Non-Disclosure Agreements (NDAs): Everything You Need to Know

NDAs, or non-disclosure agreements, are legally enforceable contracts that create a q1confidential relationship between a person who has sensitive information and a person who will gain access to that information. A confidential relationship means one or both parties has a duty not to share that information.

Non-disclosure agreements are also known as confidentiality agreements, confidentiality disclosure agreements, and non-disclosure contracts. You may encounter one at the beginning of a business relationship or large financial exchange. For example, an employer or client may ask a new hire or contractor to sign a confidentiality agreement to protect the organization’s sensitive data.

An NDA specifically focuses on an individual’s or organization’s information privacy, which differs from other business contracts like service or sales agreements that focus on the terms and conditions of service or transactions. 

Related: learn about the other fundamental business agreements

The purpose of a non-disclosure agreement is twofold: confidentiality and protection. Information protected by a confidentiality agreement can include everything from product specs to client rosters. Business models, test results and even embargoed press releases or product reviews can all be covered by an NDA. 

An NDA creates the legal framework to protect ideas and information from being stolen or shared with competitors or third parties. Breaking an NDA agreement triggers a host of legal ramifications, including lawsuits, financial penalties, and even criminal charges. NDAs offer a level of protection to your business so that even accidental breaches are covered.

There are three essential functions of an NDA:

• Identifying protected information: By drawing a line between what information is confidential and what can be shared, NDAs classify information. This allows parties to work freely within the boundaries created by the confidentiality agreement.

• Protecting sensitive information: Signing an NDA creates a legal obligation to keep sensitive information confidential. Any leak of that information is a breach of contract.

• Protecting patent rights: Because public disclosure of a pending invention can sometimes void patent rights, an NDA can protect an inventor as they develop their new product or concept. 

Whether looking for investors, hiring new employees, or seeking new partners or collaborators, at some point sensitive information must be shared with individuals or entities outside your organization. NDAs ensure that a company moves forward safely with these processes.

So when do you need an NDA? Below are five situations that trigger the need for a confidentiality agreement.

• Products: When your organization enters into the sale or licensing of a product or technology, you need to ensure that all the data you’re disclosing–technical, financial or other proprietary material–cannot be shared with third parties.

• Employees: Because of their access to confidential and proprietary information, you need to ensure your employees cannot share your organization’s sensitive data while on the job or once they leave.

• Partners: During negotiations with a new partner or investor, you need to ensure information shared during these talks is protected.

• New Clients: When onboarding a new client, your organization may become privy to that company’s sensitive information. An NDA can protect your organization by identifying which information cannot be shared so that there is no accidental exposure to legal liability.

• Mergers and Acquisitions: When selling your business, sensitive financial and operations information must be shared not just with the entity that’s buying your business, but with intermediaries and brokers as well. An NDA ensures that data is protected.

Confidentiality disclosure agreements are also common when presenting information to potential investors, contracting with vendors and while exploring joint ventures.

Generally speaking, non-disclosure agreements fall into two main categories: unilateral and mutual. In a unilateral NDA, one party agrees not to reveal confidential information. In a mutual NDA, both sides agree that they will not share confidential information.

In all other aspects, these two types of confidentiality agreements are identical, especially when it comes to enforcement and the consequences of a breach. 

An employment contract is an excellent example of a unilateral NDA. When an employee is hired, they sign a unilateral NDA agreeing not to share information learned on the job. By contrast, if one company is merging or acquiring another company, a mutual NDA ensures none of the parties participating in the process divulge confidential information. 

When drafting your confidentiality agreement, here are a few questions that will determine whether you need a unilateral or mutual NDA:

• Business Type: Does the activity involve a mutual exchange of information or multiple actors (e.g., mergers and acquisitions, joint ventures, teaming agreements)?

• Reciprocity: Are both sides equally protected and obligated so that neither is unfairly “favored” by the agreement?

• Number of Parties: Are there more than two parties participating, or is each participating party providing information?

All NDAs should include these specific elements:

• Identification of Parties: Also known as “parties to the agreement”, the purpose of this section is to identify the people and/or entities involved in the non-disclosure contract. It explains who the disclosing party and recipient of are, using names and addresses. Relevant parties such as attorneys, accountants, or business partners may also be included.

• Definitions: This section of the NDA lays out the different types of information covered by the agreement and establishes rules regarding how it is handled. It answers the question of what information is confidential.

• Obligations: What happens if protected information is shared? An NDA not only sets out the specific behavior expected from each signatory, but it also lays out the consequences of breaching the agreement.

• Scope: A clearly defined scope ensures an NDA’s enforceability. Using general terms like “proprietary information” isn’t specific enough and won’t hold up in a legal setting. Scope should lay out what specific information the NDA covers

• Time frame: Most NDAs don’t last forever, and many confidentiality agreements explicitly state the number of years that sensitive information must be kept secret. Even those with an indefinite time frame will often indicate when information is no longer protected by the agreement.
  

