This guide explains the different parts that make a sub-contracting block.



A subcontracting clause in the context of tech contracts refers to a provision in a contract that sets forth the terms and conditions under which a party (the primary contractor) can engage third-party service providers or subcontractors to perform specific tasks or deliverables outlined in the main contract.

Subcontracting is a common practice in the technology industry, as it allows companies to leverage specialized expertise and resources to complete complex projects more efficiently.



This parts states if subcontracting is allowed or prohibited. In tech contracts, it’s common to allow subcontracting when specialized expertise is needed, such as software development, cybersecurity, or data analysis.


This part outlines the communication requirements for informing the client about subcontracting arrangements, such as providing a list of potential subcontractors or a description of their roles.


This part specifies if the client has the right to approve or reject subcontractors, and the criteria for approval, such as technical capabilities, financial stability, and past performance.

Sub-contractor qualifications

This part outlines the required qualifications for subcontractors, such as relevant certifications (e.g., ISO 27001 for information security management), professional licenses, or specific technical expertise.


This part establishes the liability of the primary contractor and subcontractor in the event of breaches, damages, or delays, emphasizing that the primary contractor remains ultimately responsible for the subcontractor’s performance.


This part addresses the confidentiality requirements for subcontractors, requiring them to protect proprietary or sensitive information, such as trade secrets, customer data, or intellectual property.

Important considerations

World Commerce and Contracting Principles

World Commerce and Contracting provides the following principles relating to sub-contracting:

  1. As solutions to customers’ needs and the breadth of offerings become more complex and require expertise and technology not necessarily resident in one single supplier, it is common for suppliers to “team” or “partner” with other companies to meet those customer requirements. However, customers rightfully look to suppliers to serve as their sole contracting party (i.e., prime contractor) with respect to the entire solution or scope of work being provided.
  2. The supplier should take full responsibility for ensuring that the entire solution works, or the entire scope of work is delivered and performed as contracted for, including those elements provided by Subcontractors, as if the supplier was providing the solution/scope of work entirely by itself. Accordingly, the supplier should accept liability (subject to the applicable limitations and exclusions) for all acts and omissions of Subcontractors in connection with the transaction.
  3. If the customer and supplier have agreed to certain terms that apply, either explicitly or implicitly, to Subcontractors, it is the supplier’s responsibility to ensure that those terms are flowed down to the Subcontractors as appropriate. Similarly, terms mandated by a Subcontractor may have to be flowed up to the customer to ensure that the supplier, who may be liable to the Subcontractor for acts or omissions of the customer, is not in breach of the Subcontractor contract.
  4. With respect to software licenses, it may be appropriate for Subcontractor licenses to flow directly to the customer, in which case those licenses create contractual privity between the customer and the Subcontractor for that limited purpose.
  5. Except as set forth in Principles 6 through 10 below, as far as possible, the sharing of responsibilities between the supplier and its Subcontractors should be transparent to the customer, and the customer should not have to undertake any role in overseeing the activities of Subcontractors.
  6. The extent to which a customer should have the right to pre-approve Subcontractors should be a function of the access any Subcontractor has to the customer’s sensitive information or internal networks or databases or if the Subcontractor will be badged or given the freedom to work in a customer location on an unescorted basis. Customers may also have a right to pre-approve any Subcontractor if it will be providing a very large proportion of the overall solution or work. However, if the supplier will be unable to provide its solution/services/product without the use of certain Subcontractors, it is important that the supplier should request for pre-approval of the use of such Subcontractors in the contract itself (as opposed to waiting to ask for that consent post-contract) and, If need be, state that without use of that Subcontractor, it may be impossible for the supplier to provide the solution/service/product to the customer at the agreed price or under the same terms (e.g., SLA).
  7. A customer should have a right to approve or reject a Subcontractor if it is a competitor to the customer (albeit in some cases the customer may not have a choice but to approve a competitor if it is the only provider of a key component of the solution, in which case it is fair that the customer impose additional confidentiality safeguards to protect its interests).
  8. Customers have a right to impose the same requirements on Subcontractor employees as they do on supplier employees (e.g., background checks, adherence to confidentiality obligations, prohibitions to human trafficking and child labor, compliance with security policies) if the Subcontractor personnel will be performing particular functions or activities that are the subject of those requirements under the customer-supplier contract.
  9. A customer should have the right to require the supplier to remove and replace a Subcontractor or a Subcontractor’s employee if either engages in activities that violates applicable customer policies or procedures or that are illegal.
  10. The supplier should ensure that any audit rights a customer may have under the contract are extended to its Subcontractors who are performing functions or have obligations that fall within the scope of permitted audits (e.g., audits related to activities that form the basis for charges).
    Personal data handling, data protection, and the movement of data across jurisdictional lines need to reflect activities of Subcontractors and not just the supplier. Subcontractors’ roles will determine the applicability of GDPR and other laws and regulations to those activities, particularly with respect to whether they are Processors or Controllers. These must be explicitly handled in the relevant contract provisions.
Ninja holding a laptop explaining tech contracts

Interested in our Contract Builder?

Table of Contents

Master contracts now
Elevate your career!

Try for free. No credit card required.

Elevate your legal game with ContractNinja.

Form part of the spearhead movement of shaping the global standard for tech contracts.