ContractRisk.io
Master Services AgreementSample review

7.7

/ 10 risk

Enterprise Master Services Agreement

Customer ↔ Titan Systems, Inc. · Governing law: United States

⚖️ Verdict: High risk — renegotiate before signingLeans: Heavily favors the vendor (Titan)

One of the most lopsided enterprise contracts you will see — the vendor caps its own liability at a single month of fees while making your liability unlimited. Treat this as a redline-everything starting point, not a deal to sign.

9

Clauses analyzed

5

High risk

4

Need review

0

Accepted

↓ Download PDF↓ Download WordAll samplesScan your own — free →

Where to focus

Your top negotiation priorities

The flagged clauses ranked by how much they matter. Tackle these first — tap any one to jump to the full breakdown and the suggested safer rewrite.

1

Uncapped Customer Liability vs. 1-Month Vendor Cap

LiabilityHIGH RISK

This is the single most dangerous clause in the agreement. A one-month cap is far below the 12-month market floor, and pairing it with unlimited customer-side liability is a deal-blocker for most procurement teams. Demand mutual, symmetric caps.

Jump →
2

One-Sided Indemnity Covering Vendor's Own Negligence

IndemnificationHIGH RISK

Indemnifying a counterparty for its own negligence is unusual and, in some states, unenforceable absent clear language. The total absence of an IP-infringement indemnity from the vendor is a critical gap.

Jump →
3

Unilateral Mid-Term Price Increases

PaymentHIGH RISK

Mid-term, uncapped price increases with no exit right transfer all pricing power to the vendor. At minimum, fix prices for the term and cap renewal increases.

Jump →

Shared contract report

Clause risk overview

Enterprise-grade contract risk intelligence.

Scan your own contract — free →

Overall risk

HIGH RISKScore: 7.7/109 clauses
High: 5Medium: 4Accepted: 0

Benchmark delta

+2.7

Industry benchmark

5/10

Compound risks

2

Heatmap high

5

Termination + liability imbalance • Cluster of high-risk clauses

Risk heatmap

High
56%
Medium
44%
Accepted
0%

Uncapped Customer Liability vs. 1-Month Vendor Cap

LiabilityScore 10/10Priority 10/10
HIGH RISK
SeverityOverall 10/10
Financial
10.0
Legal
9.0
Ops
7.0
FinancialLegal
  • Titan caps its own liability at a single month of fees and excludes all indirect damages including data loss, while expressly making the Customer's payment and indemnity obligations unlimited.
  • This is one of the most lopsided liability provisions you will see.
Risk insight: This is the single most dangerous clause in the agreement. A one-month cap is far below the 12-month market floor, and pairing it with unlimited customer-side liability is a deal-blocker for most procurement teams. Demand mutual, symmetric caps.
Safer rewrite: Each party's aggregate liability shall be capped at the greater of (i) 12 months of fees or (ii) USD $X. The cap shall be mutual and shall be lifted equally for both parties for breaches of confidentiality/data-protection, indemnification obligations, and gross negligence or willful misconduct. Neither party excludes liability for data loss arising from its own breach of its security obligations.
Law ref: UCC §2-719(3); unconscionability doctrine, Restatement (Second) of Contracts §208
Worst case: A vendor-caused data breach inflicts seven figures of regulatory and remediation cost on the customer, but contractual recovery is capped at one month of fees — while the customer's own indemnity exposure remains unlimited.

One-Sided Indemnity Covering Vendor's Own Negligence

IndemnificationScore 9/10Priority 10/10
HIGH RISK
SeverityOverall 9/10
Financial
9.0
Legal
10.0
Ops
6.0
LegalFinancial

The Customer must indemnify Titan for essentially everything, expressly including claims 'caused in part by Titan's own negligence,' and Titan gives no indemnity at all — not even for IP infringement by its own product, which vendors almost always provide.

Risk insight: Indemnifying a counterparty for its own negligence is unusual and, in some states, unenforceable absent clear language. The total absence of an IP-infringement indemnity from the vendor is a critical gap.
Safer rewrite: Make indemnities mutual and fault-based. Titan shall indemnify the Customer against third-party claims that the services infringe IP rights and against claims arising from Titan's negligence or breach. The Customer's indemnity shall be limited to its own data and unlawful use and shall exclude claims to the extent caused by Titan.
Law ref: Restatement (Second) of Contracts §90; express-negligence rule (TX)
Worst case: A third party sues over the platform's patent infringement and the Customer — not the vendor that built it — must defend and pay.

Unilateral Mid-Term Price Increases

PaymentScore 8/10Priority 9/10
HIGH RISK
SeverityOverall 8/10
Financial
9.0
Legal
6.0
Ops
5.0
Financial
  • Titan may raise fees at any time — including mid-term — on 30 days' notice, with no cap and no corresponding right for the Customer to terminate.
  • Combined with non-cancelable, non-refundable fees, the Customer is locked in at whatever price the vendor sets.
Risk insight: Mid-term, uncapped price increases with no exit right transfer all pricing power to the vendor. At minimum, fix prices for the term and cap renewal increases.
Safer rewrite: Fees are fixed for the initial term. Any increase at renewal shall not exceed the lesser of 5% or CPI, and Titan shall provide at least 60 days' notice. If Titan increases fees beyond this, the Customer may terminate without penalty and receive a pro-rata refund of prepaid fees.
Worst case: Six months into a 36-month lock-in, fees jump materially with no right to walk away.

