Free to read β’ Save or share with one click
A How to Write an NDA guide is a structured operational document that walks you through every clause of a Non-Disclosure Agreement β explaining what each section does, what language to use, and what mistakes to avoid before you present it to a counterparty. It combines plain-English explanations with sample language and drafting tips so that business owners, founders, and operators who are not lawyers can produce a legally sound NDA without starting from a blank page. The guide covers the full structure of both one-way and mutual NDAs, from the parties clause through governing law and boilerplate.
Sharing confidential information without a signed NDA in place is one of the most common and costly operational mistakes in early-stage business. Once a competitor, former partner, or departing employee has your product roadmap, pricing model, or customer list, there is no practical way to un-disclose it β and without a written agreement, there is no legal basis to stop them from using it. An unsigned pitch meeting, an undocumented vendor conversation, or a handshake partnership discussion can expose trade secrets that took years to develop. This guide ensures every section of your NDA is present, correctly scoped, and drafted tightly enough to hold up when it matters β before the first piece of confidential information leaves your hands.
| If your situation is⦠| Use this template |
|---|---|
| Both parties will share confidential information with each other | Mutual Non-Disclosure Agreement |
| Only one party is disclosing confidential information | One-Way Non-Disclosure Agreement |
| Protecting confidential information shared with a new hire | Employee Non-Disclosure Agreement |
| Sharing sensitive data with an independent contractor | Contractor Confidentiality Agreement |
| Exploring a potential acquisition or merger | M&A Non-Disclosure Agreement |
| Disclosing proprietary technology to a potential licensing partner | Technology Non-Disclosure Agreement |
| Protecting business information in a joint venture setup | Joint Venture Non-Disclosure Agreement |
Why it matters: Confidential information disclosed before execution is not covered by the agreement. A retroactive clause can help but is not always enforceable in every jurisdiction.
Fix: Establish a firm policy: no sensitive information β including in pitch meetings or demos β until a signed NDA is in hand. Use a standard short-form NDA that can be executed in under 10 minutes.
Why it matters: An overly broad definition β 'any information shared between the parties' β can make the NDA unenforceable because courts require reasonable scope. It also makes compliance impossible for the receiving party.
Fix: List specific categories of information relevant to the actual relationship. Broad catch-all language should supplement, not replace, a specific list.
Why it matters: A 1-year NDA protecting a 5-year product roadmap means the information is unprotected for 4 of those years. Competitors can legally use the information once the term expires.
Fix: Match the term to the useful competitive life of the information. Add an explicit provision that trade secret protection survives the NDA's stated term.
Why it matters: Without this clause, a breaching party can argue the disclosing party must quantify damages before seeking emergency court relief β a process that takes months while the harm compounds.
Fix: Include a standard acknowledgment that breach causes irreparable harm and that the disclosing party is entitled to seek injunctive relief without posting bond or proving actual damages.
Why it matters: If a company signs under an individual's name, the NDA may bind only that person β not the organization β leaving the company free to use your information.
Fix: Always identify business parties by their full registered legal entity name and have a duly authorized signatory execute on the entity's behalf, stating their title.
Why it matters: If a court finds one provision β such as the confidentiality term β unreasonably broad and strikes it, the absence of a severability clause can void the entire agreement.
Fix: Add a standard severability clause stating that if any provision is found invalid or unenforceable, the remaining provisions continue in full force and effect.
Decide whether both parties will be sharing confidential information (mutual) or only one party (one-way). The answer drives the structure of the obligations section and the party definitions throughout.
π‘ Default to mutual when the relationship involves any back-and-forth sharing β even if your information is more sensitive, a mutual structure is easier to get signed quickly.
Use each party's registered legal entity name exactly as it appears in corporate filings. Describe the purpose of disclosure in one specific sentence β 'evaluation of a potential software development partnership' rather than 'business purposes.'
π‘ The stated purpose limits how the receiving party can use your information. A vague purpose gives them more latitude than you intend.
List the specific categories of information you are sharing β financial data, customer lists, technical specifications, source code β and state that both written and oral disclosures are covered. Avoid relying on a marking requirement as the sole trigger.
π‘ If you are sharing particularly sensitive information, add a specific examples list inside the definition to remove any ambiguity about what is covered.
Include the four standard exclusions: public domain, prior knowledge, independent development, and legally compelled disclosure. Confirm the legally compelled carve-out requires prior written notice to the disclosing party where permitted by law.
π‘ Add a sentence requiring the receiving party to notify you before making a compelled disclosure so you have the option to seek a protective order.
State the standard of care (at least the same care the receiving party uses for its own confidential information), the permitted purpose, and who within the receiving party's organization may access the information.
π‘ Name the permitted purpose as narrowly as possible β the more specific it is, the easier it is to prove a breach if the information is used outside that scope.
Choose a term appropriate to the sensitivity of the information β 2 years for general business information, 5 years for technical IP, indefinite for trade secrets. Add a written certification requirement for destruction.
π‘ For trade secrets, include a sentence stating that trade secret protection continues for as long as the information qualifies as a trade secret under applicable law, regardless of the NDA's stated term.
Confirm that the remedies section preserves the right to seek injunctive relief and that the governing law matches the jurisdiction where you operate or where the most sensitive information resides.
π‘ If both parties are in different states, choose the jurisdiction with stronger trade secret protection β most practitioners default to Delaware or New York for US-domestic NDAs.
Have both parties sign a dated copy before any confidential information is shared. Store the fully-executed copy in a secure location with clear reference to the transaction or relationship it covers.
