Whilst it’s inevitably safer to get a lawyer to check over every contract you’re entering into, if you’re an SME without an in-house team this isn’t realistic, and you are likely going to choose which contracts to seek legal input on and which contracts to review yourself. This crib sheet is to assist you in the latter situation when you are reviewing contracts yourself.
Remember that risk and value do not always correlate. A low value contract could be business critical (like for a piece of software) or could involve a significant regulatory risk (such as where the supplier is processing your customers’ personal data).
The below covers some of the key points in contracts for goods and/or services contracts generally.
See my Legal Jargon Buster for Contracts for a plain English explanation of commonly used words in contracts.
Check the spec
Whether it’s a short description of the goods/services or a full specification, you need to check that what you are buying is what you think you are buying. Promises made by the sales team, in an RFP and on the supplier’s website need to be stated in black and white within the contract to ensure they apply. Before you read the specification, make a list of the key attributes you understand the goods/services to have and then tick them off as you go through. If any are missing, ask for them to be added. You also need to think about the standard that the goods/services need to meet and the milestones that the supplier should be held to.
Cost is critical
Are the upfront and ongoing costs clear? Are VAT, taxes and duties, packaging, delivery, off-loading costs, insurance etc included? Are prices fixed during the term or do they increase such as by RPI or CPI? Will the supplier agree to cap these? Are there any other circumstances when a supplier can request a price increase? Can these be removed or narrowed down? Are there any potential additional costs and if so should these be locked down? Ask the supplier directly. Don’t shy away from asking the supplier to make the costs section clearer if necessary and to be explicit in the contract when additional costs are payable and what those are.
How quickly can you exit the contract if things aren’t working out? When purchasing goods, ensure you have the right to terminate the entire contract and reject all goods if there is a defect in one installment. This is especially important if each installment is treated as a single contract. In a services contract, the ideal is to have a right to terminate for convenience which is a key way to mitigate risk all round (but it also decreases value so suppliers may resist it or link it to price).
Breach of contract – In terms of termination rights for breach of contract, do not rely on ‘material breach’ alone – it’s far too vague and requires a very serious breach to be safely relied upon (without creating legal risk for wrongful termination). Think of the most obvious things the supplier could do which would mean you wanted to terminate for breach and ask for those to be specified as non-exhaustive examples of material breach. If there are service levels, specify how many service levels failures should constitute a material breach.
Autorenewal – Does the contract automatically renew unless certain notice is provided say in advance of the anniversary? It’s very easy to miss this window and be locked in for another year. Seek to change this so you can serve notice at any time after an initial period.
No minimum volume
This deserves its own section. If the contract provides that there is no obligation on you to order any minimum volume of goods or services, you can stop placing orders at any time and termination rights are far less important. Provisions relating to quality and service levels also become less important because you know you can part ways with the supplier if output deteriorates or demand decreases.
What’s your remedy?
If things go wrong, what do you realistically expect to receive from the supplier? Loss of profits and similar losses are often excluded from contracts on the basis they are disproportionate compared to the margin on the goods/services. Ideally you want a remedy in the contract that avoids the need to sue the supplier and go to Court. Typical examples – warranties (supplier to fix or replace the goods or software within a set period), refund if you paid in advance (often overlooked but difficult for the supplier to reject if they haven’t provided what they were contractually required to), liquidated damages (fixed amount of compensation to reflect loss suffered – compelling way to make the supplier prioritise your contract but risks around enforceability so recommend lawyer checks wording) and service credits (seek to maximise the credits payable so you are a priority customer where the problem affects many or all customers). It’s easiest to ask the supplier what your remedy is if X or Y happens and ask them to confirm where it says that in the contract. Sometimes, just being able to exit the contract quickly without risk is sufficient which should be the case if you have listed examples of material breach as per section 3.
Intellectual Property (IP)
Should your company or the supplier own any IP that’s created as part of the goods or services? Unless the contract says otherwise, it will belong to the party which created it. Does the supplier need to use your logos etc? If so the contract should provide the Supplier with a non-exclusive, non-assignable, revocable licence for the term solely for the purpose of providing the deliverables/performing the services.
