We would really like to be ready for GDPR as opposed to just trying to block access to our site for EU customers but are finding the quagmire of rules and regulations hard to navigate.
Does anybody know of boilerplate terms of service for standard SaaS businesses? For those of us that don't sell or track our users in weird ways but are just trying to provide a useful service?
It seems most SaaS sites probably fall into this broad category:
1. You use Google analytics to get high level usage data for inbound visitors
2. You use a help desk like UserVoice or the like to deal with customer tickets
3. You use something like Intercom for drip emails, notifications or the like.
4. Apart from that you aren't selling or sharing customer data with anyone and aren't keeping more data than you need to provide your service.
You also keep some web logs for debugging, though with a fairly limited retention period.
For people like us why isn't there a boilerplate terms of service we can tweak as well as a checklist of what we need to do to satisfy GDPR. Does this exist and I just missing that?
If this doesn't exist, any lawyers out there want to team up to create it? I'd happily pay for this if it was available.
- A Privacy Policy describes the types of data you collect, how you collect it, and what you do with it.
- A Terms of Service acts as a contract between you and the user that indicates the requirements, limitations, and standards involved in using your website / app.
GDPR impacts Privacy Policies more than it does Terms of Service agreements. Over at TermsFeed, we're looking to see if GDPR impacts other agreements such as the Terms of Service or EULA or a Disclaimer, but so far GDPR is really about privacy practices and Privacy Policies.
[1] https://www.slideshare.net/termsfeed/differences-between-com...