What is my organization purchasing from ServiceTitan?
ServiceTitan provides subscriptions to a cloud-based software-as-a-service (SaaS) field service management solution that is accessed through the internet (the “Service”). ServiceTitan delivers our cloud-based Service using a genuine one-to-many business model. The Service is provided on the same operational infrastructure using the same security and support operations for all of ServiceTitan’s global customers.
How is ServiceTitan’s Subscription SaaS Service different from on-premise software?
Unlike traditional on-premise software, which is installed and customized by each customer, ServiceTitan’s Service is built in the cloud and delivered over the internet through a cost-effective subscription service with access to fully functional, configurable software applications. With ServiceTitan’s multi-tenant cloud delivery model, every customer is on the same version of ServiceTitan’s Service at all times and receives updates to the Service simultaneously. This allows ServiceTitan’s customers to avoid costly and disruptive hardware and software updates.
What customer data is stored and processed by the ServiceTitan Service?
ServiceTitan requires a limited set of user data to provide its Service. Typically, that data is limited to a user’s first and last name, email address, and cell phone number (in the case of multi-factor authentication). The customer controls how the Service is configured for their users and what data is submitted to the Service. ServiceTitan’s business customers are the owners and controllers of their data and ServiceTitan is the data processor and service provider. ServiceTitan processes personal data on behalf and on the instructions of our business customers, which are the entities responsible for and who control such processing. Please refer to our Data Protection Addendum (DPA) for more information on how ServiceTitan processes personal data.
How does ServiceTitan protect customer data?
Protecting customer data is top priority for ServiceTitan. ServiceTitan’s contractual commitments with respect to securing customer data are set forth in our Terms of Use. ServiceTitan’s formal security program is detailed in its independent third-party audit reports and Security Portal. To ensure a robust level of security, ServiceTitan has implemented a comprehensive cyber security program that includes risk management, organization and governance, policy and standards, audit and compliance, threat management, vulnerability management, security operations, incident response, and business resiliency.
ServiceTitan’s security program is based on best practices in the SaaS industry. As such, our goals when executing this program are:
Trust, Transparency, and Protection of Customers' data: ServiceTitan is committed to protecting and keeping our customer's data and information private and confidential. We are also committed to transparency and will respond proactively in any situation.
High Availability and Continuity of Service: You can follow live at https://servicetitan.statuspage.io/.
Risk & Compliance: Compliance profiles have a list of controls. We evaluate our SaaS solution, including technology and operations, against these controls.
Despite all the perks provided by a SaaS solution, security is a shared responsibility of both ServiceTitan and our customers. ServiceTitan is responsible for the security of its platform, including physical, infrastructure and application security. The picture below depicts the shared responsibility model.
Can we attach our own security and support exhibits to ServiceTitan’s MSA?
ServiceTitan has a unified approach to security and support and maintains industry-leading certifications. Our ability to provide a consistently high level of Service relies on the standardization of ServiceTitan’s operations which reflect ServiceTitan’s security controls and single back-end support model. As a result, ServiceTitan is unable to agree to the security or support policies of individual customers.
Can we use our own data privacy agreement as an exhibit to ServiceTitan’s MSA?
ServiceTitan’s ability to provide a multi-tenant service delivery model requires that we standardize our security and privacy methodologies. ServiceTitan’s DPA is applicable to our processing of personal data received from our customers and is incorporated into our Terms of Use. ServiceTitan’s DPA accurately describes ServiceTitan’s processing of such personal data, which is handled the same way for each of ServiceTitan’s customers given ServiceTitan’s multi-tenant business model. ServiceTitan is a service provider as defined under the California Consumer Privacy Act of 2018 (CCPA). ServiceTitan has comprehensively evaluated CCPA requirements and implemented appropriate privacy and security practices designed to ensure compliance with CCPA. ServiceTitan also provides customers access to various policies and documentation through the ServiceTitan Legal Site.
Does ServiceTitan permit its customers to audit ServiceTitan?
ServiceTitan has thousands of customers. In order to maintain the security and availability of ServiceTitan’s Service to all customers without interruption, we are not able to permit individual customers to audit ServiceTitan. However, ServiceTitan is routinely and rigorously audited by multiple independent third parties and ServiceTitan makes the results of those audits available to our customers upon request in the form of security certifications and attestations such as SOC 2 Type II, SOC 1 Type II reports, and PCI DSS Level 1 certification. You may access ServiceTitan’s security documentation via our Security Portal.
Does ServiceTitan offer termination for convenience?
Termination for convenience is incompatible with ServiceTitan’s subscription-based model. A fundamental element of ServiceTitan’s business model is that both parties are committed to the specified term in the agreement. When a customer signs up for a specified subscription length (one year or multi-year), ServiceTitan commits to certain pricing as set forth in the applicable agreement for the duration of that subscription length. Customers may terminate the agreement for cause in accordance with the terms of the applicable agreement, which in many cases is a Customer Success Agreement (CSA).
Does ServiceTitan offer unlimited liability?
ServiceTitan does not offer unlimited liability. A fundamental principle of ServiceTitan’s business model is that damages arising from a breach of the agreement are subject to a limitation of liability. ServiceTitan’s Terms of Use include an industry-standard limitation of liability applicable to ServiceTitan and its provision of the Service. The limitation of liability is directly related to the subscription fees paid by the customer in exchange for ServiceTitan’s delivery of the Service.
Does ServiceTitan provide an acceptance testing period?
Since ServiceTitan provides the Service to all of our customers concurrently, the viability of the Service has already been proven by thousands of ServiceTitan users. Therefore, unlike application service providers that offer customizable installed software, acceptance testing does not make sense given ServiceTitan’s business model.
Does ServiceTitan offer professional services?
Yes, ServiceTitan can and does provide professional services for the implementation, integration, and configuration of the Service. ServiceTitan will provide a statement of work for your review in connection with these professional services. ServiceTitan professional services are solely for the implementation, integration, and configuration of the Service and are not, at the code level, unique to any individual customer. Therefore, there are no deliverables to customers and ServiceTitan retains ownership of our work to repeat the same or similar professional services for all customer engagements.