Confidentiality and NDA Agreements

Confidentiality Agreement Solicitors

If your business details are misused and you have not taken precautionary steps your choices for redress are limited.  You will need to show that the information had the necessary quality of confidence, the idea was disclosed in circumstances where a confidentiality obligation can be assumed and that there has been unauthorised use of the information. This can be difficult to prove.

A bespoke confidentiality or NDA agreement can avoid some of the difficulties in proving that you are entitled to protection. An NDA agreement has the added advantage that each party can see either obligations set out in black and white.  They do have teeth.

Uses of confidentiality agreements/NDA

Some of the most common uses are:

  • Where someone is looking for a new supplier or service provider or outsourcing service provision;
  • A new product, service or app is being developed;
  • A business wants to get into discussions about a proposed “partnership” or collaboration with another; or
  • There are discussions about a potential sale of a company or its business.

Confidentiality agreements can be used to restrict:

  • Employees – confidentiality should be a standard employment term but further restrictions may be needed for senior team members or developers especially if they are working on commercially sensitive projects
  • Anyone given access to your intellectual property or inventions or involved in developing apps/platforms
  • Agents and distributors used to facilitate your sales
  • Key services providers such as IT support and website hosting or other outsourcing
  • Parties negotiating transactions such as a business or company sales and purchases, partnerships, joint ventures and other collaborations.

Risk of breach of GDPR if data disclosed without consent

But beware, if personal data is being disclosed under a Confidentiality Agreement/NDA you need to think about compliance with the Data Protection Act 2018/GDPR and possibly other regulations relating to the use and processing of personal data. So a standard “off-the-shelf” Confidentiality Agreement/NDA may not be sufficient and could lead to you being in breach of the data privacy legislation in the UK and elsewhere and possible investigations and fines.

Types of Confidentiality Agreement or NDAs

Essentially, there are two types:

  • One way – used, for example, where one party is seeking suppliers and provides information about themselves or their business so someone can submit a bid or quotation etc for work;
  • Two way – used where both parties are providing confidential information about themselves and their businesses to each other in relation to a project or transaction etc.

Myths about NDAs

Common myths about NDAs

There are a number of misconceptions about confidentiality agreements and why they really are necessary.

“NDAs are worthless” – confidentiality agreements are the standard tool for protecting commercial information. The threat of breach of contract enables competing parties to negotiate freely without fear of disclosure and risk of substantial losses. One of the reasons they are thought to be worthless is that the cost of enforcement is likely to be prohibitively high. However, they are only ‘worthless’ if they are not adequately drafted to reflect the circumstances and the fact that there is a right to enforce that is in a document which can be referenced if there is a breach does give them some teeth.

“Confidential information is not intellectual property” – often the most valuable and under-protected form of IP right, “confidential information” can be an important asset for a business. Whilst many IP rights need to be registered (and costs spent on registration fees), trade secrets are protected in themselves as long as they remain confidential. But you need to beware of saying everything is “confidential” in nature if it really isn’t: that could undermine the effectiveness of the NDA.

“When an NDA ends the information is no longer confidential” – expiry of a contractual term of confidentiality does not necessarily mean the information is not confidential. It may well be covered by an extension or the common law concept of confidence but it is clearer still if there is a specific provision about this in a written document.

“The law is clear” – no it isn’t: there is no single ‘confidentiality law’. Instead the duty of confidence has been developed over time in the courts to maintain fairness. To get over the hurdles developed in case law an NDA must be well drafted.

Template or tailored?

There are a number of template agreements freely available online. We would always caution against using these because there are a number of pitfalls that may render the agreement unenforceable – and as information is highly valuable to your business it is not worth that risk.  Added to which a template is unlikely to fit your specific circumstances and requirements and most don’t deal with the issue that personal data may be disclosed and the implications of this.

A tailored agreement with professional input goes a long way in protecting your most valuable assets. We understand what is at stake and provide you with clear advice on the who, where, what, when, why and how of confidentiality agreements.

Key clauses

The main clauses to think about are often:

Who to include?

If you are dealing with a corporate entity should disclosure be limited only to certain senior employees? Should those employees also be required to sign? Ensuring that signatories face a personal liability risk generally offers more assurance. What about professional advisers and insurers – will confidential information need to be shared with them by the recipient (often the answer is yes)? If so, what is they breach the agreement?  Who is responsible for their actions.

What to include?

Where you are disclosing supplier lists, details of client contracts or customer information you may be sharing personal data which needs to be protected in accordance with the Data Protection Act 2018. It may also be tempting to make the definition of ‘confidential information’ as wide as possible but merely describing the information as confidential will not give it the ‘necessary quality of confidence’ to be protected and the court may refuse to uphold such a definition.

Staged release of information

If information is highly confidential, for example a trade secret recipe or method of production, you may want to disclose some information first and withhold the most sensitive information until the other party demonstrates trust or moves forward towards formalising the underlying arrangement.

Return of information and documents disclosed

If the reason for disclosing information, such as an offer to purchase your business, falls through, ensure you have a right to the immediate return or destruction of all information, including all copies (it is not necessarily easy to ensure compliance these days with cloud storage and the widespread use of mobile devices – you need to think about the practical steps you can take to protect information and, if it is personal data, that the laws relating to that are complied with)

Forced disclosure

Where a disclosure is required by law, if possible do you want to be consulted on the timing, manner and content of the disclosure?  And who should bear the costs of challenging disclosure requirements?

Is it enforceable?

Do not include clauses which are excessive, for example, it may be tempting to include a clause whereby if there is a breach there is a large financial penalty for the wrongdoing party – these types of clauses (known as liquidated damages clauses) are generally not enforceable if they are purely a penalty (in the UK at least).

Right to apply for an injunction

Always include lawful safeguards such as clear terms stating that if there is a breach, the innocent party will be entitled to apply for an injunction.  Stopping further disclosure is likely to be much more important than claiming down the line once your business has been disadvantaged.


Ensure that the agreement provides that English law applies and the English courts have jurisdiction to determine disputes or matters relating to the agreement – this is particularly important where you are disclosing confidential information to a person/business outside of the UK.


When we draft our agreements we aim to minimise the risk of breaches and ensure compliance with relevant legislation. But data theft by employees and competitors is a significant risk to any business, regardless of turnover. To preserve value and your competitive edge, fast and decisive action is needed.

If you think we can add value to your negotiations please do call us on 0207 438 1060.

Jennifer Wall

A master at turning what looks to be a tricky problem at the start with lots of dark alley ways into a workable commercial outcome.

Let us take it from here

Call us on 020 7438 1060 or complete the form and one of our team will be in touch.