Indemnification Agreements: When You Need One And Key Clauses

If you run a small business, you’re probably used to managing risk in practical ways - checking suppliers, insuring your equipment, and making sure invoices get paid on time.

But sometimes, the biggest risk is the one hidden in your contracts: who pays if something goes wrong?

That’s where an indemnification agreement (or an “indemnity”, in plain terms) can make a real difference. When used properly, it can shift specific losses from your business to another party - which is especially important when you’re working with contractors, suppliers, technology providers, or commercial partners.

Below, we break down what an indemnification agreement is in the UK, when you’re likely to need one, and the key clauses to include so it actually protects you in the real world (not just on paper).

What Is An Indemnification Agreement?

An indemnification agreement is a contract where one party agrees to compensate (or “indemnify”) the other party for certain losses or liabilities.

In practice, it’s a way of answering questions like:

• If a third party sues, who pays the legal costs?
• If a customer makes a claim because of a supplier’s mistake, who covers the payout?
• If IP infringement is alleged, who handles the defence and any settlement?

You’ll often see indemnities included inside other documents (like a services contract). But sometimes it makes sense to document them separately as a standalone indemnification agreement - especially where the indemnity is a major part of the deal.

Indemnity Vs “Indemnification Agreement” - Is There A Difference In The UK?

In UK business practice, people commonly use “indemnity” and “indemnification agreement” to mean the same thing.

Legally, an indemnity is typically a promise to protect the other party against certain losses. An indemnification agreement just means the indemnity terms are documented in an agreement (either standalone or embedded in a broader contract).

Is An Indemnification Agreement Legally Binding?

Usually, yes - provided it forms part of a valid contract.

Like any contract, you generally need the essentials: clear offer and acceptance, intention to create legal relations, and consideration. It’s also important that the wording is certain enough to be enforceable (vague indemnities often become expensive arguments later).

It can help to sense-check your position against the basic principles of contract formation before relying on an indemnity as your main protection.

When Do Small Businesses Need An Indemnification Agreement?

You don’t need an indemnification agreement for every deal. But there are a few situations where it’s particularly common - and where not having one can expose you to costs you never priced into the job.

1) When You Provide Services And Use Contractors Or Subcontractors

Let’s say you’re an agency, consultancy, or trades business and you use subcontractors to deliver work. If they cause damage, infringe IP, or create a regulatory problem, your customer may still pursue you, because you’re the contracting party.

An indemnification agreement (or indemnity clause in your main contract) can require the contractor to reimburse you for those losses.

This is often documented within a broader Service Agreement so the scope of work, payment terms, and liability settings all align.

2) When You Buy Goods Or Components From Suppliers

If you sell products to consumers (or even to other businesses), you may be legally responsible for quality, safety, and compliance - even if the problem started in the supply chain.

For example:

• A component is defective and causes damage
• Labelling is non-compliant
• The supplier’s product infringes someone else’s IP

A well-drafted indemnity can require the supplier to cover losses arising from their breach, defect, or infringement - including customer claims and recall costs (where appropriate).

3) When You Use Or Provide Technology (Software, SaaS, Website Builds)

Tech contracts are a classic “indemnity zone” because the risks can be hard to predict and very expensive when they land.

If you’re buying software, you might want an indemnity from the provider covering third-party IP infringement claims (for example, if their software allegedly infringes someone’s copyright or patent).

If you’re the provider, you’ll often want to limit what you indemnify for and tie it back to how your service is intended to be used.

4) When You’re Entering A Partnership Or Joint Venture

When you work closely with another business (especially on a revenue-share or joint delivery basis), your risks become linked.

Indemnities can help allocate responsibility for specific categories of risk, such as:

• Regulatory non-compliance
• Misuse of customer data
• Employment-related liabilities
• Tax liabilities tied to a particular party’s actions

5) When You’re Buying Or Selling A Business Or Assets

In business sales, indemnities are often used to deal with specific identified risks - for example, a known dispute, a tax issue, or a particular contractual exposure that can’t be fully “warranted away”.

