Many nonprofit executives assume the hard part of adopting an AI tool is choosing the right one. The harder part is often what happens after the demo, when someone puts a contract in front of you and the sales cycle is already over.
AI vendor contracts for nonprofits are not like typical software contracts. The data and confidentiality issues can be more complicated, the liability questions are less settled, and the language vendors use to describe what they can do with your information is often buried in definitions sections that very few will read until something goes wrong.
Critically reviewing the vendor contract through legal, governance, and operational lenses should be part of the organization’s overall AI policy and governance process.
For nonprofit executive directors and CEOs, the primary goal is know which questions to ask and which clauses deserve a closer look before the organization is committed.
This article walks through the contract issues that often matter most when a nonprofit is evaluating an AI vendor relationship.
Why AI Vendor Contracts Deserve More Scrutiny Than Standard Software Agreements
A standard software contract typically covers access, uptime, support, and payment terms. The data questions are relatively contained: the vendor stores your data, keeps it secure, and gives it back when you leave.
AI vendor contracts introduce a different set of questions because AI tools are not just storing your data. They may be learning from it, using it to improve their models, sharing it with subprocessors, or processing it in ways that are not obvious from the product description.
The information a nonprofit puts into an AI system can include donor records, member data, employee files, board materials, legal communications, financial information, certification candidate data, and confidential program content. Many of those categories carry legal obligations, confidentiality expectations, or fiduciary implications that a standard software contract was never designed to address.
Not every AI vendor relationship carries the same risk. A general-purpose AI platform used for routine drafting raises different issues than a donor analytics tool, an HR screening tool, a certification platform, or a publication workflow tool. The contract review should match the use case. The more sensitive the data, the more consequential the output, and the more the tool affects individual rights or organizational decisions, the more scrutiny the contract deserves.
That gap between what the contract says and what the tool actually does is where nonprofit risk tends to accumulate.
The Data Training Question
The single most important question in any AI vendor contract is whether the vendor uses your data to train or improve its AI models.
Many AI tools, particularly consumer-facing and lower-cost platforms, include broad rights to use inputted content for model training and improvement. That language is often buried in a terms of service or acceptable use policy rather than the main agreement. It may be written as a default that applies unless you opt out, or it may be written as a non-negotiable condition of the service.
What that means in practice is that confidential information entered into the tool may be used in ways the organization did not intend and cannot easily monitor, restrict, or unwind. The risk is not just a conventional data breach. The problem is loss of control over how organizational information is used, retained, or incorporated into the vendor’s systems.
Before signing, the organization should know:
- Does the vendor use customer data to train or improve AI models?
- Is that a default setting or can it be turned off?
- If it can be turned off, is that reflected in the contract or just a settings toggle that could change?
- Does the answer differ between the free version and a paid or enterprise tier?
- Are there any additional terms for discounted nonprofit versions of the platform?
For most nonprofits, the right answer is a contract that explicitly prohibits the use of organizational data, customer data, and user inputs for model training unless the organization has made a deliberate, approved decision to allow it for certain use cases.
Subprocessors and Data Sharing
AI vendors rarely operate entirely on their own infrastructure. Most rely on subprocessors for cloud hosting, model computation, data storage, analytics, or other functions. That means your data may flow to third parties you have never heard of and never agreed to work with directly.
A well-drafted AI vendor contract should:
- Identify the subprocessors the vendor currently uses or disclose them through a maintained list
- Require the vendor to notify the organization before adding new subprocessors that will handle organizational data
- Confirm that subprocessors are bound by data protection obligations at least as strong as those in the main agreement
- Specify where data is stored and processed, which matters for organizations subject to state privacy laws or international data regulations
The practical concern is beyond simple legal compliance. It is that the organization may have made a data governance decision about which AI vendor to trust, without realizing that decision also covers a chain of subcontractors it knows nothing about.
