SaaS Escrow
SaaS Escrow is a dual deposit, holding both the source code and the user data, stored entirely within the EU. Automated, incremental snapshot pipelines keep software and data up to date in parallel on CLOUD- and USA PATRIOT Act-free servers. Data and source code belong together: a data deposit without the accompanying software has little value.
For the beneficiary: the user of the SaaS service
Your data sits with the supplier. What if they are gone tomorrow?
SaaS Escrow goes further than source code. Softcrow also takes your customer data into escrow as a neutral third party.
In practice you have little grip on your own data with SaaS. The back-ups belong to the supplier and are not visible to you, in a multi-tenant environment it is often unclear how your data is separated from that of others, and little SaaS is built “export first”, so you cannot easily get your data out in a usable form. That makes you extra dependent on the supplier, more so than with software you run locally. SaaS Escrow provides an independent counterweight: separate from the supplier, a current copy of your data sits with a neutral third party, with it set out in advance how you get it back clean on release.
What exactly is released, and under which conditions, you set out in the release conditions. We tailor these to your situation together.
Key features
- Two deposits: one for the source code and the description of the SaaS infrastructure, one for your customer data
- If the supplier goes bankrupt, both deposits are directly available to the rightful party, separate from the settlement of the bankruptcy
- Zero-knowledge storage: the deposit is end-to-end encrypted (E2EE), Softcrow has no access to the contents
- Sovereign storage: both deposits hosted entirely within the EU, free from the CLOUD and USA PATRIOT Act
- No vendor lock-in on release: unpacking is possible with 7-Zip (Windows, Linux and macOS) or WinZip (Windows)
- Optional: verification audit by an independent NOREA IT auditor
- Legally watertight: the deposit does not form part of the bankruptcy estate
- Insight into your deposits via the Softcrow Dashboard
- A demonstrable part of IT risk management, a concrete way to address frameworks such as DORA, NIS2 and ISO 22301
Curious what a SaaS Escrow sets out for you exactly? Our sample agreement shows it.
Download the sample agreement →
For the supplier: the SaaS provider
Show that you take continuity seriously. That strengthens your customers’ trust.
SaaS Escrow demonstrates that you as a supplier safeguard your customers’ interests. Softcrow arranges the legal and technical side. You stay focused on your product.
Key features
- Available as a tripartite agreement or as a collective agreement: multiple beneficiaries within one contract is possible
- Support for complex deposit structures: with multi-tenant SaaS, deposits can be set up per beneficiary, or generic deposits including instructions for data separation on release
- Tailored agreement, matched to your SaaS environment and data policy
- Automated delivery of source code and data via our CLI
- Zero-knowledge storage: we have no access to the contents of your deposits, the encryption key stays with you
- No vendor lock-in on release: unpacking is possible with 7-Zip (Windows, Linux and macOS) or WinZip (Windows)
- Dedicated legal and technical expertise: every conversation with the right specialist
- Support in drawing up a deposit specification
Ready to start? See how delivery works.
What deposit options are there? →
For organisations where continuity must reach further than data storage, for example because the entire service must stay operational, also if the supplier goes bankrupt, CloudSecure® is the next step.