Free Word download β’ Edit online β’ Save & share with Drive β’ Export to PDF
A Prohibited Activities document is a legally binding instrument that explicitly enumerates conduct, actions, and uses that a contracting party, employee, platform user, or business partner is forbidden from engaging in under a specific relationship or agreement. Unlike a general conduct policy, a properly drafted prohibited activities document defines each restriction with precision, establishes the geographic and temporal scope of each prohibition, identifies the parties bound, provides for monitoring and enforcement rights, and specifies the consequences β including termination, injunctive relief, and liquidated damages β that flow from a breach. The document functions as a standalone agreement or as a critical embedded section within employment contracts, platform terms of service, franchise agreements, partnership agreements, and compliance frameworks.
Without an explicit prohibited activities document, you are relying on implied obligations and jurisdiction-specific defaults to protect your business from competitive harm, data misuse, regulatory exposure, and relationship conflicts β and those defaults rarely align with what you actually need. An employee who leaves to work for a direct competitor, a platform user who scrapes proprietary data, or a franchisee who sources from unauthorized suppliers can each cause significant financial and reputational damage before you have any contractual basis to act. Courts will not invent restrictions that were not agreed to in writing; they will enforce restrictions that are specific, proportionate, and signed before the relationship begins. This template gives you a structured, enforceable starting point with defined terms, enumerated restrictions, carve-outs, monitoring rights, and remedies β everything necessary to pursue injunctive relief quickly if a violation occurs rather than spending months establishing the threshold question of whether the conduct was even prohibited.
| If your situation is⦠| Use this template |
|---|---|
| Restricting employee conduct during and after employment | Employment Contract with Non-Compete |
| Defining platform misuse restrictions for software or app users | Terms of Service Agreement |
| Restricting partner activities in a joint venture | Joint Venture Agreement |
| Prohibiting disclosure and competitive use of confidential information | Non-Disclosure Agreement |
| Restricting franchisee conduct within a franchise relationship | Franchise Agreement |
| Defining restricted contractor activities under a service engagement | Independent Contractor Agreement |
| Setting acceptable use policy for internal company technology systems | Acceptable Use Policy |
Why it matters: Courts interpret ambiguous prohibitions against the party seeking enforcement. A clause restricting 'inappropriate behavior' or 'competitive activities' without definition gives the restricted party room to argue the specific conduct was not covered.
Fix: Define every operative term in the definitions clause. For each prohibition, substitute the definition into the sentence and confirm it reads clearly and unambiguously.
Why it matters: Overly broad prohibited activities clauses β covering unlimited geography, an entire industry, or every conceivable competitive act β are struck down in full rather than narrowed in many jurisdictions, leaving the drafter with no restriction at all.
Fix: Limit each restriction to the specific conduct, territory, and time period genuinely necessary to protect the legitimate interest at stake. If the restriction survives a reasonableness challenge, it will be enforced.
Why it matters: Without a severability clause specific to the prohibited activities section, a single unenforceable restriction can void the entire section rather than just the offending clause.
Fix: Include a blue-penciling provision directly in the prohibited activities section stating that any unenforceable restriction will be modified to the minimum extent necessary to make it enforceable.
Why it matters: A cure period for willful misconduct β such as deliberate data exfiltration or intentional solicitation of protected customers β gives the bad actor time to cover their tracks and repeat the conduct just within the cure window.
Fix: Explicitly carve out intentional, fraudulent, and repeat violations from cure rights. State that only inadvertent, first-instance, and curable breaches qualify for the notice-and-cure process.
Why it matters: Selecting California, Minnesota, or EU member state law for a non-compete or broad solicitation ban virtually guarantees the restriction will be unenforceable, regardless of how carefully it was drafted.
Fix: Before finalizing governing law, verify that the selected jurisdiction permits each specific type of restriction included. If the restricted party operates in a hostile jurisdiction, seek local counsel before executing.
Why it matters: In common-law jurisdictions, a party who has already commenced work or platform use has provided no new consideration for post-execution restrictions, potentially voiding non-compete, non-solicit, and IP-related prohibitions.
