If you run a small business in the UK and you have an IT support contract, there is a reasonable chance it contains at least one clause designed to benefit your provider more than you. That is not cynicism — it is pattern recognition after years of reading these things. The tricks are not new. Response time SLAs that sound impressive but guarantee nothing. Auto-renewal clauses that roll you into another year before you notice. Exit fees calculated to make leaving more expensive than staying. Hidden costs for work you assumed was included. This is a plain-English guide to reading your IT support contract properly, spotting the red flags, and understanding what the law actually says about unfair terms.
The SLA Trick That Catches Everyone
SLA Benchmarks: What UK Small Businesses Should Expect
Target response and resolution times by priority level for a UK small business IT support contract.
Source: CTC editorial assessment based on UK IT channel benchmarks, February 2026
The single biggest sleight of hand in UK IT support contracts is the difference between response time and resolution time. Your contract probably guarantees a response within one hour for critical issues. That sounds reassuring until you realise that a response is not a fix.
A response means someone acknowledged your ticket. They sent an email. They logged it. They might have said "we are looking into it." That is the SLA met. Your server is still down, your email is still broken, and your staff are still sat around unable to work — but the provider has hit their contractual target.
Resolution time is the number that matters, and it is the number that the typical IT support contract either buries in the small print or omit entirely. If your contract guarantees a one-hour response but says nothing about resolution, you have a commitment to be acknowledged, not a commitment to be helped.
A fair IT support contract for a UK small business should specify both. For a critical issue — server failure, total email outage, suspected data breach — a reasonable SLA is a 30-minute response and a 4-hour resolution target. For high-priority issues, a 1-hour response and 8-hour resolution. For medium and low priority, 4-hour response and 24 to 48-hour resolution respectively. If your contract does not break issues into priority levels with separate targets for each, it is not an SLA. It is a vague promise.
Ask your provider for their SLA compliance data from the past quarter. If they cannot produce it, they are not tracking it. If they are not tracking it, the SLA in your contract is decorative.
Auto-Renewal: The Clause That Relies on You Not Reading Your Post
Auto-renewal clauses are standard in UK IT support contracts and they are not inherently unfair. The problem is how they are structured. A 12-month contract that auto-renews for another 12 months unless you give 90 days written notice is designed to catch you out. The average business owner does not have a calendar reminder set for 90 days before a renewal date they agreed to two years ago.
The worst versions are 24 or 36-month contracts with 90-day notice periods and automatic renewal for the same term. Miss the window by a week and you are locked in for another two or three years. Some providers compound this by requiring notice to be sent by recorded delivery to a specific address — not by email, not by phone, and certainly not by the support portal you use for everything else.
What the law says: For business-to-business contracts, the Unfair Contract Terms Act 1977 applies. UCTA does not ban auto-renewal clauses, but it does require that any clause limiting liability or restricting your rights passes a "reasonableness" test. A 36-month auto-renewal with a narrow exit window could be challenged as unreasonable, particularly if the provider failed to send you a renewal reminder.
Note that the Consumer Rights Act 2015, which offers stronger protections against unfair terms, applies only to business-to-consumer contracts. If your business is a limited company contracting with an IT provider, CRA 2015 does not cover you. If you are a sole trader purchasing IT support for personal and business use, you may have CRA protection — but the line is grey and untested for IT services. Do not assume you are protected.
The Competition and Markets Authority published draft revised guidance on unfair contract terms in January 2026, currently open for consultation until March 2026. The refreshed CMA37 guidance clarifies that terms creating a clear imbalance to the detriment of the weaker party can attract penalties of up to 10 per cent of global turnover or £300,000. That guidance is aimed at consumer contracts, but it signals the direction of travel for regulators.
What to do: Set a calendar reminder for 120 days before your renewal date. Request that your provider sends renewal reminders by email at least 60 days before the auto-renewal kicks in. If they refuse, that tells you something about their business model.
Hidden Costs: What "Fully Managed" Does Not Always Mean
The phrase "fully managed IT support" appears on every IT company's website in the UK. It rarely means what you think it means. Read the inclusions and exclusions schedule in your contract — if there is one. If there is not one, ask for a written list of what is and what is not covered by your monthly fee.
Common exclusions that catch small businesses out include project work (anything that is not break-fix or day-to-day support), new user setup and offboarding (some providers charge per user for onboarding), out-of-hours support (your monthly fee covers 9 to 5 Monday to Friday — anything outside that is billed at an hourly rate, often £120 to £180 plus VAT per hour), on-site visits (remote support is included, but if an engineer needs to come to your office, that is extra), hardware procurement (your provider buys equipment on your behalf and adds a margin, sometimes 15 to 30 per cent above retail), and third-party vendor management (dealing with your broadband provider, printer company, or phone system supplier is billed separately).
