ServiceTitan Service contract FAQLast updated on 04/07/2022

ServiceTitan provides subscriptions to a cloud-based software-as-a-service (SaaS) field service management solution that is accessed through the internet (the “Service”). ServiceTitan delivers our cloud Service using a genuine one-to-many business model. The Service is provided on the same operational infrastructure using the same security and support operations for all of ServiceTitan’s global customers.

Unlike traditional on-premise software, which is installed and customized by each customer, ServiceTitan’s Service was built in the cloud and is delivered through a cost-effective subscription service with access to fully functional, configurable software applications. With ServiceTitan’s one-to-many cloud delivery model, every customer is on the same version of ServiceTitan’s Service at all times and receives upgrades to the Service simultaneously. This allows ServiceTitan’s customers to avoid costly and disruptive upgrades.

ServiceTitan requires a very limited set of data to provide its Service. Typically, that data is limited to a User’s first and last name, email address, and cell phone number (in the case of multi-factor authentication). The customer controls how the Service is configured for their users and what data is submitted to the Service. ServiceTitan contractually agrees that the customer owns all of its customer data. ServiceTitan is a service provider to our business customers, who are the data controllers. We process customer data as a data processor and service provider on behalf and on the instructions of our business customers, which are the entities responsible for the data processing.

Protecting customer data is top priority for ServiceTitan. ServiceTitan’s contractual commitments with respect to securing customer data are set forth in our terms of use. ServiceTitan’s formal security program is detailed in its independent third-party SOC-2 audit report, and ServiceTitan’s Security and Privacy Documentation. ServiceTitan’s Security and Privacy Documentation and independent third-party audits demonstrate the advanced security framework that ServiceTitan uses to protect customer data. ServiceTitan commits that such controls will not be materially diminished during the subscription term.

The ServiceTitan Information Security Program is designed to:

• Protect the confidentiality, integrity, and availability of customer data in ServiceTitan’s possession or control

• Protect against anticipated threats or hazards to the confidentiality, integrity, and availability of customer data

• Protect against unauthorized access, use, disclosure, alteration, or destruction of customer data

• Protect against accidental loss or destruction of, or damage to, customer data

• Safeguard information as set forth in any local, state, or federal regulations by which ServiceTitan may be regulated

ServiceTitan’s information security program is based on National Institutes of Standards and Technology (NIST) guidance and includes the following elements: (i) security awareness and training, (ii) adherence to security policies and confidentiality, (iii) disciplinary policy and process, (iv) access controls, (v) physical and environmental security, (vi) data encryption in transit and at rest, (vii) disaster recovery, (viii) secure development practices, (ix) malware control, (x) data integrity and management, (xi) vulnerability management, (xii) secure deletion, (xiii) security incident management, (xiv) security breach notification and remediation, and (xv) background screening.

ServiceTitan has a unified approach to security and support and maintains industry-leading certifications. Our ability to provide a consistently high level of Service relies on the standardization of ServiceTitan’s operations. As a result, ServiceTitan does not agree to individual customer’s security or support policies which do not accurately reflect ServiceTitan’s security controls and single back-end support model.

ServiceTitan’s ability to provide a one-to-many service delivery model requires that we standardize our security and privacy methodologies. ServiceTitan makes a pre-signed data privacy agreement (DPA) available to customers on our ServiceTitan Legal website. ServiceTitan’s DPA accurately describes ServiceTitan’s processing of customer data, which is handled the same way for each of ServiceTitan’s customers given ServiceTitan’s one-to-many business model. ServiceTitan is a service provider as defined under the California Consumer Privacy Act of 2018 (CCPA). ServiceTitan has comprehensively evaluated CCPA requirements and implemented numerous privacy and security practices to ensure compliance with CCPA. ServiceTitan also provides transparency through the ServiceTitan Legal website so that customers feel comfortable sharing their customer data because they are aware of the data protection controls that ServiceTitan has in place.

ServiceTitan has thousands of customers. In order to maintain the security of ServiceTitan’s Service and facilities, we are not able to permit individual customers to audit ServiceTitan. However, ServiceTitan is routinely and rigorously audited by an independent third party and ServiceTitan makes the results of those audits available to our customers upon request in the form of a SOC2 Type II audit report.

Termination for convenience does not make sense in ServiceTitan’s subscription-based model. A fundamental element of ServiceTitan’s business model is that both parties are committed to the specified term in the agreement. When a customer signs up for a specified subscription length (one year or multi-year), ServiceTitan guarantees the price the customer receives up front for the entire duration of the term based on the customer’s commitment. Customers may terminate the agreement for cause in accordance with their cloud services agreement (CSA).

ServiceTitan does not offer unlimited liability. A fundamental principle of ServiceTitan’s business model is that damages arising from a breach of the agreement are subject to a limitation of liability. ServiceTitan’s CSA contains an industry-standard limitation of liability that mutually protects ServiceTitan and the customer by equally limiting each party’s damages for a breach of the agreement (see Section 13 of the terms of use). The limitation of liability is directly related to the subscription fees paid by the customer in exchange for ServiceTitan’s delivery of the Service.

Since ServiceTitan provides the Service to all of our customers concurrently, the viability of our Service has already been proven by thousands of ServiceTitan’s users. Therefore, unlike application service providers that offer customizable installed software, acceptance testing does not make sense given ServiceTitan’s business model.

Yes, ServiceTitan can and does provide professional services for the implementation, integration, and configuration of ServiceTitan’s subscription service. ServiceTitan will provide a statement of work for your review in connection with these services. ServiceTitan professional services are solely for the implementation, integration, and configuration of the ServiceTitan subscription service and are not, at the code level, unique to any individual customer. Therefore, there are no deliverables to customers and ServiceTitan retains ownership of our work to repeat the same or similar professional services for all customer engagements.