Because this can get technical quickly, indemnities in this context are usually heavily negotiated and closely tied to the due diligence process.

What Should An Indemnification Agreement Cover?

The main trap with indemnities is that they can look “standard” - but the details are where the protection either works or falls apart.

At a high level, your indemnification agreement should clearly cover:

• What losses are covered (and what’s excluded)
• What events trigger the indemnity (breach, negligence, infringement, etc.)
• How claims are handled (notice, defence, settlement control)
• How the indemnity interacts with liability caps and limitation clauses
• How long the indemnity lasts

It’s also important to remember that an indemnity is not the same as insurance. An indemnity is only as good as the other party’s ability (and willingness) to pay. That’s why it’s common to pair indemnities with requirements to maintain insurance and provide evidence of cover.

Key Clauses To Include In An Indemnification Agreement (And Why They Matter)

If you’re drafting or reviewing an indemnification agreement, these are the clauses we’d normally expect to see - and the points that often get missed in small business contracts.

1) Who Is Giving The Indemnity (And Who Is Protected)?

Start with the basics: identify the “Indemnifying Party” and the “Indemnified Party”. Then consider whether protection should extend to related people and entities, such as:

• your directors and officers
• employees and contractors
• group companies (where relevant)

This matters because many claims name multiple parties, and you don’t want to find out too late that your indemnity only protects the company, not the director who signed the statement of work or the employee who managed delivery.

2) Scope Of Losses Covered

Indemnities often refer to “losses”, but you’ll want clarity on what that actually includes. For example:

• legal costs (and whether that includes solicitor-client costs or only recoverable costs)
• settlement amounts and damages
• fines and penalties (where recoverable and enforceable - these can be limited by law and public policy)
• loss of profits (often hotly negotiated)
• indirect or consequential losses (commonly excluded)

For small businesses, legal costs are often the biggest “surprise” cost, so it’s worth being explicit about whether legal fees are covered from the start of a dispute, and on what basis.

3) Triggers: What Must Happen For The Indemnity To Apply?

An indemnification agreement is only helpful if the trigger events are clear. Common triggers include:

• breach of contract
• breach of law (for example, data protection breaches)
• negligence or wilful misconduct
• intellectual property infringement
• injury, death, or property damage caused by a party’s acts or omissions

If the trigger is too narrow, you might not be covered for real-world scenarios. If it’s too broad, you might be accepting open-ended risk you can’t control.

4) Notification And Claims Process (This Is Where Many Indemnities Fail)

Most indemnities require the indemnified party to notify the indemnifying party within a certain timeframe if a claim arises.

This section should cover:

• how notice must be given (email, post, specific address)
• what happens if notice is late (is the indemnity lost, or only to the extent of prejudice?)
• what information must be shared

If your indemnity has strict notice requirements and you don’t follow them, you may accidentally lose the protection you thought you had. This is one reason it’s important that your contracts include clear “notices” provisions and that your team knows where to send claims.

5) Control Of Defence And Settlement

When a third-party claim comes in, who gets to run the defence? Who chooses the lawyers? Who can settle?

Common approaches include:

• Indemnifying party controls the defence (but must keep you informed)
• Indemnified party controls the defence (and the indemnifying party reimburses costs)
• Shared control with consent rights on settlements

From a small business perspective, you’ll usually want to avoid a situation where the other party settles on terms that harm your reputation or force you to admit liability - even if they’re paying the settlement sum.

6) Liability Caps And How They Interact With The Indemnity

Indemnities often sit alongside limitation of liability clauses - and the relationship between them needs to be crystal clear.

For example:

• Is the indemnity subject to the overall liability cap?
• Are certain indemnities carved out of the cap (meaning unlimited liability)?
• Are there separate caps for specific risks (like IP infringement)?

This is where many commercial negotiations focus, because indemnities can effectively override a liability cap if the drafting isn’t careful.

If you’re including indemnities in your contracts, it’s worth aligning them with your limitation of liability clauses so you don’t accidentally agree to risk that’s bigger than the contract value.

