Library Vendor Contract Red Flags
A printable checklist you can use before renewal, procurement, or an "urgent" addendum shows up in your inbox.
Data + Exit
- No clear data export format, timeline, or cost.
- "Reasonable efforts" or "commercially reasonable" for anything you actually rely on.
- Vendor can delay export until all fees are paid (including disputed fees).
- Termination language exists, but data return is vague or missing.
Pricing + Renewals
- Auto-renewal with a short cancellation window.
- Price increases not capped (or capped but with broad exceptions).
- "New module"/"premium feature" language that quietly removes functionality.
- Bundling changes that force you into a higher tier.
Security + Liability
- Security promises are marketing language, not obligations.
- No breach notification timeline.
- Liability caps that are lower than your realistic downside.
- Indemnification is one-way (you indemnify them, not vice versa).
AI Clauses
- Vendor can use your data/content to "improve services" without tight boundaries.
- AI features added without an opt-out, clear documentation, or governance controls.
- No commitment to disclose model changes that affect outputs.
- AI errors are excluded from warranties/responsibility.