• Return of Information: After the conclusion of business between the parties, an NDA may require that the recipient confirm that sensitive information has been returned or destroyed.
  

• Exclusions: These are the types of information which do not need to be kept confidential. This might include public knowledge, previously disclosed details, or information someone knew before entering a business or financial relationship with a company or firm.
  

• Remedies: If there’s a breach of the confidentiality agreement, what happens? There are many possible courses of action, or remedies. These may include a restraining order, payment for damages, and other actions for breach of fiduciary duty and copyright, patent, or trademark infringement.

Of course, not all information is protected by an non-disclosure contract. Public records, including SEC filings or company addresses, are not covered by these confidentiality agreements. The courts can also interpret the scope of an NDA in ways that one or more participants may not have initially expected. If the information covered in an NDA is revealed in another way—like through a court proceeding or subpoena—then the NDA no longer applies. 

Additionally, managing multiple NDAs as an organization quickly becomes untenable without standardized language. When the number of NDAs starts reaching into the hundreds, reviewing, negotiating, and concluding unique contracts manually is extremely demanding and time-consuming. A standard, adaptable confidentiality agreement addresses this issue, but only if the organization takes the time or consults with experts to create a standard NDA that meets all its needs.

There are many situations in which you may be asked to sign an NDA, including:

• Starting a new job with an employer
• Beginning a work contract with a new client
• Exploring an investment opportunity
• Negotiating a business partnership or joint venture
• Merging with or acquiring a business

It is normal to be asked to sign a non-disclosure agreement in these situations or any others where you’ll be given access to sensitive information. When that happens, it’s important to know what to look for in an NDA.

Expect to see the parts of an NDA listed above, including the identification of parties, definitions, obligations, scope, time frame, return of information, exclusions, and remedies. There may also be clauses about mutual non-disclosure or non-solicitation, as well as one stating the jurisdiction for handling disputes.

Before signing an NDA, take time to read it carefully and ensure you understand the contract. If you find broad or vague language that unreasonably restricts you, it may make sense to refuse to sign until that is resolved. Specific examples of this may include statements that you can’t divulge information that is public, knowledge that you already possess, or information received from a third party.

If you’re hiring employees or contractors for the first time, or disclosing sensitive information to a potential investor, you may be interested in creating an NDA. Many enterprise companies like Mastercard use NDAs to ensure security with clients:

“We’re only a couple of months into rolling out Ironclad for NDAs, and we have standardized and automated our templates, implemented e-signatures, and have an integrated end-to-end solution for our NDAs. It has been incredible.”

Anushree Bagrodia, Senior Managing Counsel & Legal Transformation Lead, Mastercard

To create a legally-binding non-disclosure contract, you must use specific language when defining confidential information, parties, and scope. Broad language that can be interpreted many ways may not hold up in a legal dispute. Also, NDA creators have to be careful not to disclose sensitive information they want covered by the NDA before the contract is signed. Non-disclosure contracts do not cover previously known information.

There is currently no standard system for NDAs, leaving organizations to figure out how to create them on their own. This places heavy demand on legal teams who could be spending time on other priorities. A standard NDA helps with this, and in a perfect world the contract is automated, accepted with the click of a button, and stored and updated electronically in case you need it later.

You do not need a lawyer to create and sign a non-disclosure agreement. However, if the information you are trying to protect is important enough to warrant an NDA, you may want to have the document reviewed by someone with legal expertise. Some contract lifecycle management software helps with this as well as providing a system for managing NDAs on a corporate level.

Contract lifecycle management software brings thoroughness and clarity to the NDA creation process. It ensures that you:

• Stay focused and fair. A non-disclosure contract should only include agreements to keep information private. Provisions like non-solicitation and non-competes will likely result in pushback from the signing party.

• Are brief. Generally, an NDA should fit on one page. Use clear and concise language that focuses only on disclosure.

• Use templates wisely. Organization-wide NDA templates are helpful, but every use case is unique. Read through the confidentiality agreement to ensure that the definitions, access, and safeguards it describes make sense for the situation.

• Know your terms. Provisions on severability, change-in-control, and exclusion of damage are not always necessary. Other times, they require extra clarity. 

If writing an NDA on your own seems overwhelming or complicated, consider using contract lifecycle management software backed by legal experts. These programs come with digital contract management systems that store, track, organize, and collect signatures on contracts. With a workflow designers, data repository, and collaboration tools, you’ll have everything you need to automate contract tasks like keeping up with renewal dates and obligations. These systems greatly improve efficiency for organizations handling multiple contracts.

Ready to upgrade your contract management? Automate away your NDAs with Ironclad. Sign up for a consultation here to be one step closer to creating your first non-disclosure agreement.