When should I use an NDA or confidentiality agreement?

Non-disclosure or confidentiality agreements are legal documents normally used in the business-to-business market. They are typically used where a contract isn’t in place so that you can share information with confidence while exploring a business opportunity or negotiating contractual terms.

If you have signed a contract with your client or supplier, an NDA is normally not necessary because that contract should already protect confidential information through appropriate confidentiality provisions, as well as intellectual property and data protection clauses etc.

If you don’t have a contract or an NDA in place, the only other course of redress if you think your confidential information has been unlawfully exposed is through common law. But, that will involve some hoop jumping to prove information should be classed as confidential and therefore protected. This could be tricky if you don’t have a well-defined commercial relationship or a clear record of what information is confidential and how it should be used.  

There are also statutory protections under the Trade Secrets, Freedom of Information and Privacy rules, but they do not extend to all types of confidential information. So, the upshot, to avoid any uncertainty and to protect your valuable information, it is best to have an NDA in place. Here are the five things an NDA should typically cover:

1. A clear definition of the protected information to avoid confusion about what is confidential and what isn’t. At the beginning of a commercial relationship this might usually include trade secrets, information about customers, employees and suppliers, business know-how, non-public financial information and technical data, etc. The definition should be accurate and not too broad or too narrow.
   
   
2. The purposes of the disclosure, which typically link to a specific business opportunity or project.
   
   
3. The recipients of the disclosed information, e.g. each party’s personnel and advisors on a need-to-know basis. For some highly sensitive projects, only specified senior decision-makers will be able to access the information.
   
   
4. Remedies for breaches, including financial (e.g. uncapped liability) and non-financial remedies (e.g. a court injunction).
   
   
5. How long the parties will be bound by the confidentiality obligations depending on the outcome of the discussion and the sensitivity of the protected information  - for example, until a formal contract is signed or for a fixed number of years after expiry or potentially indefinitely.