There are several occasions in a business where you may wish to exchange confidential information with a third party. The key to doing so securely is ensuring that the other party is required to maintain your confidential information and not use it against you. Non-Disclosure Agreements are a standard method for protecting the confidentiality of privileged information shared with a third party.
A non-disclosure agreement (“NDA”) is a legally binding contract that establishes a confidential relationship and ensures that certain information will remain confidential. By signing an NDA, the parties to the agreement agree that sensitive information they may obtain will not be made available to others. An NDA binds a person who has signed it and prevents them from discussing any information included in the contract with any non-authorised party.
Confidential information is not defined or listed in any specific manner. Usually, the party sharing confidential information would desire a broad definition of confidential information to prevent the receiving party from misusing the disclosed information.
When referring to a company’s business, “confidential information” can refer to both written and verbal information. However, the receiving party would usually prefer that the term “confidential information” refer only to anything marked as such in writing. Since it will be challenging to establish the disclosure and receipt of oral information, it is customary for the disclosing party to certify the confidentiality of any oral information communicated in writing within a specified period after the disclosure.
Having defined the three distinct NDAs, we can move on to discussing best practices for drafting and administering these agreements.
1. Name of Parties
To accurately identify the parties to a contract, it is essential to include their full names and legal or registered addresses. Except in a bilateral or mutual NDA, the parties will typically be referred to as the “disclosing party” and “the receiving party.”
2. Effective Date and Duration of Confidentiality
To minimise ambiguity and uncertainty, it is essential to define and conclude the date from which the information received will be covered. In addition, the parties must guarantee that the NDA specifies a period during which they will preserve confidentiality, which typically begins on the day of disclosure. To further protect the confidentiality of the information, contracting parties may include a survivor clause on confidentiality obligations, for example;
“A party’s obligations under this Agreement shall survive the completion of the Project and remain enforceable for a period of five (5) years from the date of completion of the Project or, from the date of the early termination of this Agreement, whichever is later.”
3. Definition of Confidential Information
This section should clarify which information exchanged and disclosed between the parties throughout the transaction will be considered confidential information.
4. Protection of Confidential Information
Financial data, client lists, trade secrets and other information that falls under the definition of “confidential information” should be concealed at all times, and a proper NDA will stipulate as much. Your NDA requires that all information given and received be kept under wraps and used only for the intended purpose. The receiving part of an NDA should be prohibited from exploiting the disclosed information for their own or another’s financial gain. Disclosures should limit their use to those specific business purposes.
5. Standard to Manage Information
The basic NDA should also specify which party would be responsible for maintaining the confidentiality of the information. In practice, each party shall hold the same discretion with the other’s privileged information as they would with their information. Only if the receiving party has implemented measures to ensure the confidentiality of the information (such as restricting access to it) would such treatment be considered permissible.
Therefore, it is crucial to investigate and study the receiving party’s practises regarding sustaining the secrecy of its own information before signing a confidentiality agreement. If those practices are suboptimal or non-existent, the NDA should contain specific provisions concerning limiting access to confidential information, which makes it very clear what the standards could be for handling confidential information.
6. No Implied License
Every NDA must have a provision which states that the receiving party does not have an implied license to disclose or use sensitive information in an inappropriate or prohibited manner. In some cases, parties may add language stating they should have an implied license to use confidential information. In the future, this may pose the risk of the information being misappropriated, or the disclosing party may never know how or to whom the information was exposed.
7. Return and Destruction of Information
To maintain long-term secrecy and security, the receiving party should either return the information or delete it from their systems once the period of non-disclosure has ended. A good NDA should include this provision to clarify how the information received should be returned or destroyed after the demise of the relationship between the parties.
8. Remedies for the Breach
It is vital to have a damages clause or an injunction in case of a breach of confidentiality before signing an NDA. The disclosing party may be subjected to irreparable injury, loss and damage if the confidentiality duties are breached; the entire extent of this damage may be hard to quantify and cannot be fully compensated in monetary damages. In addition to legal or equitable remedies, the disclosing party will typically seek injunctive or other equitable relief against the receiving party to prevent any subsequent or ongoing breach of the receiving party’s duties.
Not only are NDAs economical and legally binding, but they can also help to avoid costly lawsuits between the parties and provide them peace of mind when conducting business together and, thus, should be considered to protect sensitive and vital information exchanged with employees, business partners and investors.