Non-Disclosure Agreement Template 2026

What is a Non-Disclosure Agreement?

A non-disclosure agreement (also called a confidentiality agreement, NDA, or CDA) is a legally binding contract in which one or more parties agree to keep specified information confidential and not to use it for any purpose beyond the one defined in the agreement. NDAs are the entry-level commercial contract for almost every business conversation that involves sensitive information: pitch meetings with investors, vendor evaluations, partnership discussions, M&A diligence, employment relationships, and contractor engagements.

An NDA performs three jobs at once. First, it puts the recipient on notice that information shared during the relationship is commercially sensitive. Second, it creates a documented, enforceable obligation to handle that information carefully and only for the agreed purpose. Third, it gives the disclosing party a clear path to remedies, including injunctive relief, if the information is misused. Without a written NDA, the disclosing party is left to rely on the general law of confidence, which is enforceable but materially harder to invoke and slower to remedy.

Types of NDAs and When to Use Each

Choosing the right type of NDA matters more than most people realise. The three most common types differ in who has confidentiality obligations and in how heavily the agreement is negotiated. Picking the wrong type can leave one party over-exposed or make the agreement so adversarial that it slows down the underlying deal.

Mutual NDAs

A mutual NDA imposes confidentiality obligations on both parties, on the basis that each will share confidential information with the other. Mutual NDAs are the default for two-sided commercial conversations such as M&A discussions, joint ventures, channel partnerships, and reciprocal API integrations. Because both parties have skin in the game, mutual NDAs are typically negotiated more efficiently than one-way NDAs and tend to be shorter in length.

One-Way (Unilateral) NDAs

A one-way NDA only restricts the receiving party because the disclosing party is the only side sharing confidential information. One-way NDAs are common when engaging contractors, consultants, freelancers, or evaluating a vendor. They are also commonly used by founders pitching investors. One-way NDAs from the disclosing party's side tend to be drafted more aggressively because the disclosing party bears all the risk; receiving parties (especially institutional investors) often refuse to sign them.

Multilateral NDAs

A multilateral NDA binds three or more parties simultaneously, typically in consortia, syndicated deals, multi-party R&D collaborations, or working groups. They are harder to draft because each party may share information with the others, and the document must address how confidentiality flows in every direction. Multilateral NDAs often need a defined "Disclosing Party" and "Receiving Party" status that varies depending on which information is being shared.

Employee Confidentiality Agreements

Employee NDAs are usually embedded in the employment contract rather than executed as a standalone document. They cover confidential business information, customer data, source code, and trade secrets, and they typically survive termination of employment for a defined period. Employee NDAs cannot lawfully prevent disclosures protected by whistleblower legislation such as the UK Public Interest Disclosure Act 1998 or equivalent regimes elsewhere.

Essential NDA Components

A well-drafted NDA balances breadth of protection with usability. Each of the following components is non-negotiable in any commercial NDA.

Definition of Confidential Information

The most important clause in any NDA defines what counts as confidential information. The definition should be broad enough to cover all sensitive information shared during the relationship, but narrow enough to be enforceable. Best practice is to include a non-exhaustive list of categories (business plans, financials, customer lists, technical specifications, source code, commercial terms) and to capture both information marked confidential and information that would reasonably be understood to be confidential given its nature or the circumstances of disclosure. Avoid definitions that are circular ("Confidential Information means information that is confidential") or that depend solely on marking, which leaves disclosing parties exposed if marking is missed.

Standard Exclusions

Every NDA should expressly exclude five categories of information from the confidentiality obligations: (1) information that is or becomes public through no breach by the receiving party; (2) information already known to the receiving party prior to disclosure; (3) information independently developed by the receiving party without reference to the confidential information; (4) information lawfully obtained from a third party not bound by confidentiality; and (5) information required to be disclosed by law, court order, or regulatory authority, subject to advance notice where legally permitted.

Permitted Purpose and Permitted Recipients

The NDA should state the specific purpose for which the confidential information may be used (for example, "evaluating a potential commercial partnership" or "performing the services under the underlying agreement"). It should also identify the permitted recipients within the receiving party's organisation. The standard formulation is "employees, officers, professional advisers, and named subcontractors who have a need to know and who are bound by confidentiality obligations no less protective than this Agreement."