Fix: Execute the prohibited activities agreement β whether standalone or embedded in a larger contract β before the employment, service, or access relationship begins. If that is not possible, provide documented fresh consideration at the time of signing.
In plain language: Precisely defines every key term used in the prohibited activities provisions, including 'Prohibited Activity,' 'Restricted Party,' 'Competing Business,' and 'Confidential Information.'
For purposes of this Agreement, 'Prohibited Activity' means any conduct listed in Section [X], including but not limited to [DESCRIPTION]. 'Restricted Party' means [PARTY NAME] and its affiliates, officers, directors, and employees.
Common mistake: Using undefined or vague terms like 'inappropriate conduct' without precise definitions β courts will interpret ambiguity against the drafter, making the restriction unenforceable.
In plain language: States which parties are bound by the prohibitions, the geographic territory covered, the time period during which restrictions apply, and whether restrictions survive termination of the agreement.
The restrictions set out in this Section apply to [RESTRICTED PARTY] during the Term and for a period of [DURATION] following termination or expiration of this Agreement, within [GEOGRAPHIC AREA / worldwide].
Common mistake: Failing to specify whether restrictions survive termination β if the contract is silent, a court may rule the prohibitions expire with the agreement.
In plain language: An exhaustive, specifically itemized list of the exact activities that are forbidden, written with enough specificity that a reasonable person knows precisely what is and is not permitted.
The Restricted Party shall not, directly or indirectly: (a) engage in [SPECIFIC ACTIVITY]; (b) use [PLATFORM / SYSTEM / INFORMATION] for [PURPOSE]; (c) solicit [CUSTOMERS / EMPLOYEES] of [COMPANY NAME]; or (d) [ADDITIONAL PROHIBITED CONDUCT].
Common mistake: Using a catch-all 'including but not limited to' list without anchoring specific examples β overbroad lists are routinely struck down for failing the reasonableness test.
In plain language: Identifies specific circumstances in which otherwise prohibited conduct is permitted, such as activities conducted with prior written consent, pre-existing relationships, or conduct required by law.
Notwithstanding Section [X], the restrictions shall not apply to: (a) activities expressly authorized in writing by [COMPANY NAME]; (b) [PARTY]'s existing relationships listed in Schedule [X]; or (c) conduct required by applicable law or regulation.
Common mistake: Omitting a carve-out for legally mandated conduct β a party who is required by a regulator to take an action should not be in breach of contract for doing so.
In plain language: Grants the non-restricted party the right to monitor compliance, request records, and conduct audits to verify that prohibited activities are not occurring.
[COMPANY NAME] reserves the right, upon [X] days' written notice, to audit [RESTRICTED PARTY]'s records, systems, and activities to verify compliance with this Section. [RESTRICTED PARTY] shall cooperate fully and provide access to relevant documentation.
Common mistake: Granting unlimited, warrantless monitoring rights without reasonable notice requirements β in employee contexts, overly broad monitoring rights can violate privacy laws in multiple jurisdictions.
In plain language: Requires the restricted party to promptly disclose any actual or potential violation, conflict of interest, or circumstance that may give rise to a prohibited activity.
[RESTRICTED PARTY] shall notify [COMPANY NAME] in writing within [X] business days of becoming aware of any actual or reasonably anticipated breach of this Section, including any [CONFLICT OF INTEREST / SOLICITATION ATTEMPT / UNAUTHORIZED USE].
Common mistake: Setting the notification window too long β a 30-day notice period for a data misuse violation, for example, leaves the non-breaching party exposed to significant ongoing harm.
In plain language: Specifies the contractual consequences of a breach β including termination rights, liquidated damages, injunctive relief, and the non-restricted party's right to seek additional remedies at law or equity.
Any breach of this Section shall constitute a material breach of this Agreement entitling [COMPANY NAME] to: (a) immediately terminate this Agreement; (b) seek injunctive or other equitable relief without bond; and (c) recover liquidated damages of $[AMOUNT] per violation, in addition to actual damages.
