What To Know About SaaS Terms & Conditions (2026 Updated)

If you run (or you’re about to launch) a SaaS business in New Zealand, your Terms & Conditions aren’t just a “nice-to-have”. They’re one of the main tools that sets expectations with users, helps you get paid on time, and protects you if something goes wrong.

This 2026-updated guide reflects the current compliance focus for online businesses (especially around privacy, marketing, and fair trading) while keeping the advice practical and evergreen.

Below, we’ll walk you through what SaaS Terms & Conditions usually cover, which NZ laws matter, how your terms fit with your other documents, and the most common mistakes we see SaaS founders make when they try to DIY their legal foundations.

What Are SaaS Terms & Conditions (And Why Do They Matter)?

SaaS Terms & Conditions (often called “SaaS Terms”, “Subscription Terms”, or “Platform Terms”) are the contract between you and your customer/user.

They’re usually the agreement your users accept when they sign up, start a trial, or pay for a subscription. If drafted properly, your SaaS terms should explain (in plain English):

• What you’re providing (and what you’re not providing)
• How pricing and billing works (including renewals, upgrades, downgrades, and refunds)
• How the customer can use the platform (and what’s not allowed)
• How you handle data and what your responsibilities are
• What happens if something breaks (limits on liability, disclaimers, and support commitments)
• How either side can end the agreement

If you’re thinking “we’re early-stage, we’ll sort terms later”, it’s worth pausing there. SaaS businesses can scale quickly, and the bigger you get, the harder it is to unwind problems caused by unclear terms (pricing disputes, churn arguments, chargebacks, complaints about downtime, or IP ownership confusion).

Having properly tailored SaaS Terms is part of getting your legal foundations right from day one.

What Should Be In SaaS Terms & Conditions?

There’s no single “perfect” template for SaaS Terms & Conditions, because your risks depend on your product, customers, industry, and pricing model.

That said, most well-drafted SaaS terms will cover the key areas below.

1) The Subscription Model (Plans, Billing, Trials, And Renewals)

This is where you clearly describe how users pay you and what they get in return. It should be specific enough that a customer can’t reasonably say, “That’s not what I thought I was buying.”

• Plans and inclusions (features, user seats, usage limits, storage, integrations)
• Billing frequency (monthly/annual) and payment method rules
• Trials (length, eligibility, what happens at the end of the trial)
• Auto-renewals (and how a user can cancel before renewal)
• Upgrades/downgrades and when plan changes take effect
• Taxes (for example, whether prices include GST)
• Late payment consequences (suspension, restriction, and recovery costs where appropriate)

Tip: pricing and auto-renewal terms need to be especially clear to reduce disputes and to align with fair trading expectations around transparency.

2) Your Licence Grant (How Users Are Allowed To Use The Software)

With SaaS, customers don’t “own” your platform. You’re granting access on certain conditions. Your terms should spell out that licence/access clearly.

Common points include:

• Whether the licence is non-exclusive and non-transferable
• Whether use is limited to internal business purposes (for B2B SaaS)
• Restrictions on resale, sublicensing, or providing access to third parties
• Seat-based rules (who counts as an authorised user)

If your product includes downloadable elements (like an agent, desktop app, mobile app, or offline component), you may also need an EULA or specific licence terms to cover that side of the relationship properly.

3) Acceptable Use Rules (And Enforcement Powers)

Your SaaS terms should set behaviour expectations and give you enforcement rights when a user does the wrong thing.

This section usually covers:

• Prohibited content and conduct (harassment, unlawful content, infringing content)
• Restrictions on scraping, reverse engineering, penetration testing without permission, or “excessive use” that degrades the service
• Misuse of accounts (sharing logins, impersonation, fraudulent activity)
• Your right to suspend, remove content, or terminate access for breaches

Many SaaS businesses also use separate Terms of Use (especially where there’s a community, user-generated content, or a public-facing platform), but for some products it makes sense to include acceptable use directly in your SaaS Terms & Conditions.

