A business owner’s guide to NDAs

Non-disclosure agreements can help protect your company’s confidential information and intellectual property. Business owners explain when to use an NDA and what information should be included.

Last updated: 21 Jul 2020 7 min read

Share This

© Getty Images

Your business’s information is valuable, and it’s your responsibility to protect it. One way to do this is to use a non-disclosure agreement (NDA) – also sometimes known as a confidentiality agreement.

An NDA is a legal document that businesses can use when sharing sensitive information with another person or organisation – anyone who signs the document is legally bound to not disclose any of the details specified by the issuing party.

When to use an NDA

“NDAs are useful when the wider knowledge of certain information could result in loss of revenue, profits, resources or reputation,” says Amit Kapoor, founder of Mindful Contract Solutions, an IT services provider that relies on NDAs to protect details of client contracts.

It could be that you’re exploring new ideas involving other parties – suppliers or partner businesses perhaps – or discussing a potential merger or acquisition.

Confidentiality can also be useful in procurement scenarios, as Kapoor explains: “It’s very common for businesses procuring services to get their prospective bidders to sign up to NDAs.

“Procurements usually end with one winning supplier and several unsuccessful ones, with whom there will be no contract – without an agreement, there’s no obligation on either party to protect the other’s intellectual property or sensitive information.”

Confidentiality among employees and contractors

Confidentiality isn’t just important in interactions between businesses: NDAs can also be used by employers to prevent staff – current or former – from sharing sensitive or valuable information with others outside of the business.

If you need to protect general business information, you could include an NDA as part of your employment contract template so that it’s signed and taken care of before employees have access to anything sensitive. For specific work and projects, you’ll need to set up a new agreement for any involved parties to sign.

The usefulness stretches to contractors too – if you use the services of a freelancer who, in order to do their job, needs access to sensitive information about your business, you can have them sign an NDA as part of their contract.

Where to start and what to include

You’ll first need to determine the type of agreement that’s required. “Businesses should consider if a one-way NDA is required or a mutual one,” says Kapoor. “A mutual NDA creates reciprocal obligations for involved parties to protect each other’s data – whereas a one-way NDA assumes that sensitive information is flowing only one way: from a discloser to a receiver.

“NDAs are useful when the wider knowledge of certain information could result in loss of revenue, profits, resources or reputation”Amit Kapoor, founder, Mindful Contract Solutions

“Once identified, it may be advisable to search for suitable legal templates rather than drafting the NDA afresh. Access to legal templates may be an add-on service you get for your purchase of a business legal expenses insurance policy, or, if you use a lawyer, they should be able to help. Failing that, you’ll be able to find or purchase templates online.”

As for the details to include, start by being as clear and specific as possible about the information that cannot be disclosed. After that, Kapoor suggests considering the following:

  1. The term of the NDA – ie the duration for which the obligations will persist. It’s not uncommon for this period to be several years.
  2. It’s good practice to agree how sensitive information will be destroyed or returned.
  3. The form of data to be protected should also be stated: this should include written communications, oral communications, and all forms of documentation and records.
  4. Occasionally, businesses ask for the existence of the engagement to be kept confidential. This can happen if a large business is engaging a restructuring consultant or a big-four consultancy – as the knowledge of such engagement (even without details) can indicate that the business is looking for a turnaround.
  5. A section on permitted disclosures and exceptions to non-disclosure should also be included. This gives the receiving party the flexibility to share the protected information with their employees and subcontractors for the purpose for which the NDA was signed. Exceptions to non-disclosure are necessary to allow for disclosure under certain circumstances, including where required by law or by rules of a court.

How to combat the stigma around NDAs

NDAs are understandably a daunting prospect for some, and the mention alone can spark hesitation in prospective partners or suppliers. James Thurlow-Craig of Surrey web-design firm Create Designs has noticed this happening in his industry: “There’s often a stigma associated with clients who request that an NDA is signed before discussing details of a project,” he says. “It adds an extra time-consuming process before we have enough information to know if we are even able to help, or if there’s sufficient budget to do the work.”

While many agencies hesitate or choose to avoid confidentiality-insistent clients altogether, Thurlow-Craig appreciates the value of having an agreement in place. “Do we accept requests for NDAs? In most cases, yes,” he says. “Over the years we’ve had success working with both start-ups and established businesses that initially requested NDAs. Before we commit, we ask a series of questions to qualify the prospective client; to ensure the information they’re protecting is not simply a paragraph of text in an email, but a full business plan, with an outline of the project scope and a clear budget.”

How to handle a broken NDA

If an employee or partner goes against your agreement after signing, you’ve a right to act.

First, consider that disclosure isn’t always straightforward, and that the person breaking the NDA may not be fully aware of what’s happened. With that in mind, step one should be to approach them to see if the issue can be solved informally.

This is what Tom Jenane did when a discussion of plans for his online retailer, Natures Healthbox, went further than the meeting room of a prospective partner. “We were working on an opportunity in the vegan industry and we met with a marketing agency who we discussed the strategy with,” he says. “Of course, they signed the NDA beforehand, and they were amazed by what we said and loved our plans, so we took them on.

“However, we noticed what we implemented was being adopted by a few other brands in our sector over the next three months, so we spoke to our agency and asked if they were also clients. Once they explained that they were, we highlighted that this was a breach of the NDA they had signed, and technically a breach of our intellectual property. They very quickly removed it from their other clients’ websites and apologised, but I’m certain that without their signatures we could have been in a tricky situation.”

Jenane’s situation was solved relatively quickly – thanks in large part to the NDA already in place – but if someone refuses to back down after signing, or if the damage has already been done, you’ll need to seek legal advice and potentially get the courts involved.

If the protected information hasn’t been disclosed already but the other party is threatening to release it, the courts can issue a preventative injunction, or – if the information is in data form – enforce its return. If the disclosure of NDA-protected information has had a financial or reputational impact, however, it may be best to seek either financial compensation or a public apology from the breaching party.

Share This