Common mistake: Setting liquidated damages at a level that a court would consider punitive rather than compensatory β if the amount is disproportionate to anticipated harm, the clause may be struck down in its entirety.
In plain language: Provides the breaching party with a defined period to remedy a non-material or inadvertent violation before the non-breaching party may exercise termination or damages remedies.
If [RESTRICTED PARTY] commits a curable breach of this Section, [COMPANY NAME] shall provide written notice specifying the breach. [RESTRICTED PARTY] shall have [10 / 20 / 30] days from receipt of such notice to cure the breach to [COMPANY NAME]'s reasonable satisfaction.
Common mistake: Granting cure rights for every type of violation, including intentional or fraudulent breaches β cure rights should be expressly excluded for willful misconduct or repeat violations.
In plain language: States that if any individual prohibited activities provision is held unenforceable, it will be modified to the minimum extent necessary to make it enforceable, and the remaining provisions remain in full effect.
If any restriction in this Section is found by a court to be unenforceable as written, it shall be modified to the minimum extent necessary to make it enforceable, and all other provisions of this Agreement shall remain in full force and effect.
Common mistake: Relying on a generic severability clause in the boilerplate rather than a specific blue-penciling provision within the prohibited activities section itself β courts treat the two differently.
In plain language: Identifies which jurisdiction's law governs the interpretation and enforcement of the prohibited activities provisions and the forum for resolving disputes.
This Section shall be governed by and construed in accordance with the laws of [STATE / PROVINCE / COUNTRY], without regard to conflict-of-laws principles. Any dispute arising under this Section shall be resolved by [ARBITRATION / LITIGATION] in [CITY / JURISDICTION].
Common mistake: Selecting a governing law that bars the specific restrictions included β for example, choosing California law for a broad non-compete or non-solicit clause that California courts will refuse to enforce.
Enter the full legal names of both parties and state the relationship giving rise to the restrictions β employment, platform use, franchise, partnership, or service engagement. The relationship context determines which types of restrictions are appropriate and enforceable.
π‘ Use registered legal entity names, not trade names or brand names, to ensure the document is enforceable against the correct legal person.
Complete the definitions section first. Write a precise, one-sentence definition for each term you will use in the prohibited activities list β 'Competing Business,' 'Restricted Territory,' 'Platform,' 'Confidential Information.' Every term that appears in the restrictions must be defined here.
π‘ If you can substitute the definition for the term in any sentence and it still makes perfect sense, the definition is strong enough.
List each prohibited activity as a separate, lettered sub-clause. Be specific β name the exact conduct, not a category of conduct. For technology contexts, name the specific systems, data types, or actions restricted. For employment contexts, name the specific competitive acts forbidden.
π‘ Read each item aloud and ask whether a reasonable employee or counterparty could genuinely argue they did not know the conduct was prohibited. If yes, rewrite it.
Fill in the geographic territory, the duration of restrictions, and whether they apply during the agreement only or also post-termination. For employment contexts, typical enforceable durations are 6β12 months. For platform use, restrictions typically run for the life of the agreement.
π‘ In jurisdictions that apply a reasonableness test, shorter and narrower restrictions are far more likely to survive a challenge than broad ones.
Identify any conduct that would otherwise fall within the prohibited activities list but that you need to explicitly permit β pre-existing relationships, legally required actions, or consent-based exceptions. List each carve-out as a numbered exception in the exceptions clause.
π‘ A well-drafted exceptions clause actually strengthens the main prohibition by signaling that the drafting was deliberate and considered, not overbroad.
Enter the remedies available for breach β termination rights, injunctive relief, and any liquidated damages amount. Set liquidated damages at a figure that approximates actual anticipated harm, not a penalty. Define which breaches qualify for a cure period and the cure window (typically 10β30 days).
π‘ Expressly exclude cure rights for intentional, fraudulent, or repeat violations β including them inadvertently is one of the most common drafting errors.
Choose a governing law that permits the specific restrictions you have included. Verify that the chosen jurisdiction does not ban or severely limit the type of restriction at issue β particularly for non-competes and post-employment solicitation bans.