4) IP Ownership (Yours, Theirs, And What Happens With Feedback)

IP clauses are often where SaaS businesses either protect themselves well, or accidentally give away value.

Your terms typically need to cover:

• Your IP: confirming you own the software, branding, documentation, and any updates
• Customer content: confirming customers keep ownership of what they upload, but grant you a limited licence to host/process it to deliver the service
• Feedback and suggestions: allowing you to use feedback to improve the product without owing the customer rights or payment
• Brand use: whether either party can use the other’s name/logo, and in what context (case studies, testimonials, etc.)

If you have integrations, APIs, or partner add-ons, IP and licensing can get complicated fast. That’s usually the point where tailored legal drafting becomes essential.

5) Data, Privacy, And Security (The “Trust” Section)

Even if your SaaS is not “health” or “finance”, you’re probably collecting personal information (names, emails, usage logs, billing details, and possibly end-user/customer data).

Your SaaS Terms & Conditions should be consistent with your Privacy Policy, and should clearly explain practical things like:

• What data you collect and why (at a high level)
• Whether you use subprocessors or third-party hosting providers
• What security measures you do (and don’t) promise
• What the customer must do to keep accounts secure (passwords, admin controls, MFA)
• What happens in a security incident (notification approach, cooperation, limits)

If you’re selling to business customers and you process personal information on their behalf (for example, you host their customer lists, HR records, or client files), you’ll often also need a Data Processing Agreement (DPA). This is especially common when dealing with enterprise procurement, overseas customers, or regulated industries.

6) Support, Maintenance, And Uptime (What You Actually Commit To)

SaaS customers usually assume there will be support and the platform will be available. The legal question is: what exactly are you promising?

Your terms should clarify:

• Your support channels and hours (or that support is “best efforts”)
• Maintenance windows and planned downtime
• Whether you provide service credits (and when)
• Any uptime target you’re willing to commit to

For higher-tier customers, these commitments are often put into a Service Level Agreement (SLA) so you can keep the core SaaS terms standard, but offer stronger commitments where it makes commercial sense.

7) Liability, Disclaimers, And Risk Allocation

This is the section founders often feel uncomfortable about, but it’s crucial. SaaS businesses are exposed to risks like downtime, data loss claims, third-party integration failures, and users relying on outputs in ways you never intended.

Your SaaS terms usually include:

• Disclaimers (for example, you don’t guarantee the service is error-free or uninterrupted)
• Limits on liability (often capped to fees paid in a certain period)
• Excluded losses (like indirect or consequential loss, loss of profit, loss of data, etc.)
• Customer responsibilities (like backing up their data, ensuring inputs are correct, training staff)

Liability clauses need to be drafted carefully in NZ because not all exclusions/limits will be enforceable in every situation, and consumer law can apply depending on who your customers are.

8) Suspension, Termination, And What Happens To Customer Data

This section is about avoiding messy breakups.

It should cover:

• When you can suspend access (non-payment, security concerns, unacceptable use)
• How a customer can cancel (and whether notice is required)
• What happens on termination (loss of access, outstanding fees, survival of key clauses)
• Data export windows and data deletion timing (and any exceptions)

These details matter because customers will ask: “Can I get my data out?” and “How long do you keep it?” If your terms are silent, you can end up negotiating under pressure.

What NZ Laws Do SaaS Businesses Need To Think About?

SaaS is “tech”, but it’s still a business selling services. That means your terms, marketing, and operations need to align with several key NZ laws.

Here are the big ones we commonly see affecting SaaS businesses.

Fair Trading Act 1986 (Advertising And Claims)

The Fair Trading Act 1986 is a big one for SaaS because it regulates misleading or deceptive conduct in trade. Practically, this means you need to be careful about:

• Feature claims (including “coming soon” features that are not actually available)
• Pricing representations (including what “free” really means)
• Testimonials and case studies (they must be genuine and not misleading)
• Performance claims (like “guaranteed results” or “100% uptime”)

Your SaaS Terms & Conditions can help set expectations, but they won’t “fix” misleading marketing. Your website copy, onboarding screens, and sales emails need to match your reality.

