Cloud computing contracts in India

Cloud computing contracts

What forms of cloud computing contract are usually adopted in your jurisdiction, including cloud provider supply chains (if applicable)?

The most common form of cloud computing contracts in India are international standard form contracts with fixed terms and are in most instances non-negotiable, with certain exceptions. However, if the cloud service provider is a small service provider the user may have more room to negotiate terms. The terms of the contract will also depend on the service delivery model (ie, whether it is IaaS, SaaS or PaaS).

What are the typical terms of a B2B public cloud computing contract in your jurisdiction covering governing law, jurisdiction, enforceability and cross-border issues, and dispute resolution?

Under Indian laws, parties to a contract have the right to choose the governing law. However, in the event of a dispute, the courts will not only take into consideration the governing law as included in the contract but also its link with the contract. Usually, parties agree to the exclusive jurisdiction of the courts in the same country as the governing law.

Under section 44A of the Indian Code of Civil Procedure 1908, a decree of any superior court of a reciprocating territory that is so declared by the government, will be executed in India similar to any decree passed by a district court in India. All other judgments or decrees will face extensive re-adjudication in Indian courts.

Arbitration is a fairly commonly accepted method of dispute resolution. Parties should ideally also include an escalation clause for dispute resolution.

What are the typical terms of a B2B public cloud computing contract in your jurisdiction covering material terms, such as commercial terms of service and acceptable use, and variation?

Given the prevalence of international standard form contracts in the Indian market, the typical terms are similar to terms that are commonly used in large markets such as the US and the UK.

What are the typical terms of a B2B public cloud computing contract in your jurisdiction covering data and confidentiality considerations?

Data security and confidentiality obligations are very important as users may upload confidential and proprietary information as well as personal data. The Privacy Rules prescribe that sensitive personal information should be stored in ISO 27001-compliant data centres. Clauses surrounding data privacy, confidentiality and data transfer, and preservation are largely similar to clauses found in international standard form contracts prevalent in the US and UK. Once the Bill becomes law, there will be significant changes on the data front.

What are the typical terms of a B2B public cloud computing contract in your jurisdiction covering liability, warranties and provision of service?

Clauses around liability, warranties and provision of service are solely dependent on the contractual arrangement reached between the parties. Most service providers will have standard service availability and service levels specified in the agreement that they would not be willing to negotiate. Similarly, most service providers would have standard business continuity and disaster recovery processes in place.

What are the typical terms of a B2B public cloud computing contract in your jurisdiction covering intellectual property rights (IPR) ownership in content and the consequences of infringement of third-party rights?

Under a B2B public cloud computing contract, the service provider or its licensors will continue to hold all rights, title and interest in the cloud computing resources, while the user will continue to hold all rights, title and interest in the data it uploads as well as in any output that is generated through the use of such data.

Usually, a typical (and, in most instances, the only) indemnity that the service provider may be willing to provide is for indemnification for third-party intellectual property infringement claims and such indemnity is not capped.

What are the typical terms of a B2B public cloud computing contract in your jurisdiction covering termination?

Apart from termination rights set out in the agreement, a party has a statutory right to terminate in case of a breach by the other party. Other than that, a party whose consent to an agreement is obtained through coercion, fraud or misrepresentation can elect to terminate it. Most agreements may also contain a right for both parties to be able to terminate for convenience without incurring any liability.

In the instance the service provider is dependent on a third-party for essential services required to provide the cloud computing services, the services provider may retain the right to immediately terminate without incurring any liability if the service provider’s relationship with the third-party is affected in any manner.

Post-expiry or on termination of the agreement, the agreement will usually provide for payment of any fees due and payable as well as refund of fees for services not rendered (though this may not be something larger cloud service providers may agree with). Provisions regarding return of user data are also included, with the service provider specifying the duration that they are willing to retain such data post which the data may be irretrievably deleted. The parties should also agree on the format in which the data would be returned. Most service providers will not agree on any further post-termination obligations. However, if the agreement is negotiable the user can ask for data retrieval, transfer or migration services.

Identify any labour and employment law considerations that apply specifically to cloud computing in your jurisdiction.

There are no such labour or employment law considerations that would apply to a business customer.