A Non-Disclosure Agreement (NDA) is a contract that legally binds parties to keep specific information confidential. There are three core types — unilateral, mutual, and multilateral. A defensible NDA names the parties, defines confidential information precisely, sets a clear duration (typically 2–5 years), specifies permitted uses, and includes return-or-destruction obligations. Trade secrets warrant longer or indefinite protection. Most NDA disputes fail not because the agreement was weak, but because the breach was hard to prove.
Almost every commercial conversation that goes beyond an initial pitch eventually triggers a Non-Disclosure Agreement (NDA). Investors, suppliers, prospective hires, joint-venture partners — all may need access to information you would not want repeated outside the room. The NDA is the lightest, fastest legal instrument in the commercial toolkit, but it is also one of the most misused. This guide is part of our master series on business agreements.
Key Takeaways
What is an NDA in simple terms?
A contract where one or both parties agree not to share specific information with anyone outside the agreement, usually for a defined period.
Which information actually needs an NDA?
Anything that gives competitive advantage and is not already public: financial data, customer lists, pricing models, technical drawings, source code, business plans, M&A discussions.
How long should an NDA last?
Typically 2–5 years from disclosure for ordinary commercial information; indefinitely for trade secrets that retain value as long as they remain secret.
Can an NDA be enforced internationally?
Yes, but enforcement depends heavily on the governing law and the practical availability of injunctive relief in the breaching party’s jurisdiction. Choose enforceable forums.
What is a Non-Disclosure Agreement?
A Non-Disclosure Agreement is a legally binding contract in which the receiving party agrees not to disclose specific confidential information to third parties and to use it only for a defined purpose. NDAs are also called confidentiality agreements, secrecy agreements, or proprietary information agreements.
An NDA does not stop a determined party from breaching confidentiality — no document can. What it does is create legal consequences for breach: damages, injunctive relief, and the ability to pursue third parties who knowingly receive misappropriated information. The NDA also helps qualify information as a “trade secret” under most legal regimes, which unlocks stronger statutory protection.
What are the three main types of NDA?
NDAs fall into three categories defined by the direction of information flow: unilateral, mutual, and multilateral. The right choice depends on which parties are disclosing confidential information.
What clauses must every NDA contain?
A defensible NDA contains nine essential clauses. Omitting any one creates an opening for the breaching party to argue the agreement is unenforceable or its scope is unclear.
- Identification of the parties — full legal entities, not informal company names.
- Definition of confidential information — specific categories rather than vague language. “All non-public information” is a common but weak formulation.
- Permitted purpose — what the receiving party may use the information for. “Solely for evaluating a potential commercial relationship” is a typical example.
- Exclusions — information that is already public, independently developed, or lawfully obtained from a third party is normally carved out.
- Duration of confidentiality — both the agreement term and how long obligations survive after termination.
- Return or destruction — what happens to physical and electronic copies when the relationship ends.
- Remedies — typically including the express right to seek injunctive relief in addition to damages.
- Governing law and jurisdiction — where disputes will be heard and which law applies.
- No licence — explicit statement that disclosing the information does not grant any IP rights to the recipient.
How do you define confidential information correctly?
Strong NDAs combine three approaches to defining what is protected: a broad description, a non-exhaustive list of categories, and a marking convention for ambiguous cases. Each approach alone leaves gaps; together they close most of them.
A typical drafting pattern reads: “Confidential Information means all non-public information disclosed by or on behalf of the Disclosing Party that is identified as confidential at the time of disclosure or that a reasonable person would understand to be confidential, including but not limited to: business plans, financial data, customer lists, pricing, technical information, source code, product roadmaps, and personnel information.” The “reasonable person” backstop catches information that was clearly sensitive but was disclosed verbally without formal marking.
How long should the confidentiality obligation last?
Commercial NDAs commonly run 2–5 years from disclosure, with indefinite protection reserved for genuine trade secrets. Excessively long durations can backfire — some courts refuse to enforce NDAs that run for 10+ years on routine commercial information.
The duration calculation should start from the date of disclosure, not from the date of signature. Otherwise, an information drop on day 1 of a 3-year NDA receives a full 3 years of protection, while disclosure on the last day receives almost none.
What are the common drafting mistakes in NDAs?
Most NDA disputes are made worse — and sometimes lost — because of avoidable drafting choices. Five recur most often in our review work.
- Mismatched duration and survival clauses — the agreement terminates after 1 year but the confidentiality obligation runs 5 years; if not drafted carefully, courts can read this as a contradiction.
- No carve-out for compelled disclosure — what happens if the receiving party is subpoenaed? Best practice: a “compelled disclosure” clause requiring notice to the disclosing party plus reasonable cooperation to seek a protective order.
- Overly broad non-solicitation — NDAs that try to bolt on aggressive non-compete or non-solicitation clauses are increasingly struck down by courts as restraints on trade.
- Wrong forum selection — choosing a jurisdiction where injunctive relief is slow or expensive defeats the purpose. The NDA’s effectiveness depends on speed of remedy.
- No notice and cooperation obligation — if a third party requests confidential information, the receiving party should be obligated to notify the disclosing party promptly.
How do you enforce a breached NDA?
NDA enforcement combines three remedies: injunctive relief to stop further disclosure, monetary damages, and where applicable, statutory remedies under trade-secret law. Speed matters far more than the size of the damages claim.
The hardest part of enforcement is rarely the legal argument; it is proof. Demonstrating that the receiving party actually disclosed confidential information — and that resulting damage flowed from that disclosure — requires evidence that is usually inside the breaching party’s systems. This is why modern NDAs often include explicit audit rights and IT cooperation obligations triggered by a credible suspicion of breach.
Should you use a template NDA or get one drafted?
A reputable template is sufficient for routine, low-value disclosure scenarios. Custom drafting is justified when trade secrets are involved, the counterparty is a competitor, the deal is cross-border, or the information has clear monetary value.
Companies that handle many NDAs benefit from maintaining two templates: a short one-page mutual NDA for routine commercial conversations and a longer “high-stakes” version for M&A, technology transfer, and trade-secret scenarios. Standardising this avoids the temptation to start every NDA from scratch.
Related Guides
Continue your learning with these closely related guides in our Law department:
Business Agreements: The Complete Legal Guide →
The master pillar covering all eight commercial agreement types and their interactions.
Service Agreements: Structure and Best Practices →
How NDAs interact with master service agreements and statements of work.
Employment Agreements: Confidentiality Clauses for Employees →
Why a standalone employee NDA is often weaker than a strong confidentiality clause inside the employment contract.
Licensing Agreements: When Confidentiality Meets IP →
Where the NDA ends and the licence begins in technology transfer.
Frequently Asked Questions
Quick answers to the most common questions readers ask about this topic.
Discover more from Kurums | Business Intelligence
Subscribe to get the latest posts sent to your email.
