Hungary: Software Procurement – Precautions

in short

• In the case of developing customized software, it is important to maintain rights with the developer.
• For “off-the-shelf” software, it is key to correctly reflect the buyer’s specific needs in the licensing terms.
• Whether existing software can be legally customized may be materially dependent on subsequent development technical details and the licensing terms of the existing software.
• Software support services should be considered during the procurement process.
• If you use software to process confidential information, the key is secret protection and data protection compliance.

Digital transformation has become a priority for all major companies. This is only further driven by the spread of AI business use cases and the ever-increasing data protection and cybersecurity regulations. However, procurement of enterprise software (which involves the development of customized software and the development of “off-the-shelf” software for large-scale use) can cause various legal issues. Quickly identifying and addressing these issues can help prevent significant legal and operating expenses and other inconveniences.

As far as custom software is concerned, it is important to understand what rights developers reserve. The source code of the software can be copyrighted, and solutions included in the software ordered by the buyer may be based on valuable trade secrets or know-how. A key question could be whether the developer has the right to resell the developed software (in the form of its original or partially modified) to third parties, including buyer competitors. It is also prudent to consider what rights the buyer should obtain to meet their specific needs and reflect them in the software development agreement. Is it necessary to obtain all the economic rights related to the software to be developed or is it sufficient to obtain a license to use the software? Naturally, if the buyer’s company chooses to obtain a license, the scope of the license is also crucial. As one might expect, the scope of rights and licenses obtained may also affect pricing.

In the case of “off-the-shelf” software, service providers usually implement general terms and conditions. However, such terms and conditions are sometimes too general or do not control critical issues, which may prevent buyer companies from using the software as expected. A typical mistake is that when the buyer purchases the software at the group level or uses it with the retail network, this is not correctly reflected from a legal perspective (by the licensing terms), which results in other group members or retailers not authorized to use the software. If the software is illegally used or the use of the software license agreement (license terms), the correct holder of the software may claim compensation against the buyer after illegal use.

Buyers should also take the time to consider whether they plan to order a software developer that is different from the original supplier later, even when purchasing, with the only additional development (enhancement) of the software (enhancement). This is because the legality of these enhancements may depend to a large extent on the technical details of the relevant enhancements and the license terms of the existing software.

The buyer’s to-do list is not completed only if the software license is purchased. To use the software correctly, it must be integrated into an existing IT environment, deal with any technical and user issues, install – and in the case of the necessary updates may be developed, and employees can be trained to use the software. The buyer should have considered these tasks at the end of the contract related to the software. As far as custom software is concerned, it is also worth considering whether the buyer regards its “chain” itself “as a software developer.” If so, it is recommended that you agree (ideally, include in the relevant contract) the foreseeable magnitude of the technical support fee.

Finally, if the operation of the software involves the processing of confidential information (such as personal data or trade secrets), the buyer must comply with applicable laws and, if so, the terms of the contract with its business partners (such as the provisions related to the use of the software) when using the software. Related regulatory and contractual violations may not only have serious legal consequences, but may also raise trust issues from the perspective of business partners. Therefore, it is always recommended that you analyze the software and its use contract from the perspective of data protection and confidentiality and take necessary measures. This includes evaluating and recording potential confidentiality and data protection risks management, preparing relevant data privacy documents or updating existing documents, and negotiating appropriate data privacy and confidentiality provisions for contracts with the vendor.

If the software transfers personal data to a vendor’s server (e.g., in terms of cloud hosting), some servers may be located outside of the European economic sector, which may lead to other legal and practical risks in certain countries (e.g., India, China, or in some cases the United States). In this case, the buyer should analyze whether the European Commission has taken an “adequacy decision” to the data protection of the destination country. If not, the buyer should assess that the transfer may be a legal measure.

Protection of personal data is also important during software development and error (defect) repair. Such data can only be processed for testing under reasonable circumstances. In these cases, it is recommended to replace personal data with virtual data.