Our focus is you

From a customer-facing perspective, we understand how integral IT and related infrastructure are to your business. From a supplier-perspective, we understand how important it is to protect your intellectual property rights, know-how and business systems when offering your IT products and services to customers. It is key for the right agreements to be put in place between service providers and customers. Where this has not been achieved, we help you meet the challenges of legal disputes.

DMH Stallard provides exceptional levels of advice and continues to be recognised as one of the strongest technology teams in the South East. We engage extensively with the technology market, the key businesses within it and buyers of IT solutions such as those in the travel and manufacturing sectors, where reliance on IT is heavy and key to running an efficient operation.

We work with some of the firm’s leading tech clients advising them on complex and high value contractual issues as well as handling disputes within the sector. Our IT lawyers often work in conjunction with our Intellectual Property advisers to help resolve technology disputes as they arise. We are regularly involved in proceedings in the Technology and Construction court. We act for suppliers, integrators and users of technology, software houses and mobile network operators.

Work includes:

  • IT contracts – advising on and drafting agreements, including SaaS, PaaS and IaaS arrangements, GCloud contracts and IT procurement contracts
  • Advising on IT connectivity issues and drafting managed services agreements
  • Drafting end user terms (EULAs), including ‘click-through’ terms
  • Advising on and drafting mobile app terms of use, and related privacy policies
  • Technical advice and support in all aspects of complex IT infrastructures, including ownership of IP and provision of firmware, hardware and software as combined solutions
  • IT consultancy agreements, including structures to fit within IR35 rules
  • E-commerce advice, including contractual advice and dispute resolution
  • Advice on securing your IT systems from a data protection perspective, safeguarding confidentiality and dealing with related cyber security matters
  • High value IT contract disputes (acting for both IT suppliers and customers)
  • Disputes relating to data breaches

Your key questions answered

My IT services provider created bespoke software for our business. Who owns the software rights?

As a customer, there are many advantages to commissioning bespoke or custom software for your business, including creating a tailored and efficient user experience and giving you a greater degree of control over the use of the software. From a legal perspective, however, IP rights in bespoke software that you commission may still remain owned by the software developer. It is far better that there is something in writing which clearly transfers the ownership of the IP rights in the bespoke software to the commissioning customer so as to remove any uncertainty.

Once ownership has transferred to you, you may issue licences and distribute the software in line with your business plans and objectives. You will, however, be responsible for updating and developing the software on an ongoing basis to ensure it retains its value and remains fit for purpose. For this reason, you may wish to continue engaging the developer under a separate maintenance contract to undertake this for you, if you do not have the capabilities in-house.

How do we ensure users comply with our required conditions when using our app, including our content standards when using our online forums and chatrooms?

It’s important to have a clear set of terms and conditions relating to the use of your app or platform, so that users are required to accept these before being able to engage with the app or platform. The terms are usually known as End User Licence Agreements (EULAs) or Terms of Use. They will cover issues such as:

  • Rules of behaviour to follow when using the app / platform
  • Details of the software license under which the app / platform operates
  • Disclaimers and limitations of liability for legal claims against you by users of the app / platform
  • Content standards and restrictions on use of the app / platform and consequences for misuse

Not only will comprehensive terms and conditions protect the reputation of your business, once accepted by the end user they will provide you with a way to enforce the rules about how your app / platform is used. Bespoke terms will also ensure you are compliant with all relevant laws.

We provide specialist advice on the legal issues that arise around data protection law and practice, depending on the location of your business and of those who use your app / platforms. We draft and help you implement privacy policies, advise on cookie banners and policies, help word opt in clauses for marketing and help you comply generally with data collection and processing requirements.

We have been informed by our IT services provider that they have discovered a data breach – what do we do?

If your business is required to comply with UK GDPR and related data protection legislation you should have appropriate procedures in place to deal with a data breach. We work with companies across all sectors to ensure GDPR compliance is embedded within the organisation, at all levels. First off, if a breach occurs you need to quickly make an urgent assessment of whether the nature of the breach means you are required to report it to the Information Commissioner’s Office (the ICO). This is important to meet the statutory timeframes for notifications to the ICO, under UK GDPR (or if you are acting as a data processor, any timeframes that you have agreed with the data controller and in any event to act without delay).  In your analysis you should consider the likelihood and severity of the risk to people’s rights and freedoms following the breach. If it’s likely there will be a risk, you should:

  • Inform the ICO
  • Follow your procedures for responding to a data breach (which are hopefully contained within a written policy or procedure)
  • Preserve any evidence
  • Take action to minimise the effects of the breach and any ongoing threats or vulnerabilities
  • Investigate how the breach happened, including involvement of any relevant third parties as well as any appointed data processors or sub-processors, IT / hosting providers and the like
  • Take any remedial action
  • Document all the steps you have taken in relation to the above

Even if there is no severe risk to people’s rights and freedoms and you do not need to involve the ICO, you should still investigate how the breach happened and take any precautionary measures to prevent a reoccurrence.  You should also update your data breach policy to rectify any gaps in procedure or add in steps or processes that should be taken in the event of any future breaches.

We are in dispute with our software provider who also hosts the platform. They are threatening to cut off access if we don’t pay their invoices – can they do this?

IT disputes like this can severely impact all aspects of your business. Our dispute resolution team is widely experienced in handling all types of technology-related disputes. Often we can guide clients in dispute with a provider toward ADR and fast resolution of disputes so that you and the provider are able to maintain an ongoing relationship. A lot will depend on the terms of any agreement in place with the provider and whether there are restrictions on taking the proposed drastic action of cutting off access.

Our IT provider is in breach of the service level agreement (SLA). We want to terminate our arrangement with them and move to a different provider – can we do this and if so, how?

It depends on whether the breach is so severe as to amount to a material breach of the agreement you have with the provider and whether you may terminate the SLA (or overarching agreement) in such instance.

A well-drafted SLA should impose consequences on service providers if service falls below agreed levels, for example, a service credit system where the provider pays you a set amount or delivers extra services at no additional cost each time the service provider fails to meet the agreed service levels. This encourages the provider to meet the SLA requirements. Be wary of accepting service credits as your sole remedy for failure to attain required service levels.

If the service level is below what has been agreed in the SLA, then it may be possible to terminate the arrangement if there is a suitable termination clause in the SLA. This should also allow for you to claim for damages, subject to any contractual limitations, for any loss you have suffered as a business resulting from the poor service levels, provided service credits have not been specified as the sole remedy for breach of the service levels under an SLA.

The potential for issues like this to arise highlights the importance of having a well-drafted SLA that covers all eventualities. Where there is no service credit system or carefully worded termination clause you could end up being stuck with a poor performing service provider for longer than you wish.

Stay connected, sign up for updates

Stay connected
Tim Ashdown

Recent work

Long-term commercial, IP, IT and data protection advice

We have worked with our client for over 16 years acting as an outsourced in-house legal function for all business and day to day legal matters, supporting on all commercial, employment issues and property matters. Our ongoing legal support helps to minimise risks across the business.

Ongoing work for leading IT solutions and cloud services company

We provide ongoing representation to a large IT company on all its contentious and non-contentious legal matters. This includes advice on their IT contracts, contract procurement and large-scale customer documentation review.

Defending client against allegations of wrongful IT contract termination

We helped a client terminate the contract with its IT provider because of significant delivery failures (spanning network security issues and GDPR failures). The provider alleged wrongful termination and sought significant damages. We assisted with defending the allegation of wrongful termination and set out our client’s counterclaim for breach of contract and damages. The matter was successfully resolved through mediation.

Advising leading photography and print services business on IT services

Advising internationally renowned media business in relation to sale and lease of its equipment, firmware, hardware and connected services (including embedded software licences and SaaS/online connected services). Work also includes provision of related IT advice, drafting of software licences for customer use and preparation of deeds of indemnity and lease arrangements for IT equipment.

SaaS customer contracts advice

Advising software business in relation to its customer contracts, on Software as a Service (SaaS) agreements, software licence arrangements and updating terms and conditions particularly around development and acceptance phases and data protection law updates.

Advising cloud platform provider to aid digital transformation

Advising cloud platform provider in relation to its managed services agreement and provision of its IT services. We also advised on hosting arrangements and cloud platform terms, including flexibility of services and changes to Statements of Work/ scope of services provisions. The team also created a bespoke revised Managed Services Agreement to reflect the digital process for customer engagement.

Advising a leading real estate development management consultancy

We were appointed to prepare a template agreement for SaaS services delivered through the client’s software platform. We were then instructed to adapt these agreements so they were presented as standard terms and conditions. We have further assisted the client with concluding contracts for use of the platform and drafted significant amendments to the standard agreement and terms and conditions. We also advised the client on a Managing Services Agreement between it and an overseas consultancy, in relation to software development, software engineering, graphic design, technical and informational maintenance and management services to be provided to our client.

IT services contract

Negotiating and finalising an IT managed services contract for a charitable body, including advice on data protection issues.

News and insights

Penalties for breaching environmental legislation


An overview of the environmental regulator’s approach to the enforcement and prosecution of environmental offences which outlines the potential penalties and other implications for a businesses who breaches environmental legislation


Enforcing possession orders – how not to do it


We explain how not to enforce possession orders, as shown in London Borough of Southwark -v- AA [2014] EWHC 500 (QB)