Consumer Guarantees Act 1993 (If You Sell To Consumers)

If you provide your SaaS to people for personal, domestic, or household use, the Consumer Guarantees Act 1993 may apply. That can create non-excludable guarantees around service quality.

Many SaaS businesses are B2B and try to contract out of the CGA where legally permitted. Whether you can do that depends on who your customer is and how they’re using the product, so it’s worth getting this reviewed rather than guessing.

Privacy Act 2020 (Personal Information And Data Handling)

The Privacy Act 2020 applies to personal information. If you collect, store, use, or disclose personal data, you need to take reasonable steps to protect it and handle it transparently.

From a SaaS perspective, this commonly shows up in:

• Your privacy disclosures (what you collect and why)
• Security practices (access controls, retention, breach response)
• Third-party providers (hosting, analytics, email tools)
• How you respond to access/correction requests

This is why aligning your SaaS terms with your Privacy Policy and, where relevant, a Data Processing Agreement is so important.

Unsolicited Electronic Messages Act 2007 (Email And SMS Marketing)

If you market your SaaS using email or SMS, you need to be mindful of the Unsolicited Electronic Messages Act 2007 (spam rules). Common compliance steps include:

• Only sending marketing with consent (express or inferred, depending on the situation)
• Including accurate sender information
• Including a functional unsubscribe option

This tends to come up when founders run growth campaigns, referral programs, or automated onboarding sequences.

Contract And Commercial Law Act 2017 (Making Your Terms Enforceable)

Contract law underpins your SaaS Terms & Conditions. A practical issue for SaaS is making sure your terms are actually agreed to.

In many cases, that means using a proper “clickwrap” process (where users actively tick a box or click “I agree”), and keeping a record of:

• What version of the terms they accepted
• When they accepted it
• What account accepted it

If the terms are just linked in the footer and never actively accepted, enforcement can become harder (especially if the customer later disputes key terms like auto-renewal or liability limits).

How Do SaaS Terms Work With Other Key Documents?

SaaS Terms & Conditions are usually the “core contract”, but they rarely operate alone. Most SaaS businesses end up with a small ecosystem of legal documents that each do a different job.

Here’s how they typically fit together.

Privacy Policy

Your Privacy Policy is your public-facing statement about how you handle personal information. Your SaaS terms shouldn’t contradict it.

If your SaaS Terms say “we don’t share data with third parties” but your Privacy Policy says you use third-party analytics and cloud hosting, you’ve created a credibility and compliance problem.

Data Processing Agreement (For B2B Or Enterprise)

If you’re processing customer personal information on their behalf, a DPA can set out:

• Processing instructions
• Security commitments
• Subprocessor rules
• Breach notification cooperation
• Cross-border data considerations

This is often a deal-breaker document for larger customers, so it’s good to have it ready before procurement asks for it.

Service Level Agreement (If You Offer Uptime Commitments)

An SLA is useful when different customers get different service commitments. You might keep standard SaaS terms for everyone, but offer an SLA only to “Pro” or enterprise customers.

This keeps your contract suite flexible and stops you from accidentally promising enterprise-grade uptime to every $19/month subscriber.

Software Licence / EULA (If Anything Is Installed Or Distributed)

Pure SaaS products often don’t need a separate licence agreement. But if you distribute software (desktop client, mobile app, on-prem connector, browser extension), you may need dedicated licensing terms.

Depending on the product, that might be covered via a Software Licence Agreement or an EULA.

Website Terms (If Your Site Has More Than Just The App)

Many SaaS businesses have a marketing website with blogs, resources, lead magnets, demo booking tools, and sometimes a community component.

In that case, separate Website Terms and Conditions can be helpful to cover general site use (while the SaaS terms focus on subscribers and platform access).

