5 Keys to Effective Technology Contracts
Technology Contracts — often called Terms & Conditions — are the set of documents that no one ever wants to read . . . unless you happen to be a contract law attorney or a company executive sitting on a decision to spend a significant amount of money on new hardware, upgrading software, or implementing a management system solution.
Unless you are a technology vendor, it is unlikely that you will be in charge of drafting such contracts. However, whether you are the seller or the buyer, you can guarantee that you’ll find yourself at the negotiation table over a tech contract deal at some point. Here are 5 keys for quickly paving the way to a good deal:
1. Know Your Objectives
Before you even have an attorney pick up the contract for drafting or negotiations, it’s a good idea to sit down with your team and outline your organization’s priorities and goals. Without a thorough understand of your main objectives, it can be easy to get lost in the weeds. This can be a time-consuming process, but it is essential to forming a clear relationship with the party on the other end of the technology contract.
Each party should be clear about the project requirements and deliverables, as well as how changes to the initial request should be processed. Important considerations include:
- Is the buyer purchasing ownership of the technology or merely a license of use?
- Does the relationship end after the purchase date, or should renewal terms be considered? Are ongoing maintenance and bug fixes required?
- What deal-breakers need to be clearly addressed at the beginning?
- Is development/support handled in-house or through a foreign entity outside of the United States?
- What protocols are in place to ensure data security? What is the plan should a breach occur?
Entering a technology dealing without a clear, upfront understanding can lead to hard-feelings, wasted time, unnecessary financial risks, or missing required elements. The initial negotiation should set the tone of the arrangement and leave everything out on the table.
2. Lock in Your Rights
Once you’ve outlined your objectives, it’s easier to clearly focus on ensuring that the contract spells out your organization’s specific needs. Here are some items to check off your list:
- Does the contract limit the number of users? Is that acceptable to meet your organization’s needs?
- Is there a limitation on who may access the technology, such as limiting access to only your employees, and blocking use by your contractors or vendors?
- Is there an affiliate organization that will be allowed to use the technology?
- Who owns the rights to development made by the buyer?
The technology contract will be only as good as the rights within it. Be sure to get the right rights.
3. Demand Indemnification
Indemnification is one of the most important clauses in a contract when things go wrong — if your organization is sued because of its use of the technology, when can you pass the weight of that lawsuit onto another’s shoulders? When rights are violated (think: intellectual property, date privacy, or financial harm), you’ll want to ensure that your organization is not signing on to be responsible for someone else’s mistake. Through indemnification, if your organization were ever sued, that special clause could require that the technology vendor pays for the customer’s legal fees or provide legal defense and pay related customer damages.
It is standard practice that indemnification be included in any tech contract — although you may need to negotiate the scope of the clause. A refusal to indemnify serves as a huge red flag — that’s not a company you want to deal with.
4. Protect Your Data
If your business is obligated to comply with the GDPR or CCPA, pay attention to how your technology vendor is securing your data. Note: every state and country that you operate in has data security laws — stay compliant. A data security clause should outline the procedures followed for ensuring data is secure. Common controls include: encryption, passwords, 2 factor authentication and physical security measures. Vendors will want a clause in tech contracts that require the buyer to cooperate with their data security incident response plans, such as providing the vendor notice of possible breach or allowing the vendor to share the buyer’s data with security auditors or parties in a lawsuit.
Data breaches affect roughly 25% of organizations[1] — it is vital that an organization understands and is comfortable with how its vendors protect its information and that of its customers.
5. Agree on After-Purchase Service
When implementing a new technology for your organization, it is important to define upfront what sort of care you will require.
- What are the customer service hours in which the vendor must be available to the buyer?
- Are there business hour restrictions for when software must be available to the buyer?
- Is the vendor even required to provide software updates and bug fixes?
- If the technology breaks, who is required to fix it, what notice must be provided, and how quickly must the issue be resolved?
- What is the remedy if the vendor does not meet its service level agreement obligations?
- Should the source code be held in escrow so that the buyer can access it if the vendor does not fulfil its obligations or goes out of business?
While this is not a comprehensive checklist, the discussion of these considerations with a prospective vendor can be the basis of an agreement that more fully protects the interests of the customer.
[1] Source: RedLock.
About Lauren Hughes
Lauren Hughes is the privacy and branding lead at Rockridge Venture Law®. Equally adept at creative campaigns as well as technology transactions, Lauren leads clients through copyright, privacy, regulatory, and trademark considerations in optimizing successful e-commerce portfolios. She is a leading voice among women practicing in technology and tech law. Her primary practice areas include copyright and trademark law, data privacy, sports and entertainment law, and technology transactions. Lauren also leads the Knoxville Technology Council’s Women in Tech Committee, and is a Director of the Tennessee Women’s Theater Project. Read more about Lauren, connect with her, and Calendly her.
RVL® Articles by Lauren
What are the Benefits of a Registered Trademark?
5 Steps to Protecting Buyers’ Privacy and Data
The California Consumer Privacy Act Doesn’t Apply to Me, Does It?
Certification Marks / Trustmarks in E-Commerce
3 Steps to Creating a Culture of Privacy Protection
Key Elements of an Effective Data Privacy Compliance Program
About RVL®
Rockridge Venture Law®, or RVL®, was launched in 2017 to become the preeminent intellectual property and technology firm across the Appalachian Innovation Corridor. We have offices in Chattanooga, Durham, and Nashville, and represent clients and interests globally. Our services include all aspects of intellectual property, litigation, M&A, privacy, technology transactions, and ventures.
In 2018 and 2019, we were recognized as B Corp Best for the World for our commitment to triple bottom line business practices. RVL® is also certified by 1% for the Planet for its nonprofit partnerships advancing stewardship and sustainability. RVL’s nonprofit partners in 2020 include Green|Spaces, Living Lands and Waters, Mustard Seed Ranch, and the NC State Lulu Games Social and Environmental Impact Competition.
Our pioneering environmental and social impact programs attract top-notch legal talent and assure our clients of missional Rockridge Venture Law alignment with their corporate values. Rockridge uniquely addresses two modern profit drivers: innovation (uptake and development), and corporate social responsibility. We’re Building Today’s Company for Tomorrow’s Economy® by leading clients through the dizzying array of information controls, by helping them to develop and monetize proprietary assets, and by enabling their impactful products, programs, and principles.
Learn about global impact and innovation leaders at Rockridge I-Suite®.
See case studies on how we’ve helped transformative companies at Rockridge Portfolio.
