Vendor Agreement Review Guide
What to check before committing to a vendor relationship
Vendor agreements govern your relationship with suppliers, SaaS providers, service companies, and other third-party partners. These contracts often contain auto-renewal clauses, liability limitations that heavily favor the vendor, and data ownership terms that can lock you into a relationship or expose your business data. Small businesses often sign vendor contracts without negotiating — costing them thousands in unnecessary fees and lost leverage.
Common Red Flags
Auto-renewal with long notice periods
Many vendor contracts auto-renew for 1-2 years unless you cancel 60-90 days before renewal. Miss the window and you're locked in. Calendar the cancellation deadline immediately.
One-sided limitation of liability
Vendors often cap their liability at one month of fees while leaving your liability unlimited. If the vendor's product causes a data breach or business interruption, one month of fees won't cover your losses.
Vendor owns your data
Some SaaS contracts claim ownership of data you upload or generate on their platform. Your business data should always remain yours, with the vendor having only a limited license to provide the service.
Unilateral price increases
Contracts that allow the vendor to raise prices at any time without your consent can lead to surprise cost increases. Look for price protection periods or caps on annual increases.
No SLA or uptime guarantee
If you depend on a vendor's service, there should be a Service Level Agreement with defined uptime targets (99.9% is standard) and remedies if they fall short.
Broad indemnification in vendor's favor
You shouldn't indemnify the vendor for their own negligence or product defects. Indemnification should be limited and proportional.
Must-Have Clauses
Service description and SLA
Exactly what service is being provided, performance standards, uptime guarantees, and remedies for service failures.
Pricing and payment terms
Total cost, payment schedule, what triggers additional charges, price increase limitations, and refund policy.
Data ownership and portability
You own your data. The vendor gets a limited license to process it. Upon termination, the vendor must return or delete your data in a usable format.
Term, renewal, and termination
Contract duration, auto-renewal terms (if any), cancellation notice requirements, and termination for cause provisions.
Limitation of liability
Balanced liability caps for both parties. Neither party should have unlimited liability. Minimum vendor liability should equal 12 months of fees.
Security and compliance
Vendor's security standards, data protection measures, breach notification requirements, and compliance certifications (SOC 2, GDPR, etc.).
Negotiation Tips
- Negotiate auto-renewal out of the contract, or at minimum reduce the notice period to 30 days.
- Push vendor liability caps to at least 12 months of fees — not 1 month.
- Add a data portability clause requiring the vendor to export your data in a standard format upon termination.
- Request a price lock for the initial term — no increases until renewal.
- If uptime matters to your business, insist on an SLA with service credits for outages.
- Add a termination for convenience clause — you should be able to exit with 30-60 days notice.
Have a vendor agreement to review?
Get an instant AI-powered analysis with red flags, missing clauses, and negotiation suggestions — for just $4.99.
Review My ContractFrequently Asked Questions
What should I check in a vendor agreement?
Focus on: pricing and hidden fees, auto-renewal terms, data ownership, liability caps, SLA/uptime guarantees, and termination rights. Many vendor contracts are designed to lock you in and limit the vendor's responsibility.
Can I negotiate a SaaS vendor contract?
Yes, especially for annual contracts over $1,000. Vendors expect negotiation on enterprise deals. Even for smaller contracts, you can often negotiate auto-renewal terms, pricing, and data portability.
What is an auto-renewal clause?
An auto-renewal clause automatically extends your contract for another term (often 1 year) unless you provide written notice of cancellation within a specific window (often 60-90 days before renewal). Missing this window locks you in.
Who owns the data in a SaaS contract?
You should own your data. The vendor should only have a limited license to process your data to provide the service. Be wary of contracts where the vendor claims ownership or broad rights to use your data for analytics, AI training, or resale.
What is a reasonable SLA for a SaaS product?
99.9% uptime (about 8.7 hours of downtime per year) is standard for business SaaS. Critical services should offer 99.95% or higher. The SLA should include service credits (typically 5-10% of monthly fees) for each hour of downtime below the target.