Unrecoverable losses – Often the supplier’s liability for the vast majority of losses (such as loss of profits, loss of business, loss of goodwill etc) are stated to be excluded meaning in reality there’s very little you can actually recover damages for if the supplier doesn’t follow the contractual requirements in terms of the goods/services. This is why understanding what your remedy would actually be (as per section 5) in those circumstances is so important.
Liability limits – The Supplier’s liability is often linked to the value of the contract (or a multiple) meaning their maximum liability will not exceed the fees paid or payable.
You need to consider the circumstances when the above should not apply and this needs to be clearly stated. Typically, liability for breach of data protection/cyber security, confidentiality, TUPE liabilities and indemnities generally (see section 8) should be uncapped or subject to a higher cap and the types of losses that are recoverable should be largely unrestricted.
Consider your own liabilities in any related contracts. For example, if you will have to provide a refund to customers if the supplier doesn’t perform then you will need to ensure the liability provisions allow you to recover this from the supplier.
Indemnities are often provided for breaches of data protection/cyber security, confidentiality, TUPE liabilities and where either party has breached a third party’s IP.
As per section 7, consider any indemnities you provide in related contracts. If you indemnify a customer or other party for a data protection/cyber security breach (which could be caused by the supplier) then you would need to ensure you receive the same indemnity from the supplier so you’re not out of pocket.
Data Protection/cyber security
Is the supplier a controller or processor? If you decide what happens to the personal data you are providing to them (which is most commonly the case) then you’re a controller and they’re a processor. If they’re a processor you are legally required to includes certain clauses and information in the contract. See the ICO guidance – What needs to be included in the contract? | ICO
You will want to ensure that the supplier has organisational (policies and practices) and technical (IT and cyber security) measures in place to protect the personal data which are appropriate to the risk involved. For example, an employee database containing medical information and bank details is much higher risk than a CRM containing just names and addresses (many of which may already be in the public domain via the phonebook).
One easy way to avoid the inevitable risks that come with sharing personal data is to anonymise the data wherever possible. If a person cannot be identified from the data then it is not personal data.
Force Majeure (FM)
Ensure FM is defined as it has no recognised meaning on its own. Narrow down any FM events listed and require them to be unforeseeable. Also require the supplier to use at least reasonable endeavours to prevent or mitigate the FM event and to have invoked their Business Continuity Disaster Recovery plan before being able to rely on the FM clause. Minimise the period a FM event can continue before you can terminate. Clarify no obligation to pay for services or goods not received due to FM.
Written by Kate Fazakerley
Principal at My Inhouse Lawyer
One of our values (Growth) is, in many ways, all about cultivating a growth mindset. We are passionate about learning, improving and evolving. We learn from each other, use the best know-how tools in the market and constantly look for ways to simplify. Lawskool is our way of sharing with you. It isn’t intended to be legal advice, rather to enlighten you to make smart business decisions day to day with the benefit of some of our insight. We hope you enjoy the experience. There are some really good ideas and tips coming from some of the best inhouse lawyers. Easy to read and practical. If there’s something you’d like us to write about or some feedback you wish to share, feel free to drop us a note. Equally, if it’s legal advice you’re after, then just give us a call on 0207 939 3959.
How it works
It starts with a conversation about you. What you want and the experience you’re looking for
We design something that works for you whether it’s monthly, flex, solo, multi-team or includes legal tech
We use Workplans to map out the work to be done and when. We are responsive and transparent
Freedom to choose & change
A responsive inhouse experience delivered via a rolling monthly engagement that can be scaled up or down by you. Monthly Workplans capture scope, timings and budget for transparency and control
A more reactive yet still responsive inhouse experience for legal and compliance needs as they arise. Our Workplans capture scope, timings and budget putting you in control
For those one-off projects such as M&A or compliance yet delivered the My Inhouse Lawyer way. We agree scope, timings and budget before each piece of work begins