Onley Law Professional Corporation
Book a Call

The Ultimate Contract Review Checklist for Canadian Businesses

Contract Review: The Non-Negotiable Foundation of Every Business Deal

A bad contract is more expensive than no contract. An unreviewed contract is a time bomb waiting to explode – usually at the moment when you can least afford it.

I’ve seen businesses lose money, reputation, and opportunities because they didn’t slow down long enough to review contracts properly. I’ve also seen businesses save hundreds of thousands by catching one problematic clause before signing.

Here’s the reality: contract review isn’t about being paranoid. It’s about understanding what you’re agreeing to before you’re legally bound to it.

The Three Tiers of Contract Review

Tier 1: Routine contracts (customer agreements, basic vendor terms)
You have a template. You’ve used it 50 times. The other party wants minor tweaks. 15-30 minutes of review.

Tier 2: Important contracts (big customer deal, partnership, financing)
This has real business impact. Higher value. Non-standard terms. Significant risk if something goes wrong. 1-3 hours of review.

Tier 3: Critical contracts (major acquisition, investment, restructuring)
This is transformational. Legal complexity is high. Long-term obligation. Risk exposure is significant. Full legal diligence required. 5+ hours of review.

The Ultimate Contract Review Checklist

SECTION 1: BASIC CONTRACT MECHANICS

Identify the parties

  • Who are we contracting with? (Individual, corporation, partnership?)
  • Is their legal name spelled correctly?
  • Do they have the authority to enter into this contract?
  • If they’re a corporation, are they in good standing? (Not dissolved, not bankrupt)

Define the scope of work/deliverables

  • What exactly is being provided? (Be specific – vague descriptions cause disputes)
  • What are the acceptance criteria? (How do we know it’s done right?)
  • Are there any exclusions or limitations? (What are we NOT getting?)
  • Are there schedules or appendices that clarify the scope? (Review them – they’re binding)

Pricing and payment terms

  • What is the total price? (Fixed vs. variable?)
  • Are there any additional costs? (Expenses, change orders, etc.)
  • When and how do we pay? (Upfront, milestone-based, upon completion?)
  • What’s the payment method? (Wire, credit card, check?)
  • Are there late payment penalties? (Should there be?)
  • Is there a payment schedule? (Make sure we can afford it)

Term and termination

  • When does the contract start and end?
  • Does it auto-renew? (Many contracts silently renew unless you actively cancel)
  • Can we terminate early? (Is there a penalty?)
  • What happens to our data/assets if the contract ends?
  • Are there notice requirements to cancel? (Some require 60-90 days notice)

SECTION 2: RISK AND LIABILITY

Representations and warranties

  • What is the other party representing is true about their service/product/business?
  • Examples: “We have the right to grant these IP rights,” “This software has no viruses,” “We have authority to sign this contract”
  • What happens if a representation is false? (Does indemnification apply?)
  • Are there any caveats or exclusions? (Buyer beware, no warranties beyond what’s stated)

Limitation of liability clauses

  • Is there a cap on damages? (If yes, make sure it’s high enough to matter)
  • Are certain damages excluded? (Usually: indirect, consequential, lost profits, lost data)
  • Can you sue for more than you paid for the service? (Usually no – check this)
  • Does the cap apply to all situations or just some? (Exclusions for gross negligence/willful misconduct should apply)
  • What if you want to keep liability uncapped for certain risks? (Negotiate it)

Indemnification

  • Who has to defend whom if someone sues? (Example: vendor indemnifies you if their software infringes IP)
  • Do you have to indemnify them? (Most service contracts go both ways)
  • What exactly triggers indemnification? (Be specific – vague language creates disputes)
  • Are there limits on indemnification? (Usually capped at total contract value)

Insurance requirements

  • Does the other party need to carry insurance? (Liability, errors and omissions, etc.)
  • Do they need to name you as an additional insured?
  • Are the coverage amounts adequate? ($1M, $5M, depends on risk)
  • Can they cancel without notice? (Require 30 days notice)

SECTION 3: INTELLECTUAL PROPERTY

Ownership of work/deliverables

  • Who owns the IP created under this contract? (You, them, or jointly?)
  • Do you get a license to use it? (If you don’t own it, you need a license)
  • Can you modify it or integrate it into your products?
  • Can you resell it or license it to others? (Important if you’re building on their work)
  • For service providers: do they retain rights to tools/processes they develop? (They often want to)

Pre-existing IP

  • What IP did the other party bring into this contract? (Their existing tools, methodologies)
  • What IP are you bringing? (Your customer lists, processes, data)
  • Does either party retain ownership of their pre-existing IP?
  • Do you get a license to their pre-existing IP? (Duration, exclusivity, transferability?)

Third-party IP and compliance

  • Does the contract use any third-party IP (open source, licensed technology)?
  • For software: review open source licenses (GPL is restrictive and could affect your business)
  • Are all third-party licenses properly attributed and complied with?

SECTION 4: DATA AND PRIVACY

Data handling and protection

  • Will we be sharing customer data with the other party?
  • Who is responsible for data security? (Both parties, or just one?)
  • Are they compliant with PIPEDA, GDPR (if EU customers), or other privacy laws?
  • Do they have a data security and incident response plan?
  • Can they subcontract data handling to third parties? (Make sure you approve them)
  • What happens to our data if the contract ends? (Data return, deletion, retention)

Data breach notifications

  • If they get hacked and our data is exposed, what are they obligated to do?
  • How quickly must they notify us?
  • Are they responsible for notifying our customers/regulators?
  • Are they liable for damages from the breach? (Usually not – see liability caps above)

Data portability and lock-in

  • Can we easily export our data when the contract ends?
  • In what format? (Ask for standard formats you can import elsewhere)
  • Is there a fee to export data?
  • How long do they retain our data after the contract ends?