Term and Survival

NDAs should have an explicit term during which the relationship is active, and a survival period during which obligations continue after termination. Two to five years is the typical term for ordinary commercial information. Trade secrets often warrant indefinite or longer survival under English law and the EU Trade Secrets Directive, while time-limited commercial discussions may justify shorter survival periods.

Return or Destruction

At the end of the relationship the receiving party should be required to return or, at the disclosing party's choice, destroy all copies of the confidential information, including copies held by permitted recipients, and to provide written certification of destruction. A standard carve-out preserves copies retained for legal, regulatory, or backup purposes, with continued confidentiality obligations.

Remedies and Injunctive Relief

The NDA should expressly acknowledge that money damages may be inadequate for a breach and that the disclosing party is entitled to seek injunctive relief without needing to prove irreparable harm or post a bond. This clause materially strengthens the disclosing party's ability to obtain quick interim relief in court.

Governing Law and Jurisdiction

The NDA should specify the governing law and the courts of exclusive (or non-exclusive) jurisdiction. For UK businesses the default is England and Wales with the courts of England and Wales having exclusive jurisdiction. For cross-border NDAs, parties often pick a neutral law and venue (English law and London courts, or New York law and federal courts in the Southern District of New York) and consider whether arbitration under LCIA or ICC rules is appropriate.

How to Fill Out a Non-Disclosure Agreement: Step-by-Step Guide

Filling out an NDA correctly takes about thirty to forty-five minutes the first time and considerably less once you have a working template. The following steps walk through the process in order.

Frequently Asked Questions

Risk and Enforcement Considerations

Operational Risks

• Inadvertent disclosure: Confidential information forwarded to unauthorised personnel by mistake, often via email or shared drives
• Departing employee risk: Staff leaving with copies of customer lists, source code, or strategic plans
• Sub-contractor cascades: Information flowing to undisclosed sub-contractors not bound by equivalent obligations
• Public posting risk: Confidential information posted to LinkedIn, GitHub, or industry forums
• Audit trail gaps: Difficulty proving who saw what and when, particularly in document-heavy diligence

Legal and Procedural Risks

• Vague drafting: Definitions or scope so broad that the agreement is unenforceable
• Missing standard exclusions: No carve-outs leaves the receiving party in technical breach the moment they encounter related public information
• Jurisdictional mismatch: Choice of forum that has no connection to either party leading to enforcement difficulties
• Public policy override: Whistleblower disclosures, regulatory reporting, or court orders that override confidentiality obligations
• Statute of limitations: Delay in bringing a claim can bar recovery even where breach is clear

Demonstrating Breach

To enforce an NDA the disclosing party typically needs to show: (1) the information met the contractual definition of confidential information; (2) it was shared under the NDA; (3) the receiving party used or disclosed it outside the permitted purpose or recipients; and (4) the disclosing party suffered loss or the receiving party gained a benefit. Documentary evidence (email trails, access logs, forensic analysis of devices, employee testimony) is decisive in most cases, which is why disclosing parties should keep clear records of what was shared, when, and to whom.

Remedies in Practice

• Injunctive relief: An interim injunction can stop ongoing disclosure within days, but requires evidence of imminent harm and clean hands by the applicant
• Damages: Awarded for proven actual loss, which can be difficult to quantify for soft commercial information
• Account of profits: Where the breaching party benefited financially from the breach, the disclosing party can recover those profits
• Return or destruction orders: Court-ordered destruction of all copies of the confidential information
• Costs and legal fees: Generally recoverable from the losing party in UK courts on a standard or indemnity basis

International and Cross-Border Considerations

UK Law and the Common Law of Confidence

Under English law, confidential information is protected through a combination of contractual obligations (the NDA itself) and the common law equitable duty of confidence established in Coco v A. N. Clark (Engineers) Ltd [1969] and developed through subsequent case law. The Trade Secrets (Enforcement, etc.) Regulations 2018 transposed the EU Trade Secrets Directive into UK law and provide additional remedies for trade secret misappropriation. UK courts are generally pro-enforcement of well-drafted NDAs and routinely grant interim injunctions to prevent imminent disclosure.

