diff --git a/server-ce/hotfix/3.5.4/Dockerfile b/server-ce/hotfix/3.5.4/Dockerfile
new file mode 100644
index 0000000000..b1e0c9a83d
--- /dev/null
+++ b/server-ce/hotfix/3.5.4/Dockerfile
@@ -0,0 +1,5 @@
+FROM sharelatex/sharelatex:3.5.3
+
+# Patch: run primary email check in saas only
+COPY primary_email_check_saas.patch .
+RUN patch -p0 < primary_email_check_saas.patch
diff --git a/server-ce/hotfix/3.5.4/primary_email_check_saas.patch b/server-ce/hotfix/3.5.4/primary_email_check_saas.patch
new file mode 100644
index 0000000000..838fcb4f92
--- /dev/null
+++ b/server-ce/hotfix/3.5.4/primary_email_check_saas.patch
@@ -0,0 +1,10 @@
+--- services/web/app/src/Features/Project/ProjectController.js
++++ services/web/app/src/Features/Project/ProjectController.js
+@@ -535,6 +535,7 @@ const ProjectController = {
+
+         if (
+           user &&
++          Features.hasFeature('saas') &&
+           UserPrimaryEmailCheckHandler.requiresPrimaryEmailCheck(user)
+         ) {
+           return res.redirect('/user/emails/primary-email-check')
diff --git a/services/web/app/src/Features/Project/ProjectController.js b/services/web/app/src/Features/Project/ProjectController.js
index f03a148839..c08d9e525a 100644
--- a/services/web/app/src/Features/Project/ProjectController.js
+++ b/services/web/app/src/Features/Project/ProjectController.js
@@ -535,6 +535,7 @@ const ProjectController = {
 
         if (
           user &&
+          Features.hasFeature('saas') &&
           UserPrimaryEmailCheckHandler.requiresPrimaryEmailCheck(user)
         ) {
           return res.redirect('/user/emails/primary-email-check')
diff --git a/services/web/test/acceptance/src/PrimaryEmailCheckTests.js b/services/web/test/acceptance/src/PrimaryEmailCheckTests.js
index 8a858eb6e9..4d2d16b2b7 100644
--- a/services/web/test/acceptance/src/PrimaryEmailCheckTests.js
+++ b/services/web/test/acceptance/src/PrimaryEmailCheckTests.js
@@ -6,12 +6,6 @@ const Features = require('../../../app/src/infrastructure/Features')
 describe('PrimaryEmailCheck', function () {
   let userHelper
 
-  before(async function () {
-    if (!Features.hasFeature('saas')) {
-      this.skip()
-    }
-  })
-
   beforeEach(async function () {
     userHelper = await UserHelper.createUser()
     userHelper = await UserHelper.loginUser(
@@ -19,7 +13,87 @@ describe('PrimaryEmailCheck', function () {
     )
   })
 
-  describe('redirections', function () {
+  describe('redirections in Server CE/Pro', function () {
+    before(async function () {
+      if (Features.hasFeature('saas')) {
+        this.skip()
+      }
+    })
+
+    describe('when the user has signed up recently', function () {
+      it("shouldn't be redirected from project list to the primary email check page", async function () {
+        const response = await userHelper.fetch('/project')
+        expect(response.status).to.equal(200)
+      })
+
+      it('should be redirected from the primary email check page to the project list', async function () {
+        const response = await userHelper.fetch(
+          '/user/emails/primary-email-check'
+        )
+        expect(response.status).to.equal(302)
+        expect(response.headers.get('location')).to.equal(
+          UserHelper.url('/project').toString()
+        )
+      })
+    })
+
+    describe('when the user has checked their email recently', function () {
+      beforeEach(async function () {
+        const time = Date.now() - Settings.primary_email_check_expiration * 0.5
+        await UserHelper.updateUser(userHelper.user._id, {
+          $set: { lastPrimaryEmailCheck: new Date(time) },
+        })
+      })
+
+      it("shouldn't be redirected from project list to the primary email check page", async function () {
+        const response = await userHelper.fetch('/project')
+        expect(response.status).to.equal(200)
+      })
+    })
+
+    describe('when the user has confirmed their primary email recently', function () {
+      beforeEach(async function () {
+        // the user should check again their email according to `lastPrimaryEmailCheck` timestamp, but the behaviour is
+        // overridden by email confirmation
+        const time = Date.now() - Settings.primary_email_check_expiration * 2
+        await UserHelper.updateUser(userHelper.user._id, {
+          $set: { lastPrimaryEmailCheck: new Date(time) },
+        })
+
+        await userHelper.confirmEmail(
+          userHelper.user._id,
+          userHelper.user.email
+        )
+      })
+
+      it("shouldn't be redirected from project list to the primary email check page", async function () {
+        const response = await userHelper.fetch('/project')
+        expect(response.status).to.equal(200)
+      })
+    })
+
+    describe('when the user has signed for longer than the email check expiration period', function () {
+      beforeEach(async function () {
+        const time = Date.now() - Settings.primary_email_check_expiration * 2
+        await UserHelper.updateUser(userHelper.user._id, {
+          $set: { lastPrimaryEmailCheck: new Date(time) },
+        })
+      })
+
+      it("shouldn't be redirected from project list to the primary email check page", async function () {
+        const response = await userHelper.fetch('/project')
+        expect(response.status).to.equal(200)
+      })
+    })
+  })
+
+  describe('redirections in SAAS', function () {
+    before(async function () {
+      if (!Features.hasFeature('saas')) {
+        this.skip()
+      }
+    })
+
     describe('when the user has signed up recently', function () {
       it("shouldn't be redirected from project list to the primary email check page", async function () {
         const response = await userHelper.fetch('/project')