Vendor Agreement Red Flags: What to Check Before You Sign

When a vendor sends you a contract, one thing is true almost every time: their lawyer wrote it and your lawyer didn't review it. That imbalance shows up in the clauses.

Vendor agreements cover everything from software subscriptions to supply deals to service contracts. The specific terms vary, but the red flags are consistent. Here's what to look for before you sign.

Auto-Renewal Clauses

This is the most expensive clause in the average vendor contract, and the easiest to miss.

An auto-renewal clause says the agreement automatically renews for another term, often a full year, unless you send written notice of cancellation within a specific window before the renewal date. That window is usually 30 to 90 days before expiration, and it's buried somewhere in the middle of the contract.

If you miss the window by one day, you're locked in for another year. The vendor's billing team will enforce this even when their sales team was friendly and flexible. The contract is the contract.

What to do: find the auto-renewal clause before you sign. Note the cancellation window in your calendar the day you sign. If the renewal term is a full year and you're not sure you'll want the service that long, try to negotiate a shorter renewal period or a right to cancel with 30 days notice at any time.

Unilateral Price Change Rights

Some vendor contracts include a clause giving the vendor the right to change pricing with notice, typically 30 to 60 days written notice. That sounds reasonable until you realize it means they can raise prices by any amount and your only option is to accept it or cancel.

For services where switching costs are high, this clause gives vendors significant leverage. You've integrated their software, trained your team, migrated your data. A 40% price increase two years in is painful, but switching is more painful, and the vendor knows it.

Look for language like "vendor reserves the right to modify pricing with X days notice" or "fees are subject to change." If you find it, try to negotiate a price cap for the initial term, something like "pricing will not increase more than X% annually during the first two years."

Limitation of Liability Caps

Almost every commercial contract limits the vendor's liability for damages. That's standard. The question is how low the cap is.

A common formulation caps the vendor's total liability at the amount you paid in the last 12 months. If you pay $500 per month and the vendor's software failure causes you $200,000 in damages, they owe you $6,000. The rest is your problem.

For low-stakes services, this is fine. For vendors with access to sensitive data, vendors whose uptime is critical to your operations, or vendors providing services where failures have real financial consequences, a 12-month fee cap may not be adequate protection.

You probably won't get the cap removed entirely. But you can sometimes negotiate it up, get carve-outs for data breaches, or add cyber liability requirements that the vendor must carry insurance adequate to cover the actual risk. Understanding how limitation of liability clauses work in general helps you evaluate whether what you're being offered is standard or a low-ball cap.

Broad Indemnification in the Wrong Direction

Indemnification clauses say that one party will protect the other from certain legal claims. The red flag is when the indemnification runs entirely in one direction and covers things that aren't your fault.

A vendor agreement might require you to indemnify the vendor against any claims arising from your use of their service, including claims caused by bugs in their software. That's backwards. You're agreeing to defend a company against lawsuits caused by their own product failures.

Look for indemnification that goes both ways: you cover claims arising from your actions, they cover claims arising from their product or service. If the clause only runs in one direction, ask for mutual indemnification or at minimum get the scope narrowed to things you actually control. For more on how these clauses work, indemnification provisions in commercial contracts follow predictable patterns that are worth understanding.

Data Ownership and Use Rights

If the vendor processes, stores, or analyzes any of your data, read the data clauses carefully.

Some vendor agreements include broad rights to use your data for product improvement, benchmarking, or aggregate analysis. In many cases this is disclosed and innocuous. In some cases, you're granting rights to use your business data in ways you didn't intend.

More important is who owns your data and what happens to it when the contract ends. The clause should be explicit that your data is yours, that the vendor will not retain it after termination, and that you can export it in a usable format before the contract ends. Proprietary formats with no export option are a trap.

SLA Gaps and Uptime Guarantees

Many software and infrastructure vendor agreements include a Service Level Agreement, or SLA, that specifies uptime commitments and what happens if those commitments aren't met.

The red flag is when the SLA sounds meaningful but the remedies are trivial. A vendor might promise 99.9% uptime, which allows for roughly 8.7 hours of downtime per year, and then offer service credits equal to one day of fees if they miss it. If your business depends on that service running, a credit worth $30 against an outage that cost you $10,000 in lost productivity or revenue is not real protection.

Check three things in every SLA: the actual uptime commitment percentage and what it translates to in hours per year, the process for claiming credits (many require you to submit a claim within a specific window), and the maximum credit amount relative to your actual exposure. If uptime is genuinely critical, try to negotiate actual termination rights if SLA failures exceed a threshold, not just credits.

Termination for Convenience Gaps

Most vendor contracts include a termination for cause provision, which lets you exit if the vendor materially breaches the agreement. That's expected.

The red flag is when there's no termination for convenience right on your side. If the vendor can cancel on you with 30 days notice but you're locked in for the full term regardless of performance, that's an asymmetric contract.

Try to negotiate a mutual termination for convenience right. If the vendor won't agree, ask for termination rights tied to specific performance failures: if uptime falls below X%, if support response times exceed Y hours, if a data breach occurs. Build your exit conditions into the contract before you need them.

Governing Law and Dispute Resolution

Vendor agreements often specify that disputes must be resolved in the vendor's home state, under their home state's laws, through arbitration rather than court.

This matters because if you have a legitimate dispute, you may have to travel to another state to resolve it, hire attorneys in an unfamiliar jurisdiction, and navigate an arbitration process that statistically favors repeat players like large vendors over first-time claimants like small businesses. The details of what arbitration clauses actually require are worth understanding before you accept this kind of provision without negotiation.

If the vendor is large enough to dictate governing law, try to at least negotiate that arbitration happens in your state or remotely. If you can, get disputes under a certain dollar amount resolved in your local small claims court rather than arbitration.

Before You Sign

Vendor agreements are negotiable more often than vendors let on. The first draft is always written for their benefit. The final version can be written for both of you.

Upload your vendor agreement to Clausely before you sign. It will flag auto-renewal provisions, liability caps, data use rights, and indemnification language, and quote the exact clauses so you know what you're agreeing to. Most problems in vendor relationships can be traced back to a contract clause nobody read at signing.