590 likes | 677 Views
Vendor Contracts: What You Need, and What You May Be Missing. Dino Tsibouris (614) 360-3133 dino@tsibouris.com. Outline. Importance of Definitions Description of Services Notice Provisions Indemnification Clauses Disclaimer of warranty Clauses Limitation of Liability Clauses. Outline.
E N D
Vendor Contracts: What You Need, and What You May Be Missing Dino Tsibouris (614) 360-3133 dino@tsibouris.com
Outline • Importance of Definitions • Description of Services • Notice Provisions • Indemnification Clauses • Disclaimer of warranty Clauses • Limitation of Liability Clauses
Outline • Responsibility for Compliance • Privacy and Security of Customer Data • Data Ownership • Service and Data Availability
Outline • Termination Provisions and Retention and Access to Data • Breach Notice Provisions • Compelled Disclosure of Data
Definition of Loan Sample: Company offers a group of education loan programs in which the Bank ("Owner") participates as a lender, all of which are originated by Owner and guaranteed by Guarantor ("Loans").
Description of Services Agreement Schedule
Description of Services In the event of conflict, Schedule governs. Schedule Agreement
Description of Services When Agreement terminates, some of the services in the schedule need not terminate. Agreement Schedule
Notice • Abide by the Notice requirements of the Agreement.
ACA v. C&BC Lesson: Parties should ensure that the limitation of liability clause and the indemnification clause properly interact with one another.
CompuCredit and CB&T • CompuCredit enters into agreement with CB&T and other banks to market credit cards. • CompuCredit assumes risk of compliance with TILA and other laws.
CompuCredit and CB&T • Due to undisclosed fees, credit cards with $300 limits, end up with $115 in available credit.
CompuCredit and CB&T • CompuCredit agrees to credit back to consumers $114 million.
CompuCredit and CB&T • Both CompuCredit and CB&T agree to pay $2.4 million in civil penalties.
CompuCredit and CB&T Lesson: The agreement must include detailed provisions regarding compliance with the law and the particular laws that apply. Lenders must follow up on compliance, conduct tests, audits, and spot checks, or face liability.
Shurland v. Bacci • Translink to "use due care in providing services covered by this Agreement" and to conduct its "performance of all services called for in this Agreement . . . consistent with industry standards.”
Shurland v. Bacci • Merchant warrants and agrees that Merchant shall fully comply with all federal, state, and local laws, rules and regulations, as amended from time to time, including the Truth-in-Lending Act and Regulation Z of the Board of Governors of the Federal Reserve System.”
Shurland v. Bacci Lesson: Parties should clearly and unambiguously assign the responsibility to comply with each law that is material to the transaction.
Privacy and Security of Customer Data Source: Ponemon Institute
Privacy and Security of Customer Data Source: Ponemon Institute
Privacy and Security of Customer Data • Data stored in the cloud may be compromised due to a breach. • Contract must take into consideration an obligation to immediately notify, cooperate, and bear the cost of sending out breach notifications and remedial actions. • Consider insurance for breaches.
Service and Data Availability • The cloud service may be subject to disruptions. • Where possible, negotiate fines or reimbursement for outages above and beyond scheduled maintenance. • Where possible, contract for greater availability and fault tolerance.
Termination Provisions and Retention and Access to Data Lessons: • Ensure that ownership of information is clearly defined. • Ensure that service provider agreement takes into consideration your ability to access to your data and return of your data in the form that you want at the end of the relationship.
Breach Notice • Prompt breach notification of confirmed breaches and suspected breaches is crucial.