Before you sign a contract, read it. Here are some real examples of things I’ve run across:
- The employees who work with us must pass a background check.
- All of your employees must pass drug tests. (No wording about if someone lives in a marijuana-legal state, and how we’re supposed to react then.)
- Employees – not just the company – must be personally liable if something goes wrong.
- You must have $1mm liability insurance.
- You must have $10mm liability insurance.
- You are liable for everything that goes wrong, with no cap on liabilities.
- Any confidential data we give you must be stored in an encrypted location.
- We’re not going to tell you what’s confidential and what isn’t.
- If we give you confidential data by accident, you have to report it to our security officer, and participate in the investigation at our headquarters.
- If we ask you to delete our data, you must delete all copies of it, including any backups.
- If we suspect that you leaked any personally identifiable data at all, you’re liable for the investigation costs.
- If we prove that you leaked personally identifiable data for any one customer, you’re liable for personal credit monitoring for all of our customers for the next 3 years, regardless of whether or not their data was leaked.
- If you leak personally identifiable data, you’re liable for a marketing campaign to fix our company’s image.
- You can’t work with any of our competitors for 3 years.
- You can’t work with any of our competitors for 3 years, and we won’t tell you who they are.
- You can’t work with any of our competitors for 3 years, and we may change our lines of business or acquire more companies at any time during those 3 years.
- If you learn anything during the engagement, you can’t apply that knowledge to other customers.
- If you give us advice and it doesn’t work, you’ll do the engagement over.
- If you give us advice and we ignore it, or it’s too hard, you’ll do it over.
- If anything breaks during the engagement, you’re liable, but you can’t stop anyone else from using the system during the engagement. (And oh yeah, we’re calling you because things are broken already.)
None of these requirements are crazy – they’re all based on troubles somebody had once, and now they’re trying to build in permanent protection in their contracts. I get it. Everything’s negotiable, and it doesn’t hurt them to ask.
But it can hurt like hell if you sign, so read carefully.