Data Security and Breach Notification
AI vendor contracts vary considerably in what security obligations they actually impose on the vendor and what happens when something goes wrong.
Before signing, the organization should confirm:
- What security standards the vendor is required to maintain, and whether those are vague aspirations or specific certifiable standards
- Whether the vendor is required to notify the organization of a security incident, and within what timeframe
- What the vendor’s obligations are after a breach, including cooperation with investigation, notification support, and remediation
- Whether the vendor carries cyber liability insurance and in what amounts
Nonprofits that handle regulated categories of data, including health information, student records, or personal data subject to state privacy laws, should also confirm that the vendor’s security obligations are sufficient to satisfy the organization’s own compliance requirements. A vendor contract that does not meet those standards may increase the nonprofit’s regulatory exposure.
What Happens to Your Data When the Contract Ends
This is a clause that organizations frequently overlook during vendor evaluation and regret later.
When an AI vendor relationship ends, whether by expiration, termination, or the vendor going out of business, the organization needs to know:
- Whether the vendor will return organizational data in a usable format
- When and how the vendor will delete organizational data from its systems
- Whether data used in model training can actually be removed or whether it is effectively permanent
- What documentation the vendor will provide confirming deletion
The contract should also address backup copies and retention periods. A vendor may delete active account data while retaining copies in backup systems for a defined period. That may be acceptable, but the organization should know what remains, for how long, and under what protections. The nonprofit should also confirm that vendor deletion does not conflict with its own record retention obligations, which may require preserving certain records for legal, audit, grant, employment, certification, or governance purposes.
The last point is particularly important for AI tools that may have ingested organizational data into a model. Unlike a database where deletion is straightforward, data that has been used in model training may not be fully extractable. A vendor that cannot clearly answer what happens to your data at contract end is a vendor that warrants additional scrutiny.
Liability Limits and Indemnification
Most AI vendor contracts include aggressive limitations on liability. A vendor may cap its total liability at the fees paid in the prior three or six months, exclude consequential damages entirely, and disclaim any warranty that the tool will produce accurate or legally compliant outputs.
Those limitations a pivotal because AI tools can cause real harm. A vendor’s tool might generate inaccurate information that the organization publishes. It might produce content that infringes a third-party copyright. It might make a biased recommendation in a hiring or credentialing process. In each case, the organization may face a claim from an outside party while the vendor’s contract insulates it from meaningful responsibility.
Before signing, the organization should:
- Understand what the liability cap actually covers and whether it is realistic given the potential harm
- Confirm whether there are carve-outs to the cap for data breaches, confidentiality violations, or indemnification obligations
- Identify whether the vendor offers any indemnification for intellectual property claims arising from the tool’s outputs, which some vendors now provide and others explicitly exclude
- Assess whether the contract’s risk allocation is consistent with the organization’s insurance coverage
- Determine if the liability limitations are reasonable based on the claims the vendor is making. For example, if a vendor product relates to ensuring compliance with a regulatory requirement, the vendor should be responsible for such compliance.
For higher-risk AI uses, such as tools that will touch sensitive data, employment decisions, or published content, accepting standard vendor liability limitations without negotiation may not be appropriate.
Intellectual Property in AI Outputs
Vendor contracts should address who owns the content the tool produces when used by the organization.
Many AI vendors claim broad rights to outputs generated through their platforms, or at minimum disclaim any warranty that the organization has clear ownership of what the tool produces. That creates uncertainty for nonprofits that intend to publish, license, sell, or rely on AI-assisted content as official organizational work.
The contract should confirm:
- Whether the organization owns outputs generated through its use of the tool
- Whether the vendor claims any license or rights in those outputs
- Whether the vendor warrants that outputs do not infringe third-party intellectual property rights
- What happens if a third party claims that AI-generated content infringes their copyright or other rights
The organization’s own AI governance policies should separately require human authorship for content it intends to own and protect. But the vendor contract should also address the ownership question on its own terms.
