10 Contract Templates Every UK Business Needs (Incl. Tips on Using Them)

Running a business comes with a set of legal requirements, and yet, many are left in the dark as to the what, why, and how, of meeting those obligations. What contract templates does a business need? And what exactly needs to be included in UK contract templates?

Graphic representing a small business owner holding an automated business contract template in the palm of their hand

In this post we're going to outline the 10 essential contract templates every UK business needs, we're going to explain why you need them, and link you to a series of lawyer-made contract templates to get you going.

  1. Employment contracts

  2. Articles of association

  3. Shareholders agreements

  4. UK GDPR Privacy Policy/Notice

  5. UK GDPR Cookie Notice

  6. Data Protection Policy

  7. Data Breach Policy

  8. Data processing agreement

  9. Non disclosure agreement (NDA)

  10. Supply of Goods and Services Agreements

Ok, let’s jump in.

Employment contract 

Growing a team is one of the more exciting aspects of running a business, but it’s not without legal obligations. When hiring into your team, you’ll need an employment contract that clearly sets out the terms under which your new employee has been employed. So, what should your employment contract cover?

Under UK law, all employment contracts have several mandatory sections known as “particulars of employment” or a “section one statement”. These include details such as:

●  salary;

●  working hours;

●  probation period;

●  holiday entitlement;

●  place of work;

●  and other key pieces of information.

In the UK, every employer is required to provide a “statement of particulars” of employment to each employee, but it isn’t strictly necessary to have an employment contract. However, a well-drafted contract template will provide better protection to the employer than the bare minimum statement. As well as complying with the law, an employment contract will also ensure your staff are equipped with the information needed while shielding your business from legal risk.

So, start as you mean to go on: with your best foot forward.


We have a range of lawyer-made employment contract templates available on the Docue platform designed to help your business stay protected and compliant regarding a wide variety of employment relationships.Here's a preview of a senior employment contract being built in Docue:

Want to see just how simple it can get this document drafted, customised and signed? Get the template →

Articles of association

Up next, articles of association! Every limited company registered in the UK is required to have a set of articles of association (often referred to simply as Articles of “AoA” for short). You can think of these as the constitution of the company, forming a contract between the business and its shareholders.

So, what’s covered in the articles of association? This can vary. For example, a company can choose to adopt a set of default Articles known as the “Model Articles”. These set out rules around:

●  appointment and termination of directors;

●  the conduct of board meetings and shareholder meetings;

●  other administrative issues.

However, many companies choose (or their investors require them to adopt) more bespoke articles that contain terms around:

●  the transfer of shares by existing shareholders;

●  what happens if a shareholder (who is also a director or employee) leaves the company;

●  and what happens if the majority shareholders agree to sell a controlling interest in a company to someone else.

With that in mind, Articles can become quite complex legal documents that can benefit greatly from a well-drafted contract template. But beyond investor desires, why might you need articles of association?

Well, under UK company law, every company is required to adopt articles of association. These can be viewed by the public online at Companies House and are a key document in managing the relationship between a company and its shareholders.

Put simply: pretty important stuff. 

We have lawyer made articles of association templates available on Docue designed to help your business comply with UK company law and manage the relationship between the company and its shareholders. Sign up today to see just how simple it can be to draft and customise your legal documents.

Shareholders agreements

Unlike articles of association, shareholders agreements are private legal documents between a company and some (or all) of its shareholders. These types of agreements are used to manage the relationship between a company and its shareholders. Generally speaking, a shareholders agreement deals with the governance, management and decision-making of a company and the rights of shareholders.

While there is no strict legal obligation to put a shareholders agreement in place, it's strongly recommended for most companies with more than one shareholder. This helps avoid disputes around how decisions are made regarding a company.

We have lawyer-made shareholders agreement templates available on the Docue platform designed to help your business privately manage the relationship between the company and its shareholders. Get the template →

UK GDPR Privacy Policy/Notice

As a business, you’re likely to record, store, and send a lot of data; the majority of which is protected under UK data protection laws. As a result, a privacy policy is a particularly important legal document to add to your portfolio. This policy or “privacy notice” explains what personal data your business collects, what you intend to use personal data for, and the rights of individuals in relation to their personal data.

UK data protection law sets out a number of things that a privacy policy should include :

●  Identity and contact details of the organisation collecting and using personal data (referred to as the “controller”).

●  The purposes of processing the personal data collected and the legal grounds for each of those purposes.