EU Trade Secrets Directive

The EU Trade Secrets Directive 2016/943 harmonises trade secret protection across the European Union. To qualify for protection, information must be secret in the sense that it is not generally known, have commercial value because it is secret, and have been subject to reasonable steps to keep it secret. NDAs are a key piece of evidence of "reasonable steps" and are required for cross-border EU enforcement.

US Defend Trade Secrets Act

The US Defend Trade Secrets Act 2016 (DTSA) provides a federal cause of action for trade secret misappropriation, available alongside state law claims under the Uniform Trade Secrets Act. Importantly, the DTSA requires employers to provide whistleblower notice in NDAs and confidentiality agreements with employees and contractors. Failure to provide this notice can bar exemplary damages and attorney fees in DTSA actions.

China and the NNN Agreement

For commercial relationships involving Chinese counterparties, a standard NDA is generally insufficient. The recommended document is an NNN agreement (Non-Use, Non-Disclosure, Non-Circumvention), drafted in Chinese, governed by Chinese law, and enforceable in Chinese courts. Western-drafted NDAs governed by foreign law are slow and expensive to enforce in China.

Choice of Law and Jurisdiction

• UK domestic deals: English law, exclusive jurisdiction of the courts of England and Wales
• EU deals: English law (post-Brexit, still common), Irish law, or law of one of the parties' home jurisdictions
• US-UK deals: Choice between English law and New York or Delaware law; arbitration under LCIA or ICC rules common
• Asia-Pacific deals: Singapore International Arbitration Centre arbitration is the established neutral forum
• China deals: Chinese law and Chinese courts via an NNN agreement; Chinese language original prevails

Post-Signing Lifecycle Management

Storage and Retrieval

An NDA you cannot find when you need it has no value. Store the executed copy in a contracts management system or secure shared drive, tagged with the counterparty name, signing date, term, renewal date, and the underlying transaction it supports. For organisations that sign more than ten NDAs a year, consider a contract lifecycle management platform that surfaces obligations and alerts on key dates.

Tracking the Term

Set a calendar reminder thirty days before the term expires so you can decide whether to renew, replace with a new agreement, or let the relationship wind down. Track the survival period separately because confidentiality obligations often outlast the active relationship.

Information Hygiene During the Term

• Mark confidential information: Apply the agreed marking convention to documents, slides, emails, and chat messages
• Limit recipients: Share information only with personnel covered by the permitted recipients clause
• Use access controls: Restrict drive permissions, use named-recipient email distribution, and avoid public shareable links
• Maintain audit logs: Document who received what, when, and the basis for that access
• Train internal teams: Make sure everyone handling the information understands the permitted purpose and the marking convention

End-of-Term Actions

• Return or destroy: Action the contractual end-of-term obligation by returning physical materials and confirming destruction of digital copies
• Certify destruction: Provide written certification of destruction signed by an authorised officer
• Preserve survival obligations: Continue applying confidentiality obligations to any retained copies during the survival period
• Update internal records: Mark the contracts management system to reflect the end of the active term
• Capture learnings: Note in the contracts management system whether the NDA worked well, what to negotiate differently next time, and any relationship history relevant for future renewals

Download Your Non-Disclosure Agreement Template

Our NDA templates include all the essential provisions you need to properly scope and document confidential commercial relationships. Both the mutual and one-way templates are professionally drafted to align with English law and best practice in the UK, EU, US, and most Commonwealth jurisdictions, and can be customised for specific counterparties, transactions, or industries.

What's Included in Our Templates:

• Mutual and One-Way Variants: Pick the right structure for the relationship without redrafting from scratch
• Comprehensive Definitions: Confidential information, permitted purpose, permitted recipients, and standard exclusions
• Term and Survival Provisions: Configurable term and survival periods appropriate to commercial half-life
• Return or Destroy Mechanics: Clear end-of-term obligations with statutory retention carve-outs
• Remedies Clause: Express acknowledgement of injunctive relief and irreparable harm
• Governing Law Options: Drop-in clauses for English law, US law, and arbitration alternatives
• Counterpart Execution: Pre-formatted for electronic signing or signing in counterparts
• Implementation Guide: Step-by-step instructions for filling out and executing the document