Using terms and conditions that are not adapted to the SaaS model (self-service or signed) is risky. Learn how to choose the right terms format for your SaaS.
Why choose a mutual NDA in SaaS? Protect sensitive information, save time, and build a balanced business relationship from the start.
Let's build together to grow your business
I have been supporting software and SaaS companies for more than 10 years, to structure their business, protect their intellectual property and improve their contracts.
