Before You Spill the Tea: Drafting Tips for an NDA
What is an NDA?
A non-disclosure agreement (NDA), sometimes called a confidentiality agreement, helps businesses share information safely when exploring new opportunities or partnerships. It lets parties exchange information for a specific purpose while agreeing not to disclose it to anyone else.
NDAs are commonly used when companies collaborate, work on research & development, or take part in scoping exercises. In these situations, a business might need to share sensitive details to facilitate discussion (for example, financial information, or operational data).
Key points to consider
If you need to share confidential information, it’s best to have an NDA signed before any information is exchanged. Each of the following should be considered:
1. What information will be shared?
Start by identifying what information needs to be shared and whether it can be reduced or anonymised. Decide how the information will be sent to ensure its security and, how you will track what’s been shared. The NDA should state whether information flow is one-way or mutual.
2. Does it contain personal data?
If the information includes personal data, the parties must clarify whether they are acting as a controller or processor and comply with data protection laws.
3. How can the information be used, and for how long?
Clearly define what the information can be used for and who may access it. You can include rules on storage and copying. The right to use the information should end at a set time or event—for example, when negotiations stop.
4. Protecting the information
you should check that the recipient has strong security measures in place. The NDA can require specific protections or require the recipient to apply the same level of security they use for their own confidential information.
5. When can the information be shared further?
If your counterparty needs to share your information with others (e.g., employees, advisers, consultants), the NDA should list who these people are and require them to follow the same confidentiality obligations. You can also include rules for disclosures required by law.
6. When does confidentiality end?
Keeping information confidential forever can be difficult to manage. It may be better to set a time limit based on how long the information remains valuable and sensitive to your business.
7. Who owns the information?
The disclosing party normally keeps ownership of all information and any related intellectual property. The NDA should also explain what happens to any information or rights created using the disclosed information.
8. What happens after the NDA ends?
If negotiations lead to a full commercial contract, that agreement usually replaces the NDA. If talks end without a deal, then provision should be made within the NDA for the recipient to return or destroy all confidential information.
Limitations of an NDA and possible remedies
Even though NDAs are legally enforceable when properly drafted, they cannot always undo the damage caused by a leak. Once information is out, it may be impossible to fully reverse the impact. Therefore, NDAs should be used alongside strong internal controls and careful consideration of what you share and with whom.
If confidential information is leaked, immediate remedies such as injunctions may be more effective than compensation alone. If personal data is involved, regulatory consequences may also arise.
Should you require any advice in relation to reviewing or preparing an NDA, please get in touch with a member of our Commercial Team.