7) Exclusions And “Indemnity Carve-Outs”

Even when you want an indemnity, it’s normal for the indemnifying party to insist on exclusions, such as where the loss arises because:

• you modified their deliverables without permission
• you used the goods or services outside the agreed scope
• you breached the contract or the law
• you ignored instructions or warnings

These exclusions can be reasonable, but they need to be drafted carefully. Otherwise, you end up with an indemnity that looks broad but is very easy to escape.

8) Insurance Requirements

An indemnity shifts risk on paper. Insurance improves the chance you’ll actually get paid if a claim arises.

You might require the indemnifying party to hold:

• public liability insurance (common for trades and on-site services)
• professional indemnity insurance (common for consultants and agencies)
• cyber insurance (in some data-heavy industries)

You can also require proof of cover (for example, a certificate of insurance) and set minimum coverage amounts.

9) Term And Survival

Some liabilities arise long after a project ends (for example, IP claims, data issues, or latent defects).

So you’ll want the indemnification agreement to deal with:

• when the indemnity starts
• how long it lasts
• whether it “survives” termination or expiry of the contract

For business-to-business contracts, it’s common for certain clauses (like confidentiality and indemnities) to survive termination, but the exact timeframe depends on the risk profile.

Common Mistakes To Avoid With Indemnification Agreements

Indemnities are powerful, but they’re also a common source of disputes. Here are mistakes we often see small businesses make - usually without realising it until there’s a claim.

Using A Generic Template That Doesn’t Match The Deal

Indemnities are very context-specific. A “standard” indemnity that makes sense for a software project might be totally unsuitable for a construction job or a supplier relationship.

Where possible, tie the indemnity drafting to the actual risks in your delivery model, and make sure your operational team can comply with any notice, reporting, or mitigation requirements.

Not Aligning Indemnities With The Rest Of The Contract

If your indemnity says one thing, but your termination, limitation of liability, scope of services, and dispute resolution clauses say another, you’ve created a contract that’s hard to enforce.

For example, if a claim arises and you need to move the agreement to a new entity (after a restructure), you may need a Deed of Novation - and if the indemnity wasn’t drafted to anticipate that kind of change, it can get messy.

Agreeing To “Unlimited” Indemnities Without Realising The Impact

Some indemnities are written so broadly that they are effectively unlimited liability.

That doesn’t automatically make them unenforceable - it just means you could be on the hook for losses far beyond the contract value. For a small business, that’s a genuine existential risk.

Ignoring Data Protection Risk

If you handle personal data (customer records, marketing lists, employee data), some indemnities will try to make you responsible for any data protection breach - even if the other party caused it.

Any indemnity dealing with personal data should be consistent with your GDPR obligations and your internal controls. In many cases, it’s also sensible to have a clear Privacy Policy and related data documentation in place so your compliance posture matches what you’re promising contractually.

Assuming An Indemnity Replaces Good Business Documentation

An indemnity is only one tool in your risk management toolbox. Depending on your business, you may also need other documents that allocate risk clearly, such as:

• customer terms and conditions
• supplier terms
• NDAs
• director protections (in some cases, a Deed of Guarantee and Indemnity)

Getting the “whole contract picture” right usually saves money compared to trying to patch risks later.

Key Takeaways

• An indemnification agreement is a contract where one party agrees to compensate another for specified losses - often arising from third-party claims, breaches, or negligence.
• Small businesses commonly need indemnities when working with contractors, suppliers, tech providers, or commercial partners where responsibility for risk needs to be clearly allocated.
• A practical indemnity should clearly define the protected parties, the scope of losses covered, the trigger events, and the claims process (including notice requirements and control of defence/settlement).
• Indemnities must be aligned with liability caps and other contract clauses - otherwise you can accidentally agree to much broader liability than intended.
• Generic templates are risky for indemnities; the drafting needs to match your actual business model, your operational processes, and the specific risks of the deal.

If you’d like help drafting or reviewing an indemnification agreement (or building it into your contracts in a way that properly protects your business), you can reach us at 08081347754 or team@sprintlaw.co.uk for a free, no-obligations chat.