Why Most SaaS ToS Are Useless
If you copied your Terms of Service from another website and changed the company name, you're not alone β and you're not protected.
A properly written ToS serves two purposes: sets clear expectations with customers, and limits your legal exposure when things go wrong. A copied ToS often does neither.
This is not legal advice. Consult a lawyer for binding documents. This is a guide to understanding what matters.
The Clauses That Actually Protect You
Limitation of Liability: The most important clause. Limits the amount a customer can sue you for.
Standard language: 'In no event shall [Company] be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues.'
Without this: if your product has downtime and a customer claims βΉ50 lakh in lost revenue, they can theoretically sue for that amount. With proper limitation: liability is typically capped at the amount the customer paid you in the last 3β12 months.
Service Level (or lack thereof): Don't promise specific uptime numbers unless you have the infrastructure to back them up. Many startups inadvertently create liability by including SLA tables copied from enterprise products. Use 'best-effort basis' language instead.
Acceptable Use Policy: Define what customers cannot do β send spam, reverse engineer the software, harass others, scrape data beyond normal use. This is your defense when a customer uses your platform for something harmful.
Data Ownership: Customer owns their data. You need a license to process it. This matters because enterprise customers will ask, and India's DPDP Act requires clarity on data processing.
Payment Terms: Be explicit about when billing occurs, what happens if payment fails, refund policy, and what 'cancellation' means.
Dispute Resolution: Indian jurisdiction, Indian law for Indian customers. Add a 30-day good-faith negotiation period before formal dispute β resolves most issues without legal fees.
Indian Law Considerations
IT Act 2000: Governs electronic contracts. Your ToS is legally valid if accepted electronically (checkbox or click-through).
Consumer Protection Act: For B2C products, the Act applies and limits what you can exclude. B2B has more flexibility.
DPDP Act: India's privacy law. If you collect personal data of Indian users, your privacy policy must describe what you collect and why.
Common Mistakes
Copying from a US company. References to California law or Delaware arbitration are irrelevant for Indian users.
No governing law clause. Jurisdiction becomes a battle if a dispute arises.
Not updating when product changes. Adding payment handling or health data features requires ToS updates.
Practical Approach
- Use a credible template (Termly or lawyer-reviewed)
- Have a local lawyer review before you have 100+ paying customers (βΉ5,000β15,000)
- Ensure governing law matches your incorporation
- Update annually or when you make significant product changes
- Notify customers when you update it
The ToS won't prevent all disputes. A well-written one resolves most disputes before they become legal problems.