Common SaaS T&Cs Mistakes (And How To Avoid Them)

Most SaaS founders aren’t trying to cut corners. It’s usually that you’re moving fast, bootstrapping, and juggling product, sales, and support all at once.

These are the mistakes we see most often, and what to do instead.

Mistake 1: Using A Generic Template That Doesn’t Match Your Product

SaaS is broad. A scheduling tool, a fintech platform, a health SaaS, and an AI writing assistant have very different risks.

If your terms don’t match your actual product (your billing flow, your data handling, your acceptable use needs), you can end up with:

• terms you can’t enforce in practice, because they don’t reflect reality
• gaps that create disputes (especially around refunds, cancellations, and access limits)
• overreaching clauses that hurt trust or create pushback in sales cycles

A tailored set of SaaS Terms is meant to support your business model, not fight it.

Mistake 2: Vague Auto-Renewal And Cancellation Terms

Auto-renewal is common in SaaS, but disputes often happen when users feel “tricked” or surprised by a renewal.

To reduce this risk, your terms (and your UI/checkout flow) should clearly state:

• when billing occurs
• that renewals repeat until cancelled
• how to cancel (and how long it takes to take effect)

This is both a legal risk-management issue and a customer-experience issue.

Mistake 3: Overpromising On Security Or Uptime

Customers care about security. But if you promise too much (for example, “we guarantee no breaches” or “always available”), you may be creating liability you can’t realistically control.

A better approach is usually:

• describe your security practices in a reasonable, accurate way
• commit to taking reasonable steps and having processes
• use an SLA if you truly want to offer uptime commitments (and define the remedies clearly)

Mistake 4: Not Clearly Addressing Customer Data On Exit

Churn is part of SaaS. If your terms don’t clearly explain what happens to customer data after cancellation/termination, you can get stuck in messy arguments.

Your terms should answer practical questions like:

• Is there a data export period?
• Will data be deleted after a certain time?
• Do you keep backups, and for how long?
• Are there fees for data migration assistance?

This avoids disputes and makes offboarding smoother (even when the relationship ends on less-than-ideal terms).

Mistake 5: Assuming “Everyone Is A Business Customer”

Some SaaS products are clearly B2B. Others are used by freelancers, side-hustlers, or individuals (which can blur the consumer/business line).

If you want to contract out of the Consumer Guarantees Act (where permitted), you need to do it properly and ensure your customer base and onboarding flow align with that approach.

This is a good example of where a quick legal review can save you a lot of pain later, because the right approach depends on your specific product and customer profile.

Mistake 6: Not Making The Terms Easy To Accept (And Easy To Prove)

Even excellent terms can be difficult to enforce if you can’t show the customer agreed to them.

Practical steps include:

• using a checkbox or “I agree” button at sign-up/checkout
• linking the terms at the point of acceptance (not buried)
• keeping a record of accepted versions and timestamps

It’s a small implementation detail that can make a big difference if a dispute arises.

Key Takeaways

• SaaS Terms & Conditions are the core contract between you and your users, and they help you manage payment, platform use, risk, and disputes from day one.
• Strong SaaS terms usually cover subscriptions and billing, licensing and acceptable use, IP ownership, data/privacy, support and uptime, liability limits, and termination/data handling.
• NZ SaaS businesses commonly need to consider the Fair Trading Act 1986, Consumer Guarantees Act 1993 (where applicable), Privacy Act 2020, spam rules under the Unsolicited Electronic Messages Act 2007, and general contract law enforceability.
• Your SaaS Terms should fit neatly with related documents like a Privacy Policy, Data Processing Agreement, Service Level Agreement, and (where relevant) an EULA or software licensing terms.
• Common mistakes include using generic templates, unclear auto-renewal clauses, overpromising security/uptime, ignoring offboarding/data exit rules, and failing to capture clear user acceptance records.

If you’d like help drafting or updating your SaaS Terms & Conditions so they match your product, pricing, and risk profile, we can help. Reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.