π‘ If the restricted party works or operates in a different state or country from the contracting entity, consult local counsel on whether the chosen governing law will actually be applied.
Both parties must sign the document before the employment, platform access, or partnership relationship commences. Post-commencement signatures create consideration problems in common-law jurisdictions that can void restrictive covenants.
π‘ For employment contexts, document that the employee received the agreement at least one business day before signing β some jurisdictions require a meaningful opportunity to review.
A prohibited activities clause is a provision in a contract or standalone legal document that explicitly lists conduct the signing party is forbidden from engaging in β during the agreement, post-termination, or both. It defines the restricted conduct with precision, sets the geographic and temporal scope of the restriction, and specifies the consequences of a breach. Prohibited activities clauses appear in employment contracts, platform terms of service, franchise agreements, partnership agreements, and compliance policies.
A standalone prohibited activities document is appropriate when the restrictions are extensive enough to warrant their own agreement β for example, in platform or marketplace contexts where user conduct rules are lengthy and separate from the main service terms, or in compliance-heavy industries where regulators expect documented conduct standards. For most employment and partnership contexts, prohibited activities provisions are embedded within the main contract rather than issued as a separate document.
Yes, generally enforceable when properly drafted β but courts apply a reasonableness standard, particularly for post-employment restrictions and competitive activity prohibitions. A clause that is overly broad in scope, duration, or geography is more likely to be struck down than enforced. Precise definitions, proportionate scope, and a severability provision significantly improve the enforceability of prohibited activities clauses in most jurisdictions.
A non-compete is a specific type of prohibited activities restriction that prevents a party from working for or starting a competing business. A prohibited activities clause is broader β it can cover any type of restricted conduct, including data misuse, solicitation of customers or employees, unauthorized system access, regulatory violations, and competitive activity. Non-competes are one category of prohibited activities; prohibited activities documents typically contain several additional categories beyond competition.
Handbooks can document prohibited conduct policies, but they are generally not binding contracts unless explicitly stated and acknowledged in writing. For restrictions you need to enforce legally β particularly non-compete, non-solicit, IP assignment, and data use prohibitions β embed them in the signed employment contract. A handbook reference alone typically cannot support injunctive relief or liquidated damages claims.
The most common remedies are injunctive relief (a court order to stop the activity immediately), liquidated damages (a pre-agreed sum per violation), actual damages (documented financial losses caused by the breach), and contract termination. Injunctive relief is particularly valuable because it acts quickly without requiring proof of the full dollar value of harm β courts typically grant it where the breach is ongoing and monetary damages alone would be inadequate.
Only if the contract explicitly states they do. A scope clause should clearly specify which restrictions apply during the agreement only, which survive for a defined post-termination period, and which survive indefinitely (such as confidentiality obligations for trade secrets). Without explicit survival language, courts in many jurisdictions presume restrictions expire when the contract ends.
Specific enough that a reasonable person in the restricted party's position would know, without ambiguity, whether a particular act is prohibited or not. Generic categories like 'competitive activities' or 'misuse of systems' are insufficient. Each restriction should name the specific conduct, the specific systems or relationships covered, and the specific adverse outcome the restriction is designed to prevent. Courts enforce restrictions they can read clearly; they strike down restrictions they have to guess at.
For straightforward internal policies and platform terms, a high-quality template reviewed by counsel is usually sufficient. Engage a lawyer when the restrictions involve post-employment non-competes or non-solicits in multiple jurisdictions, when the restricted party is a senior executive or key technical contributor, when the document is intended to support injunctive relief proceedings, or when the relationship is in a heavily regulated industry. A 1β2 hour template review typically costs $300β$800 and is worthwhile when enforcement is a real possibility.
An NDA restricts one specific category of prohibited activity β the disclosure or misuse of confidential information. A prohibited activities document is broader, covering multiple types of restricted conduct including competition, solicitation, system misuse, and regulatory violations. For relationships where confidentiality is the only concern, a standalone NDA is sufficient; where multiple conduct restrictions are needed, a prohibited activities document is more appropriate.
