HomeDocuments
Tenancy Agreement Commercial Lease Freelancer Contract Employment Contract Service Agreement Settlement Agreement NDA Company Constitution Shareholder Agreement Partnership Agreement Board Minutes Director's Loan Loan Agreement Licence Agreement Power of Attorney GDPR Privacy Policy Website T&Cs Data Processing Agreement Will
IndustriesToolsAnalyse ContractsPricingBlogGenerate a Document
HomeBlogBusiness

5 Red Flags in Supplier Contracts for Irish SMEs

2026-03-215 min read

1. Auto-Renewal Traps

Many supplier contracts automatically renew for another year unless you give written notice 30-90 days before the renewal date. Miss the window by a single day and you are locked in for another full term. Always check for auto-renewal clauses, note the notice deadline in your calendar, and negotiate a shorter renewal notice period or a month-to-month option after the initial term.

2. Asymmetric Liability

A common pattern: the supplier caps their liability at the fees paid in the last 12 months, while your liability remains uncapped. If the supplier's service causes you to lose a major client or breach a regulation, their maximum exposure might be EUR 10,000 while yours is unlimited. Push for balanced liability caps or, at minimum, ensure that key risks (data breaches, IP infringement) are carved out from the supplier's cap.

Upload for Analysisautomated, delivered in under 1 hour
Upload for Analysis

3. Vague or Missing SLAs

Commitments like "commercially reasonable efforts" or "best endeavours to maintain availability" provide almost no protection. A meaningful SLA specifies a measurable target (e.g. 99.9% uptime), a clear measurement method, a defined consequence for failure (service credits or termination right), and a remedy if SLAs are consistently missed. If the supplier will not commit to measurable SLAs, that tells you something.

4. One-Sided Indemnities

An indemnity clause requires one party to cover the other's losses in specified situations. Watch for one-sided indemnities where you indemnify the supplier for a broad range of scenarios, but the supplier does not indemnify you at all - or only for a narrow set of circumstances. Push for reciprocal indemnities that are proportionate to each party's obligations.

5. No Data Processing Addendum

If your supplier processes personal data on your behalf (which includes most SaaS, cloud storage, email marketing, and payment platforms), GDPR Article 28 requires a written data processing agreement. This should cover what data is processed, for what purpose, sub-processor controls, breach notification timelines, and data deletion on termination. If the contract does not include a DPA, ask for one before signing - it is a legal requirement, not an optional extra.

You Might Also Like

Employment
Employment Contract Essentials Under Irish Law
Business
NDA vs Confidentiality Agreement: What is the Difference?
Business
Setting Up a Company in Ireland: Documents You Need