●  A description of any “legitimate interests” used by the organisation for processing personal data for a specific purpose.

●  The recipients or categories of recipients of the personal data.

●  If the personal data is being transferred outside the UK/EEA, and the legal mechanism used to ensure that the transfer meets an adequate level of protection for the rights of the affected individuals.

●  How long the personal data collected will be stored (or how decisions about how long personal data are kept will be made).

●  A summary of the individuals’ rights under data protection law and the right to complain to the Information Commissioner’s Office (ICO) in the UK, or any other relevant data protection regulator.

●  Where the processing of any personal data is based on the legal ground of consent, and the right to withdraw such consent at any time.

●  Whether any automated decision-making or profiling will be used in connection with any personal data provided, including information about the logic involved and the consequences for the individual of their personal data being processed in this way.

Why does your business require a privacy policy? While data protection law requires individuals to be notified of how their data is used, the function of a privacy policy goes far beyond meeting legal obligations. In the digital age, building trust with customers is crucial, and the loss of it can be damning. A privacy policy helps build a transparent relationship between a business and its clients, building hard-earned trust along the way.

We have lawyer-made UK GDPR privacy policy/notice templates available on the Docue platform designed to help your business comply with UK data protection laws.

UK GDPR Cookie Notice

When cookies are used on a website, UK law requires that users are notified and given the option to opt-in or out of the use of certain cookies (all cookies other than strictly necessary cookies that make the website function). This information is often included in a privacy policy but also can be in a stand-alone legal document referred to as a cookie notice.

Website users must consent to the use of non-essential cookies. To give valid consent, a user must be aware of the cookie and its purpose – a cookie notice therefore needs to alert users that the cookies are there, what they are doing, what this information will be used for, and assess whether the person consents to, or rejects, the cookies. Since GDPR the bar has been raised regarding what constitutes consent in this context and consent implied by continued use of the website is no longer acceptable – explicit, opt-in consent is required before the cookie is set on the user’s machine.

As a 21st-century business, it’s highly likely that you will have the benefit of a website, which means your company will be collecting personal information from website users. As a result, you now fall under UK data protection laws, meaning a cookies notice is an absolute must-have - from both a legal, and customer-trust standpoint.

We have lawyer-made UK GDPR cookie notice templates available on the Docue platform designed to help your business comply with UK data protection laws.

UK GDPR Data Protection Policy


A data protection policy is an internal document that outlines how a business expects staff to behave to ensure that the business meets its data protection law obligations. This document also outlines the main principles of data protection law and is often seen as a particularly useful tool for maintaining best practice in handling personal data.

At its heart, a well-designed data protection policy should equip a business and its staff with the knowledge needed to collect, process, store, and send data legally and safely. With that in mind, a data protection policy should accurately reflect the practices of your company. Your policy should answer questions such as:

●  What personal data are staff allowed to collect?

●  What are they allowed to use the personal data for? (and who can decide if a specific use is permitted?)

●  How long the data should be kept for?

●  Who is responsible for dealing with data protection requests?

●  Who should a member of staff go to if they have questions?

A data protection policy can help your business comply with data protection law obligations, alongside ensuring your company embraces best practice processes. A well-drafted data protection policy has the key benefit of helping your business to build a culture of data protection compliance.

Browse all our lawyer-made UK GDPR data protection policy templates on the Docue platform now.

UK GDPR Data Breach Policy

There are few things so dreaded as a data breach. This can range from a scrap of paper to a full-scale loss of personal information and has the potential to gravely impact a business. Handled poorly, a breach can incur huge financial costs, and more often than not, results in the loss of hard-earned customers.

While the goal is to avoid a breach in the first place, a data breach policy can empower your business to react effectively and quickly, with a clear procedure in place for dealing with the breach.

In a data breach policy you’ll want to include:

●  a description of what would be considered a breach, so your staff know what to look out for;

●  what staff should do and who they should tell if they know or suspect that a breach has occurred;

●  who is responsible for deciding whether to report a breach to the ICO or to the people whose data has been disclosed;

●  who is responsible for deciding what steps will be taken to contain, minimise the effect of, and recover from the breach.

A data breach policy is a document that you hope you’ll never need, but you will be glad that you had this particularly valuable template in the event of a crisis. A clear policy allows your business to minimise the fallout. Put simply, while you want to hope for the best, it’s always advisable to prepare for the worst.

Sign up today to see just how simple it can be to draft, customise, manage and store data breach policies using the Docue platform.