π‘ Use a consistent NDA file-naming convention β YYYY-MM-DD_NDA_[Party A]_[Party B] β so executed agreements are searchable when disputes arise.
An NDA (Non-Disclosure Agreement) is a contract that legally obligates one or both parties to keep specified information confidential and to use it only for the purpose stated in the agreement. It creates a private legal remedy β including the right to seek injunctive relief β if confidential information is disclosed or misused. NDAs are used across virtually every industry wherever sensitive commercial information changes hands before a formal deal is closed.
At minimum: the parties' legal names, the purpose of the disclosure, a precise definition of confidential information with explicit exclusions, the receiving party's obligations and permitted use, the term of the agreement, a return-or-destroy provision, a no-license clause, an injunctive-relief remedy, and governing law. Missing any of these creates gaps that reduce enforceability and complicate breach claims.
A one-way NDA protects information flowing in one direction only β the receiving party is bound; the disclosing party is not. A mutual NDA protects information flowing in both directions, with each party bound as both discloser and receiver. Use a mutual NDA whenever both parties will be sharing sensitive information, even if the volume of disclosure is asymmetric β it is usually easier to negotiate and sign.
Most commercial NDAs run 2 to 5 years. The right term depends on the sensitivity and competitive lifespan of the information. General business information typically warrants 2β3 years; product roadmaps and technical IP warrant 5 years. Trade secrets should be protected indefinitely β add explicit language stating that trade secret protection survives the NDA's stated term for as long as the information qualifies as a trade secret under applicable law.
For standard commercial NDAs covering typical business information, a high-quality template is sufficient for most small businesses and startups. Engage a lawyer when the information involves patentable technology, when the counterparty is a large enterprise with its own legal team, or when cross-border disclosures trigger multiple jurisdictions' trade secret laws. A lawyer review of a completed template typically costs $200β$500 and is worthwhile for high-stakes relationships.
A retroactive NDA can be structured to cover previously disclosed information by including an effective date prior to the signing date, but enforceability of the retroactive coverage varies by jurisdiction. Some courts decline to enforce obligations for disclosures made before the contract existed. The safest practice is always to sign before sharing any confidential information.
The four standard exclusions are: information that is or becomes publicly available through no fault of the receiving party; information the receiving party already knew before the disclosure; information the receiving party independently developed without using the confidential information; and information the receiving party is legally compelled to disclose, provided they give prior notice to the disclosing party where permitted. These exclusions are nearly universal and courts expect to see them.
The disclosing party can seek monetary damages for quantifiable losses and β more importantly β injunctive relief to stop the breach immediately. Because NDA breaches often involve competitive information whose monetary value is difficult to quantify, injunctive relief is typically the primary remedy. A well-drafted NDA includes an explicit acknowledgment that breach causes irreparable harm, which makes it easier to obtain an emergency court order to stop the disclosure.
Yes β the terms are used interchangeably. 'Non-Disclosure Agreement' and 'Confidentiality Agreement' describe the same type of contract. Some industries and practitioners prefer one term over the other, but the underlying legal structure and enforceability are identical. In the employment context, the document is sometimes called a 'confidentiality and non-disclosure agreement' to signal that it covers both ongoing and post-employment obligations.
The NDA template is the ready-to-sign contract itself β parties fill in their names, sign, and execute. This guide explains how each clause works, what to include, common mistakes, and how to calibrate the definition of confidential information for the specific relationship. Use the guide to understand what you are signing; use the NDA template to actually sign it.
A mutual NDA is pre-structured for two-way disclosure, with symmetric obligations on both parties. This guide covers both one-way and mutual structures and helps you decide which is appropriate. If you have already decided on a mutual arrangement, the mutual NDA template gets you to execution faster without needing to restructure a one-way template.
A standalone NDA protects information shared before or outside of any formal agreement. A confidentiality clause embedded in a larger contract β such as an independent contractor agreement or employment contract β protects information within that specific relationship. Use a standalone NDA when the relationship is still exploratory; use an embedded clause once a formal engagement document exists.
An employee NDA is specifically drafted for the employment context β it integrates with onboarding, references the employment relationship as consideration, and typically runs for the duration of employment plus a defined post-employment period. A general commercial NDA is appropriate for contractors, partners, and investors but is not optimized for the employment relationship and may omit post-employment obligations.
Source code, algorithms, product roadmaps, and API specifications require a broad definition of confidential information covering both written and oral disclosures, with an indefinite trade secret carve-out.
Client data, proprietary trading strategies, and deal terms shared during M&A diligence require enhanced data-handling obligations and explicit restrictions on electronic storage and transmission.
Clinical trial data, patient records, and drug formulations require confidentiality obligations that run concurrently with β and do not replace β HIPAA and FDA regulatory requirements.
Production processes, supplier pricing, and proprietary materials specifications benefit from a narrow permitted-use clause tied specifically to the evaluation of a supply or licensing relationship.
Client engagement data, methodologies, and pricing structures shared during RFP processes require a clear need-to-know restriction limiting internal circulation to the proposal team only.
Vendor pricing, customer segmentation data, and seasonal product strategies shared with logistics or marketing partners require a mutual NDA with a short term of 2β3 years aligned to product cycles.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Startups, small businesses, and freelancers protecting standard commercial information with domestic counterparties | Free | 15β30 minutes |
| Template + professional review | Businesses sharing patentable technology, large-enterprise counterparties, or cross-border disclosures | $200β$500 for a lawyer review | 1β3 days |
| Custom drafted | M&A diligence, clinical trial data, or any situation where the counterparty's legal team is already involved | $500β$2,000+ | 1β2 weeks |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Start freeΒ Β·Β No credit card required