SECTION 5: CONFIDENTIALITY AND NON-DISCLOSURE

What’s confidential?

  • What information is covered by the confidentiality obligation?
  • Are there exceptions? (Public information, information they already knew, etc.)
  • How long is the confidentiality period? (1 year, 3 years, perpetual?)

Permitted disclosures

  • Can they disclose to their employees/contractors? (Usually yes, but they should require them to keep it confidential too)
  • Can they disclose to their investors/lenders? (Often yes, but under NDA)
  • Can they disclose if required by law? (Usually yes, but require them to notify you so you can seek a protective order)

Return of confidential information

  • What happens to confidential information when the contract ends?
  • Must it be returned or destroyed?
  • Can they keep it for compliance/legal purposes?

SECTION 6: COMPLIANCE AND LEGAL OBLIGATIONS

Regulatory compliance

  • Does this contract involve handling regulated data? (Financial data, health data, etc.)
  • Are both parties compliant with relevant regulations?
  • Who bears the cost of compliance?
  • What if regulations change during the contract term?

Compliance with laws

  • Does the contract require compliance with all applicable laws? (It should)
  • Are there specific laws mentioned? (PIPEDA, accessibility laws, etc.)
  • What if one party can’t comply due to laws in their jurisdiction? (Is there an out?)

Sanctions and restrictions

  • Is the other party compliant with sanctions laws and export controls?
  • Are they dealing with any restricted countries or individuals? (Especially relevant for cross-border deals)

SECTION 7: CONTRACT ADMIN AND CHANGES

Amendments and modifications

  • Can the contract be amended? (Usually only in writing)
  • Who needs to approve amendments?
  • Can either party unilaterally change terms? (Watch out for this – one-sided power is dangerous)

Entire agreement clause

  • Does the contract say it’s the “entire agreement”? (Means oral promises don’t count)
  • Are there any side letters or prior agreements that should be referenced?

Severability

  • If one clause is found to be illegal, does the whole contract void? (Should say no – just that one clause)

Governing law and jurisdiction

  • Which province/country’s laws apply?
  • Where would disputes be resolved? (Courts, arbitration?)
  • Are you comfortable with this jurisdiction? (Arbitration can be expensive; courts vary by province)

SECTION 8: DISPUTE RESOLUTION

Dispute mechanism

  • How are disputes handled? (Litigation, arbitration, mediation?)
  • Is there a notice period before either party can sue? (30-60 days to try to resolve)
  • Who pays legal fees if there’s a dispute? (Usually each party pays their own, but some contracts shift fees)

Escalation path

  • Is there a structured escalation? (Support contact, manager, executive?)
  • Do both parties agree to try mediation before litigation?

SECTION 9: CHANGE OF CONTROL

Assignment restrictions

  • Can the other party assign the contract to a buyer if they get acquired?
  • Do you have consent rights? (Make sure you can object if they’re acquired by a competitor)
  • If they assign without consent, can you terminate?

Your assignment rights

  • Can YOU assign or sell the business to someone else?
  • Does the other party have termination rights if you get acquired?
  • Is there a purchase option they have if you’re acquired? (Watch for this – can force you to continue or let them buy in)

Red Flags: What to Watch Out For

One-sided limitation of liability – They can sue you for unlimited damages, but you’re capped at $10K. Push back.

Automatic renewal with difficult cancellation – Contract renews unless you cancel by a specific date. Make a calendar reminder.

Vague scope of work – “Professional services” or “reasonable efforts” without specificity. Ask for detailed specifications.

Undefined data handling – They’ll have access to customer data but the contract doesn’t spell out security obligations. Add requirements.

Overly broad confidentiality – They can claim almost anything is confidential, restricting your ability to discuss the relationship. Narrow the definition.

Unilateral termination by them – They can terminate anytime for any reason, but you have obligations continuing. Seek reciprocal termination rights.

Automatic escalation of costs – Contract says they can increase fees by X% yearly without your consent. Ask for cap or right to decline and terminate.

Assumption of unlimited liability – You’re agreeing to indemnify them for anything, even if it’s their fault. Limit it to what you actually control.

The Contract Review Process: How to Do It Right

Step 1: Skim for surprises (15 minutes) – Read it quickly to understand the scope, price, term, and any unusual clauses.

Step 2: Use this checklist (30-60 minutes) – Go through each section systematically, noting anything unclear or concerning.

Step 3: Negotiate problematic terms (1-2 hours) – Circle the red flags. Propose changes. Discuss with the other party.

Step 4: Legal review (if needed) (1-3 hours) – For important contracts, have a lawyer review your final draft before signing.

Step 5: Final read and sign (15 minutes) – One last read to make sure negotiated changes were captured correctly. Then sign.

FAQ: Contract Review

Q: Do I need a lawyer to review every contract?
A: For Tier 1 (routine) contracts, no – use this checklist. For Tier 2 (important) contracts, depends on your risk tolerance. For Tier 3 (critical) contracts, yes.

Q: What if the other party won’t negotiate?
A: That’s a red flag. Push back on the most important terms. If they absolutely won’t budge on anything, make sure you understand the risk you’re accepting.

Q: How long should I take to review?
A: Don’t let urgency force you to skip it. A 30-minute delay to review is cheap insurance. But don’t overthink minor issues in a small deal.

Q: Should I keep contracts after they expire?
A: Yes. Retain them for at least 6-7 years for tax and legal purposes. They might matter in a dispute or audit.

The Bottom Line: Understand Before You Commit

Contracts are agreements. You need to understand what you’re agreeing to before you sign. This checklist ensures you do.

Need help reviewing an important contract? Learn about our contract review services, or reach out to discuss a specific contract. I can help you negotiate better terms and avoid hidden risks.

Share the Post: