Legal pages for SaaS products: typical structure and pitfalls

Which legal documents SaaS products typically maintain

SaaS products usually run a recurring set of legal texts: privacy policy, legal notice, terms of service, often cookie or tracking information, sometimes a data-processing note and a withdrawal notice in the B2C case. Depending on the market, localized versions are added.

TermShelf is not a generator for these documents — it manages, versions and delivers already-existing versions. “Bring your own legal texts” is the principle here.

What is specific to SaaS

• Frequent changes: new subprocessors or tools lead to regular privacy-policy updates — versioning is not a side issue here.
• In-app delivery: legal texts appear not only on the marketing site but also in the application, in onboarding and in system emails.
• Internationalization: multiple languages and markets from day one, often with a shared base and small differences.

Delivery into product and transactions

Because SaaS legal texts appear in many places, a consumable source is decisive. The Public Delivery API serves them as HTML, JSON and PDF — for the marketing site, the app and transactional confirmations. So every surface draws the same approved version.

Typical pitfalls

• The app carries a hard-coded full text that is forgotten on updates.
• System emails link to an outdated privacy page.
• The English version lags behind the German one.
• It is unclear which terms version a customer accepted at contract conclusion — see which terms version applied at contract conclusion

Boundary

TermShelf does not produce legally binding content and is not a substitute for legal advice. Which documents a specific SaaS product needs and what they must contain is a question for qualified counsel.