What is a Non-Disclosure Agreement?

The best way to keep something confidential is not to disclose it in the first place – keeping it on a need-to-know basis between a small group of people. If you want to keep something private, you should use a non-disclosure agreement (sometimes called a confidentiality agreement).

In some situations, you may have to tell people confidential information to get advice. It is important that you don’t assume conversations with advisors are automatically confidential, this is why an NDA is the safest way to keep your information private.

The parties you may need to share with could be:

  • Accountants
  • Banks
  • Financial advisors
  • Insurance brokers
  • Business coaches
  • A marketing agency

An NDA is a legally binding contract. It sets out how you share the intellectual property of a business in confidence. NDAs can cover:

  • Documents
  • Designs
  • Sketches
  • Analyses
  • Source codes
  • Marketing plans
  • Manufacturing processes

Your intellectual property solicitor can advise on confidentiality and draw up an appropriate NDA for you to use if you are the source of the confidential information. Always get people to sign the NDA before the information is shared – without an NDA, you are taking the risk that others could use your ideas or information without your permission.

As these agreements play such a vital role in protecting the future of a company, it’s important that you take an NDA seriously.

Terms of an NDA

You should be clear what your NDA covers, this could be as specific as protecting something marked as ‘confidential’, to a wider focus like covering the information you share in meetings or presentations.

A good NDA restricts the use of the ideas and information to a specific permitted purpose. Keep that purpose as specific as you can. You can widen the permitted purpose later, but you can’t narrow it.

You should be realistic. The person you are talking to might need to share or copy your information with others, whether that’s their employees or professional advisors. Make sure that these disclosures to employees and professional advisers are made in confidence.

Think about how long the confidentiality should last, 3-5 years is a common timescale. After the timescale has passed, they will be able to use and disclose your information. Once information is made public, an NDA can’t be enforced.

Make sure you get the right people to sign the NDA too, this could be:

  • A director of the recipient company
  • An officer of the recipient institution
  • Someone senior who has authority to give the undertakings in the NDA

Types of NDA

There are two types of NDAs – one way or mutual. A one-way NDA is used if you are the only one disclosing information (otherwise known as the disclosing party), a mutual NDA is used if both parties are sharing confidential information (in which case, the other party called the receiving party).

If you and the other party to the NDA are in different countries, the NDA will need to state which law governs the agreement. For example, England and Wales have a different legal system to Scotland, so if the NDA is spread between parties in Wales and Scotland, then you need to state which legal system the NDA is enforced with.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.