Buying tech? How to play it safe to avoid legal and commercial traps when procuring technology

Buying tech? How to play it safe to avoid legal and commercial traps when procuring technology

By Julie Daniels, SHIFT Advisory Lawyer

At the Legalwise In-House Counsel Conference 2025 on March 21, a session on technology procurement offered practical insights into the key legal and commercial risks when buying software and other technology — especially when it comes to SaaS (software-as-a-service). Here are the recommendations and tips:

1. Context

When dealing with technology contracts and procurement, context is key. You really need to understand the commercial operational implications of the relevant product or service and what it means for your organisation.

2. Strong Exit Rights

When buying SaaS products, it’s important to take a commercial and practical approach. With large US vendors offering off-the-shelf solutions, you’ll have little leverage to negotiate warranties and liability clauses, so the focus should be on securing strong exit rights if the product doesn’t perform. However, when purchasing a bespoke solution from a local vendor, you’ll have more negotiating power—allowing you to push for stronger commitments to ensure they stand behind their product and deliver on their promises. With SaaS, it’s important to consider your exit strategy—how will you get out of this contract from both a legal and commercial perspective? Understand in practical terms your organisation’s ability to switch to a new vendor. This will depend on the nature of the software and how integrated it is with other systems.

3. Managing Vendor Performance is Essential

Your agreement should include clear, objective measures to hold the vendor accountable, along with meaningful consequences if they fall short. A key consideration is how critical the product is to your business—this will determine the level of “availability” required under the contract. Service credits may not always be enough to incentivize performance, so a termination right can often be a stronger deterrent.

4. Indemnity for Third-Party IP Claims

What the vendor should be liable for will depend on the product you are buying. However, it is market practice for the vendor to stand behind the IP in their software, and you would always expect to see an indemnity for third-party IP claims. It’s common to have low caps on liability, but this might not be appropriate for bespoke products.

5. Prepare and Consider Must-Haves for Your Organisation

Before approaching the market for a SaaS product, it’s crucial to clearly define your organisation’s requirements. This ensures you can effectively engage with vendors and assess contractual terms later. If you’re contracting on your own terms, strike a balance—overly customer-friendly clauses can drive up costs, as suppliers will factor in the added risk. Be strategic in how risk is allocated to get the best value.

6. Due Diligence on the Vendor

While you can do a fantastic job negotiating the terms of the contract, this means nothing if your team hasn’t done robust due diligence on the reliability of the vendor. Loss of trust from your stakeholders cannot be covered by a warranty. Consider the vendor’s prior experience, look at public reports, any prior cyber incidents and learnings, consider jurisdictional risk, and any certifications the vendor holds. A reputable vendor should be transparent about how they protect your data and proactively share their security measures.

Conclusion

Effective SaaS Procurement goes beyond just securing favourable contract terms — it requires a deep understanding of your organisation’s needs, careful risk allocation, and thorough due diligence on vendors. By balancing commercial and legal considerations, ensuring clear exit strategies, and holding vendors accountable, in-house counsel can better protect their organisations from potential pitfalls.