This Cloud Services Agreement is designed for use when an organization (the Customer) wishes to procure cloud-based services from a service provider in Australia. The agreement provides a comprehensive framework for cloud service delivery, covering essential elements such as service specifications, performance standards, data handling, security measures, and compliance requirements. It is specifically tailored to meet Australian legal and regulatory requirements, including the Privacy Act 1988 (Cth), the Security of Critical Infrastructure Act 2018, and the Australian Consumer Law. The agreement is suitable for various cloud service models (SaaS, PaaS, IaaS) and includes necessary provisions for data protection, service levels, support, and liability allocation. It serves as a foundational document for establishing and managing the ongoing relationship between cloud service providers and their customers while ensuring appropriate risk allocation and regulatory compliance.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
Alternatively...
1. Parties: Identification of the cloud service provider and customer, including ABN/ACN and registered addresses
2. Background: Context of the agreement, brief description of the services, and purpose of the contract
3. Definitions and Interpretation: Defined terms used throughout the agreement and rules of interpretation
4. Service Provision: Core obligations regarding the provision of cloud services, including scope and service levels
5. Customer Obligations: Customer responsibilities, acceptable use policies, and compliance requirements
6. Fees and Payment: Pricing, payment terms, invoicing, and late payment consequences
7. Data Protection and Privacy: Obligations regarding personal data handling, privacy compliance, and data security measures
8. Security Requirements: Security standards, protocols, and breach notification procedures
9. Intellectual Property Rights: IP ownership, licenses, and restrictions on use of provider and customer IP
10. Confidentiality: Protection of confidential information, permitted disclosures, and survival terms
11. Service Levels and Support: Service level agreements, performance metrics, and technical support provisions
12. Term and Termination: Contract duration, renewal terms, and termination rights and procedures
13. Liability and Indemnities: Limitation of liability, indemnification obligations, and insurance requirements
14. Dispute Resolution: Process for resolving disputes, including mediation and jurisdiction
15. General Provisions: Standard boilerplate clauses including notices, assignment, and governing law
1. Professional Services: Additional implementation, customization, or consulting services if required
2. Disaster Recovery: Detailed disaster recovery and business continuity provisions for critical services
3. Data Migration: Terms governing the migration of data to and from the cloud service
4. Audit Rights: Customer rights to audit provider's security and compliance, typically for regulated industries
5. Multi-tenancy: Specific provisions for shared infrastructure environments
6. Change Management: Procedures for implementing service or system changes
7. Regulatory Compliance: Industry-specific compliance requirements (e.g., for financial services or healthcare)
8. Sub-processors: Terms governing the use and management of third-party service providers
9. Service Credits: Financial compensation scheme for service level failures
1. Schedule 1 - Service Description: Detailed technical specifications of cloud services and features
2. Schedule 2 - Service Levels: Detailed SLA metrics, measurement methods, and reporting requirements
3. Schedule 3 - Support Services: Support tiers, response times, and escalation procedures
4. Schedule 4 - Fee Schedule: Detailed pricing, payment terms, and calculation methods
5. Schedule 5 - Security Standards: Specific security requirements, protocols, and compliance standards
6. Schedule 6 - Data Processing Terms: Detailed data handling procedures and privacy requirements
7. Schedule 7 - Acceptable Use Policy: Permitted and prohibited uses of the cloud services
8. Schedule 8 - Business Continuity Plan: Disaster recovery procedures and business continuity measures
9. Appendix A - Technical Requirements: Customer's technical requirements and specifications
10. Appendix B - Service Locations: Geographic locations of data centers and service delivery points
Is a Cloud Services Agreement legally enforceable in Australia?
Yes, a properly drafted Cloud Services Agreement is legally binding and enforceable in Australia under contract law. The agreement must contain essential elements including offer, acceptance, consideration, and clear terms to be valid. Australian courts will enforce these contracts provided they comply with the Competition and Consumer Act 2010 and don't contain unconscionable terms.
Do I need a lawyer to review my Cloud Services Agreement?
While not legally required, it's highly recommended to have a lawyer review your Cloud Services Agreement, especially for significant business arrangements. A lawyer can ensure compliance with the Privacy Act 1988, Security of Critical Infrastructure Act 2018, and other Australian regulations. They can also negotiate better terms for data sovereignty, liability caps, and service level agreements.
Can I operate cloud services in Australia without a written agreement?
Operating without a written Cloud Services Agreement creates significant legal and business risks in Australia. While verbal agreements may be enforceable, they're difficult to prove and don't provide clear terms for data protection, service levels, or liability. This leaves both parties vulnerable to disputes and potential breaches of privacy laws and consumer protection legislation.
Authors
Find the document you need
No items found.
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your data is private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