UK GDPR Data processing agreement

A data processing agreement is required in the event of a third-party processing personal data on the behalf of your business. The data processing agreement (or DPA) sets out the role and responsibilities of this third-party.

It’s a legal requirement to have a DPA if you’re a data controller or data processor in the UK or EU (or even outside if you’re processing EU/UK citizen’s data). The requirements for what needs to be included in a DPA are set out in Article 28 (3) of the GDPR. You can find out more about this on the ICO website.

We have lawyer-made UK GDPR data processing agreement templates available on the Docue platform designed to help your business appoint sub-processors of personal data in a compliant manner. Sign up today to see just how simple it can be to draft, customise, sign, manage and store data processing agreements using the Docue platform. 

Non disclosure agreement (NDA)

NDAs are a particularly important component of running a business and allow companies to protect their intellectual assets. An NDA or “non-disclosure agreement” is a legal document that allows businesses to protect company information in a legally enforceable manner and might be used for things such as trade secrets, employment matters, or future business plans.

 You’ll want your NDA to include a number of things, such as:

●  what information will be disclosed, and what that information will be used for;

●  whether there are other people who might need access to the information disclosed;

●  and how long you want the protection to last (confidentiality obligations often last anywhere from one to five years).

The importance of an NDA can’t be understated, as these agreements allow businesses to exchange and share information while ensuring confidential material doesn’t fall into the wrong hands.

Without protection, you run the risk of losing some of your company’s greatest inventions.

We have lawyer-made NDA templates available on the Docue platform designed to help your business engage in truly confidential discussions. Sign up today to see just how simple it can be to draft, customise, sign, manage and store NDAs using the Docue platform. 

Supply of Services Agreement/Supply of Goods Agreement/Supply of Goods and Services Agreement


As a business that provides goods or services (or both) you’ll need an agreement that sets out the terms under which those goods or services are provided. These legal agreements can be quite different, depending on whether the goods and services are being provided to consumers or to another business.

So what would you expect this agreement to cover?

●  A description of the goods or services.

●  The practicalities of delivering the goods or services.

●  Something around quality control, which might be in the form of a right to return faulty goods or an acceptance process for services and deliverables.

●  Any obligations on the customer, for example, to pay the invoices within a certain timeframe and to provide certain information or materials that the supplier will need to perform the services.

●  Cancellation, termination, returns and (if applicable) refunds.

●  Clauses that manage legal risk, such as limitations and exclusions of liability.

In some cases (but not all) the following might also be relevant:

●  The license or assignment of intellectual property rights.

●  Confidentiality obligations.

●  Personal data protection obligations.

Clear contracts with well-defined obligations are the key to good customer relationships, making these agreements particularly important legal documents. Firstly, you can ensure that everyone is on the same page at the outset, allowing a project to start on a firm footing. Secondly, clearly drafted contracts can help to ensure there are no nasty surprises down the line, saving thousands or even millions of pounds in litigation.

Finally, there is a lot of legislation around supplying to consumers, so it’s especially important to have a watertight set of terms if you are selling B2C. Even in a B2B context, there are rules around what can and cannot be included, so it's important to use a contract template designed by experts.


We have a range of lawyer-made supply agreement templates available on the Docue platform designed to help your business stay protected and compliant in many different types of customer facing relationships. Sign up today and create your Supply of Goods and Services Agreement in minutes. This will no doubt greatly increase the speed, efficiency and accuracy of your sales deals and sales processes generally. That’s why Docue is a no-brainer for so many businesses!

Contract management automation for essential business contracts


It’s perhaps become clear by now that businesses are obligated to source a long list of legal documents, agreements, and contract templates. While these legal requirements are designed to protect the business and its customers, this investment of time and money can quickly become unfeasible for a growing company.

That is, before the arrival of contract management automation for the most essential of business contracts. Digitised, lawyer-made contract templates are now available at the touch of a button via the Docue platform, saving businesses time and expense, while helping them to ensure that they are legally protected. The Docue platform contains automated guidelines created by lawyers which help to steer your business at every stage of the drafting process. The benefits of this are truly game changing for UK businesses.  

Future proof your legal framework

Do you want your business to go the distance, but lack the funds, time, or access to crucial business contracts? At Docue we provide growing businesses with the platform to create, customise, sign, manage and store all the contracts and documents that a business needs.

Not only that, but we equip businesses with contract templates that are accessible, and cost-efficient, allowing companies to save on legal costs.

Ready to give it a try? Get Started for FREE

Docue Legal Team