Accuracy and Professional Reliance
AI vendors almost universally disclaim any warranty that their tools will produce accurate, complete, or reliable outputs. That is not unreasonable given the current state of the technology. But it has practical implications for how the organization uses the tool and what it puts in the contract.
If the organization is using an AI tool to support functions where accuracy is important, including grant writing, regulatory compliance, member communications, educational content, certification materials, or legal research, the vendor’s disclaimer of accuracy should inform the human review requirements the organization builds into its own policy.
It should also inform the risk allocation discussion. A vendor that disclaims all responsibility for accuracy while selling a tool specifically for compliance or professional use is transferring all of that risk to the organization. That transfer may or may not be acceptable depending on the use case, but it should be a deliberate decision rather than something discovered after a problem occurs.
Regulatory Compliance Representations
Depending on the data the organization handles and the jurisdiction it operates in, certain AI uses may implicate specific regulatory requirements, including state privacy laws, sector-specific federal regulations, international data protection frameworks, or local AI-specific regulations such as requirements around automated employment decision tools.
The contract should not simply say the vendor will comply with “applicable law” without explaining what that means for the product being purchased. For higher-risk uses, the organization should understand whether the vendor is accepting responsibility for any part of privacy compliance, employment compliance, data processing compliance, accessibility, records retention, or sector-specific obligations. If the vendor refuses to make meaningful compliance commitments, the organization should assume that responsibility remains with the nonprofit.
Practical Steps Before Signing
Vendor evaluation is the right time to raise these issues, not after the sales cycle is complete or the contract is signed. A few practical steps:
Ask the vendor directly. Before the contract stage, ask whether the tool uses customer data for model training, who the subprocessors are, what the security certifications are, and what the data deletion process looks like at contract end. How a vendor answers those questions, or whether it can answer them at all, is useful information. Be careful not to accept blanket statements from the vendor, the details matter.
Read the full agreement including incorporated documents. AI vendor contracts often incorporate terms of service, privacy policies, acceptable use policies, and data processing agreements by reference. The most important provisions are sometimes in those incorporated documents rather than the main agreement. These can be complex and is where we, as lawyers practicing in this area, shine.
Have counsel review before signing for higher-risk uses. A tool that will touch sensitive data, employment decisions, published content, or certification processes warrants legal review before the organization commits. The cost of that review is modest compared to the cost of a data incident, a copyright claim, or an employment discrimination matter.
Negotiate where it matters. Data training prohibitions, subprocessor notification requirements, security standards, and liability carve-outs may be negotiable with some vendors, particularly at the enterprise tier. Organizations that do not ask do not get. Don’t assume that because something is in “the cloud” that terms cannot be negotiated.
Match the contract to your insurance. The liability allocation in the vendor contract should be considered alongside the organization’s cyber, media, and professional liability coverage. Gaps between what the vendor will cover and what the organization’s insurance covers are worth identifying before rather than after a claim.
The Bottom Line
AI vendor contracts are not standard software agreements. The data issues are more complicated, the liability questions are less settled, and the language vendors use to describe their rights over your information requires careful reading.
For nonprofit executives evaluating an AI vendor relationship, the goal is to understand what the organization is agreeing to before it agrees, particularly around data training, subprocessors, security, liability, and data deletion.
Nonprofits that get this right treat vendor contract review as part of their AI governance process, not as an afterthought once the purchasing decision has already been made.
If your organization is evaluating AI vendors and wants to understand the contract and governance issues before signing, Org Law works with nonprofits, associations, certification bodies, and professional societies on exactly these questions. A focused contract review or governance consultation can help identify where the exposure is and what to do about it before it becomes a problem.
Dan Liutikas is the founder and managing attorney of Org Law, PLLC. He has served as outside general counsel, in-house general counsel, and CEO of global trade associations. Org Law provides governance and legal counsel to nonprofit organizations, associations, and credentialing bodies. Contact Us to discuss AI Governance and Policy needs.