A non-compete agreement focuses exclusively on preventing a party from engaging in competitive business activities after leaving an employment or partnership relationship. A prohibited activities document encompasses non-compete restrictions as one of several enumerated prohibitions, also covering solicitation, data misuse, and other conduct. Use a standalone non-compete when competitive activity is the only concern; use a prohibited activities document when multiple distinct conduct restrictions are required.
A terms of service agreement is a comprehensive platform contract covering access rights, payment, intellectual property, liability limitations, and prohibited activities as one section. A standalone prohibited activities document isolates and expands the restricted-conduct provisions in detail. For a software platform or marketplace, the ToS is the governing document; the prohibited activities provisions within it can be extracted and expanded into a standalone document for compliance or enforcement contexts.
An employment contract governs the entire employment relationship β compensation, duties, IP assignment, and termination β with prohibited activities provisions as embedded clauses. A standalone prohibited activities document can be issued as a separate agreement alongside the employment contract, often when the restrictions are detailed enough to warrant their own document or when they need to be updated independently of the main contract.
Platform misuse restrictions β unauthorized scraping, API abuse, reverse engineering, and credential sharing β are typically the core prohibited activities in SaaS terms of service agreements.
Regulatory conduct restrictions are mandatory in financial services, covering prohibited trading activities, insider information misuse, client fund handling, and anti-money-laundering compliance obligations.
HIPAA-related prohibited activities β unauthorized access to patient records, impermissible disclosures, and prohibited uses of protected health information β must be precisely enumerated to satisfy regulatory and contractual requirements.
Franchisors use prohibited activities clauses to prevent franchisees from operating competing concepts, sourcing from unauthorized suppliers, or modifying brand standards β violations that can compromise the entire franchise network.
Enforceability of prohibited activities restrictions β particularly non-competes and non-solicits β varies sharply by state. California, Minnesota, North Dakota, and Oklahoma ban most post-employment competitive restrictions. The FTC proposed a near-total non-compete ban in 2024, which was blocked in federal court as of 2025 β verify current status before relying on it. Reasonableness in scope, duration, and geography is the governing standard in states that permit restrictions.
Canadian courts apply a strict reasonableness test to prohibited activities restrictions, particularly non-competes and non-solicits. Post-employment non-competes are difficult to enforce unless the restriction is the minimum necessary to protect a legitimate proprietary interest. Ontario's Employment Standards Act and similar provincial statutes set floors on termination entitlements that interact with prohibited activities clauses. Quebec contracts must comply with the Civil Code's requirements for restrictive covenants.
Post-employment restrictions are enforceable in the UK if they protect a legitimate business interest and go no further than reasonably necessary. Courts apply a 'blue-pencil' approach β striking individual unenforceable words rather than the whole clause β provided the remaining text makes sense. Garden leave provisions are commonly paired with prohibited activities restrictions to protect competitive interests during the notice period. The Retained EU Law (Revocation and Reform) Act 2023 has introduced some regulatory divergence from EU standards.
EU member states impose significant limits on post-employment prohibited activities restrictions. Non-competes in many member states β including Germany, France, and the Netherlands β require the employer to pay financial compensation to the restricted party, typically 25β100% of the employee's salary during the restriction period. GDPR compliance must be addressed in any monitoring and audit rights provisions that involve processing personal data. The EU Platform to Business Regulation imposes additional conduct restriction requirements on digital marketplace operators.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Internal conduct policies, platform terms of service, and standard employment contracts for non-executive hires in a single jurisdiction | Free | 30β60 minutes |
| Template + legal review | Cross-jurisdictional restrictions, senior employee non-competes, or documents intended to support injunctive relief proceedings | $300β$800 | 2β5 days |
| Custom drafted | Heavily regulated industries, multi-jurisdiction platform deployments, or executive-level restrictions with significant enforcement exposure | $1,500β$5,000+ | 1β3 weeks |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Start freeΒ Β·Β No credit card required