None of these exclusions are unreasonable in principle. The problem is when they are not made clear upfront and you discover them on your first invoice after signing the contract. A transparent provider lists every exclusion in the contract and quotes a realistic total cost of ownership, not just the monthly retainer.
The backup question: Ask your provider whether backups are included in your monthly fee and what exactly is backed up. Some providers charge separately for backup services, others include basic backups but charge extra for tested restores, and a few include everything. If your provider cannot tell you immediately what is backed up, where it is stored, and when it was last tested, your backup provision is not managed — it is hoped for.
The licence question: Software licences are another area where costs hide. Your monthly retainer may not include the Microsoft 365 licences your staff use, the antivirus subscriptions on your devices, or the remote monitoring agent that your provider installs on every machine. These are sometimes billed separately at a markup. Ask for a line-by-line breakdown of every recurring charge — the retainer, the licences, the backup service, the monitoring tools — so you can see the real monthly cost rather than the headline figure.
Exit Fees: The Price of Leaving
Early Termination Fee Structures in UK IT Support Contracts
Comparison of common exit fee models for a 24-month contract at £2,000 per month, showing cost of leaving at the 12-month mark.
Source: CTC editorial assessment based on UK IT channel contract analysis, February 2026
Exit clauses are where IT support contracts show their teeth. The standard approach is to charge a percentage of the remaining contract value as an early termination fee. A 24-month contract at £2,000 per month with a 75 per cent early termination fee means leaving after 12 months costs you £18,000. That is not a fee — it is a wall.
More moderate contracts charge 50 per cent of remaining value, and the fairest charge a declining percentage: 100 per cent in the first quarter, 75 per cent in the second, 50 per cent in the third, and 25 per cent in the fourth. Some charge a flat fee of two or three months regardless of when you leave. The variation is wide enough that you should read the exit clause before you sign, not when you want to leave.
The credential hostage problem: The exit fee is the financial barrier. The operational barrier is what happens to your data and admin access when you tell your provider you are leaving. Your Microsoft 365 tenant, your domain name DNS, your firewall configuration, your backup encryption keys — if your provider registered any of these in their name or holds the only admin credentials, your departure depends on their cooperation.
A good IT support contract specifies that all credentials, configurations, and admin access will be handed over within 14 days of notice being given, regardless of whether the notice period has expired. It should state that your data remains your property and that the provider will cooperate with any incoming provider during the transition.
If your contract says nothing about handover, add it. If your provider refuses to add handover terms, they are telling you that they view your dependency as a retention tool. That is not a partnership.
The "Per Device" Pricing Trap
Some UK IT support providers price per device rather than per user. This sounds like a detail, but it can double your costs without changing what you receive.
A single employee might use a laptop, a mobile phone, and a docking station with a monitor. Under per-user pricing, that is one unit. Under per-device pricing, that could be two or three units depending on how your provider defines "device." When you add tablets, shared printers, network switches, and a server, the per-device count escalates rapidly.
Per-user pricing is simpler, more predictable, and easier to benchmark against other providers. If your provider uses per-device pricing, ask for a complete device inventory and reconcile it against your actual staff count. If you have 15 staff but are paying for 40 devices, the arithmetic is not in your favour.
What a Fair Contract Looks Like
A fair UK IT support contract for a small business is not complicated. It should contain a clear scope of services with inclusions and exclusions listed, SLAs with both response and resolution targets by priority level, a contract term of 12 months or monthly rolling, a notice period of 30 days, an exit clause with proportionate termination fees (or none), a handover schedule specifying credential transfer and data return, insurance confirmation covering Professional Indemnity and Cyber Liability at £1 million minimum each, and a right to audit SLA performance data.
The contract should fit on fewer than ten pages. If your IT support agreement runs to 30 pages of dense legal text, it was written to protect the provider, not to define a working relationship.
One clause worth adding yourself: a right to benchmark pricing annually. This gives you the ability to compare your provider's charges against current market rates without triggering the exit clause. If the benchmark shows you are paying significantly above market, the contract should allow you to renegotiate terms or exit without penalty. Providers who are confident in their pricing will accept this. Providers who rely on inertia will not.
Reading Your Contract This Week
You probably signed your IT support contract two or three years ago and have not looked at it since. Pull it out this week and check five things. What are the response AND resolution SLAs? When does the contract auto-renew and what is the notice period? What is the early termination fee? What is excluded from the monthly retainer? What happens to your data and admin credentials when you leave?
If you cannot find clear answers to all five in the contract, call your provider and ask. Their willingness to answer — and the speed at which they can — tells you as much about the relationship as the contract itself.
