Sanno Park Tower 12F (Reception) and 14F,
11-1, Nagatacho 2-chome, Chiyoda-ku,
Tokyo 100-6114, Japan

Tokyo Metro Ginza Line: G06 Tameike-sanno Station, Exit 7 (directly accessible through the second basement)

Tokyo Metro Nanboku Line: N06 Tameike-sanno Station, Exit 7 (directly accessible through the second basement)

Tokyo Metro Chiyoda Line: C07 Kokkai-gijido-mae Station, Exit 5 (3 minutes’ walk)

Tokyo Metro Marunouchi Line: M14 Kokkai-gijido-mae Station, Exit 5 (10 minutes’ walk through Chiyoda Line platform)



Hiroyasu Kageshima delivered a lecture on cloud service agreements.

Practice Areas


Host: SMBC Consulting Co., Ltd.
Date: Thursday, September 15, 2022, 14:00 – 17:00
Venue: Gofukubashi Building/Internet Distribution

Points to note in reviewing cloud service agreements

~ Concept of cybersecurity, contract negotiation, conclusion of an SLA ~

Cloud services have become common and there has been an increase in the number of cases for the legal and general affairs departments to review cloud service agreements. While there are various types of cloud services by service level such as IaaS, PaaS and SaaS and by service contents, special considerations are required for all types because, among other things, it is a contract to use services; users provide the data; considerations for information security are essential.

 In this seminar, the lecturer practically explains the points for reviewing cloud service agreements, concept of information security, contract negotiation, and reviewing an SLA (Service Level Agreement).


1. Cloud service contracts, terms of use and standard general conditions

  1) Requirements and effect of the “standard terms of contract”

  2) Provisions of service contracts based on the “standard terms of contract”

2. Points for reviewing contracts and terms of use

  1) Defining the purpose of data use

    - Importance of provision regarding the purpose of use

    - Assumption of use as learning data for AI machine learning

  2) Confidentiality clauses

    - Scope of disclosure

    - Exceptions

  3) Personal information protection and delegation

    - When the data is not regarded as personal data for outsourced companies

  4) Response in the event of occurrence of an incident

    - What should be provided in a contract

  5) Re-delegation clauses

    - Whether notification/permission is essential or not

  6) Audit provision

  7) Contract period/automatic renewal/termination

    - Notification period in the case of non-renewal of a contract

3. Matters to note in B to C services and C to C services

  1) The Consumer Contract Act

    - Limitation of liability clauses/exemption clauses

    - An SLA and the Consumer Contract Act

  2) The Act on Specified Commercial Transactions

4. SLA (Service Level Agreement)

  1) Elements of an SLA

  2) Provisions that should be stipulated in an SLA

  3) Relationship with the company’s BCP

5. Matters to note in platform businesses

  1) Contractual liabilities

  2) Provisions regarding personal information of users that do not cause an “abuse of dominant bargaining position”   

  3) Matters to note regarding provisions of a contract with companies which use a platform