Assignment of Customer Data Rights

Intellectual PropertyScore 8/10Priority 10/10
HIGH RISK
SeverityOverall 8/10
Financial
7.0
Legal
8.0
Ops
6.0
LegalComplianceFinancial
  • The Customer assigns all feedback to Titan and grants a perpetual, irrevocable license to commercialize any data derived from its usage, including aggregated/de-identified data, for any purpose.
  • This can conflict with the Customer's obligations to its own users.
Risk insight: Broad data-derivative rights are common for telemetry but become risky when they extend to commercializing data that may include personal or confidential information. Narrow the scope and exclude Customer Content and personal data.
Safer rewrite: The Customer grants Titan a license to use usage data solely to provide, secure, and improve the services. Titan may use aggregated, de-identified data that cannot reasonably be re-identified, provided such use complies with applicable data-protection law and excludes Customer Content and personal data.
Law ref: GDPR Art. 5 (purpose limitation); CCPA §1798.140
Worst case: The vendor monetizes data derived from the Customer's confidential workloads, breaching the Customer's commitments to its own clients.

36-Month Lock-In, 180-Day Non-Renewal Notice

Term & TerminationScore 8/10Priority 10/10
HIGH RISK
SeverityOverall 8/10
Financial
8.0
Legal
7.0
Ops
7.0
FinancialOperationalLegal

A 36-month initial term auto-renews for 24-month periods unless the Customer gives 180 days' notice, the Customer cannot terminate for convenience, and Titan can suspend immediately on any late payment or 'suspected' breach.

Risk insight: The combination of a long lock-in, a long notice window, no customer exit, and an aggressive vendor suspension right is heavily one-sided. Add a termination-for-cause right, shorten the notice window, and require notice-and-cure before suspension.
Safer rewrite: Reduce the renewal term to 12 months and the non-renewal notice to 30–60 days. Add a Customer right to terminate for material, uncured breach (30-day cure) and a pro-rata refund. Titan may suspend only for undisputed amounts more than 30 days overdue after written notice.
Worst case: Performance degrades, but the Customer is contractually trapped for up to three more years with no exit.

One-Way Audit Right with 15% Penalty

ComplianceScore 6/10Priority 8/10
NEEDS REVIEW
SeverityOverall 6/10
Financial
7.0
Legal
5.0
Ops
6.0
ComplianceFinancial

Titan can audit the Customer on five days' notice and impose a 15% penalty plus audit costs for any shortfall, while the Customer has no reciprocal right to audit Titan's security or data-handling.

Risk insight: License-verification audits are normal, but the penalty and the lack of any customer audit right over the vendor's security posture are not. Make audit rights reasonable and reciprocal for security/compliance.
Safer rewrite: Limit Titan's audits to once per year on 30 days' notice; remove the 15% penalty (the Customer pays only the verified shortfall). Grant the Customer the right to receive Titan's SOC 2 reports and to audit Titan's compliance with its security and data-protection obligations.
Law ref: GDPR Art. 28(3)(h) (audit rights)

Asymmetric Assignment Rights

AssignmentScore 5/10Priority 6/10
NEEDS REVIEW
SeverityOverall 5/10
Financial
4.0
Legal
6.0
Ops
5.0
Legal
  • Titan may assign freely without consent, while the Customer cannot assign even by merger or change of control without Titan's discretionary consent.
  • This can block or complicate the Customer's own corporate transactions.
Risk insight: Make assignment mutual, and at minimum allow the Customer to assign to a successor in a merger or sale of substantially all assets without consent.
Safer rewrite: Either party may assign this Agreement to a successor in connection with a merger, acquisition, or sale of substantially all assets, upon notice. Any other assignment requires the other party's consent, not to be unreasonably withheld.

Mandatory Arbitration with Class-Action Waiver

Dispute ResolutionScore 6/10Priority 7/10
NEEDS REVIEW
SeverityOverall 6/10
Financial
5.0
Legal
7.0
Ops
4.0
Legal

All disputes go to individual binding arbitration in the vendor's home county (Travis County, TX), with a jury-trial waiver, a class-action waiver, and a loser-pays fee provision.

Risk insight: Arbitration clauses are enforceable, but the home-venue choice, class waiver, and fee-shifting all favor the vendor. Negotiate a neutral venue and consider carving injunctive relief (e.g., IP/confidentiality) out of arbitration.
Safer rewrite: Select a neutral venue or the defendant's home forum, allow either party to seek injunctive relief in court for IP/confidentiality matters, and make each party bear its own fees unless a statute provides otherwise.
Law ref: Federal Arbitration Act, 9 U.S.C. §2

Full AS-IS / AS-AVAILABLE Warranty Disclaimer

WarrantyScore 5/10Priority 6/10
NEEDS REVIEW
SeverityOverall 5/10
Financial
4.0
Legal
6.0
Ops
5.0
Legal
  • The services are 'AS IS' and 'AS AVAILABLE' with every warranty disclaimed, including security and uninterrupted availability.
  • For an enterprise commitment of this length, a minimum conformance and security warranty is reasonable.
Risk insight: A blanket disclaimer is aggressive for a paid, multi-year enterprise deal. Request a limited warranty of material conformance to documentation and a commitment to maintain its stated security controls.
Safer rewrite: Titan warrants that the services will materially conform to the Documentation and that Titan will maintain the security controls described in Exhibit [Security]. Remedy for breach is correction or, failing that, termination and a pro-rata refund.
Law ref: UCC §2-316

Want this for your own contracts?

Get the full clause-by-clause breakdown, suggested rewrites, law references, and a redlined Word doc — free to start.

Start free →