How to Write an NDA: A Complete Guide for Business Owners

What Is a Non-Disclosure Agreement?

A non-disclosure agreement (NDA) is a legally binding contract that establishes a confidential relationship between the parties that sign it. The party or parties signing the NDA agree that sensitive information they may obtain will not be made available to any other parties. An NDA may also be referred to as a confidentiality agreement, a confidential disclosure agreement, or a proprietary information agreement.

NDAs are one of the most common legal documents in business. Whether you are hiring a new employee, pitching investors, onboarding a contractor, or exploring a partnership, an NDA protects your proprietary information before you share it.

When Do You Need an NDA?

Not every conversation requires an NDA, but there are several situations where having one is essential:

• Hiring employees or contractors who will access trade secrets, customer lists, or proprietary processes
• Pitching your startup to investors or potential acquirers
• Entering into a joint venture or partnership where both sides share sensitive information
• Outsourcing work that involves access to your codebase, formulas, or designs
• Sharing business plans with advisors, consultants, or potential co-founders
• Negotiating a business sale or merger where financials and customer data are disclosed

The general rule is simple: if someone outside your organization will see information that could hurt your business if it became public, you should have an NDA in place first.

Mutual vs. Unilateral NDAs

There are two main types of NDAs, and choosing the right one matters.

Unilateral NDA

A unilateral NDA is a one-way agreement. One party (the disclosing party) shares confidential information, and the other party (the receiving party) agrees to keep it secret. This is common when:

• You are hiring a contractor to build something proprietary
• An employee will access trade secrets
• You are sharing a business plan with a potential investor

Mutual NDA

A mutual NDA (also called a bilateral NDA) means both parties agree to keep each other's information confidential. This is the right choice when:

• Two companies are exploring a partnership and both will share proprietary data
• A merger or acquisition discussion is underway
• Co-development agreements where both sides contribute intellectual property

In practice, many business relationships benefit from a mutual NDA even when the exchange seems one-sided. If there is any chance both parties will share sensitive information, a mutual NDA is the safer default.

Key Clauses Every NDA Should Include

A strong NDA does not need to be dozens of pages long. In fact, the best NDAs are concise and specific. Here are the essential clauses:

1. Definition of Confidential Information

This is the most important section. Be specific about what counts as confidential. Vague language like "all information shared" can be difficult to enforce. Instead, define categories:

• Technical data, trade secrets, and proprietary processes
• Business plans, financial projections, and pricing strategies
• Customer lists, vendor relationships, and marketing plans
• Software code, algorithms, and product designs
• Any information marked as "Confidential" in writing

2. Obligations of the Receiving Party

Spell out what the receiving party must and must not do with the information. Common obligations include:

• Using the information only for the stated purpose
• Not disclosing the information to third parties without written consent
• Taking reasonable measures to protect the information (at least the same care they use for their own confidential data)
• Limiting internal access to employees or contractors who genuinely need to know

3. Exclusions from Confidentiality

No NDA should be absolute. Standard carve-outs protect the receiving party from unreasonable claims. Information is typically excluded if it:

• Was already publicly known at the time of disclosure
• Becomes publicly known through no fault of the receiving party
• Was already in the receiving party's possession before disclosure
• Is independently developed by the receiving party without reference to the confidential information
• Is disclosed pursuant to a court order or legal requirement (with notice to the disclosing party)

4. Term and Duration

Specify how long the NDA lasts and how long the confidentiality obligations survive. Common approaches:

• The NDA itself might last 1-3 years (the period during which information may be shared)
• Confidentiality obligations often survive for 2-5 years after the NDA expires or terminates
• For trade secrets, obligations typically last as long as the information remains a trade secret

5. Remedies for Breach

State what happens if someone breaks the agreement. Most NDAs include:

• The right to seek injunctive relief (a court order to stop further disclosure)
• The right to recover damages (monetary compensation for losses)
• A statement that monetary damages alone would be insufficient, justifying emergency court action

6. Return or Destruction of Information

When the relationship ends, the receiving party should be required to return or destroy all confidential information. Include a provision requiring written confirmation that destruction is complete.

Common Mistakes to Avoid

Even well-intentioned NDAs can fail if they contain these errors:

Being too vague about what is confidential. If your NDA says "everything we discuss," a court may find it too broad to enforce. Be specific.

Setting an unreasonable duration. An NDA that lasts "forever" for non-trade-secret information may be struck down. Keep it proportional to the sensitivity of the information.

Forgetting to include exclusions. Without standard exclusions, the receiving party has no safe harbor. Courts look unfavorably on NDAs with no carve-outs.

Not specifying governing law and jurisdiction. If a dispute arises, you want to know which state's law applies and where the case will be heard. Include a governing law clause.

Using a template without customizing it. Every NDA should reflect the specific relationship and information being protected. A generic template is a starting point, not a finished product.

Failing to get signatures from the right people. Make sure the signatory has authority to bind the company. An NDA signed by someone without signing authority may be unenforceable.

Practical Tips for Stronger NDAs

1. Mark documents as confidential. Even though your NDA should not rely solely on markings, labeling documents "Confidential" reinforces your position in any dispute.

2. Keep records of what you shared. Maintain a log of confidential information disclosed under the NDA. This makes enforcement easier if a breach occurs.

3. Review and update regularly. Business relationships evolve. If the scope of shared information changes, consider updating the NDA or executing a new one.

4. Consider non-solicitation clauses. If appropriate, add provisions preventing the receiving party from poaching your employees or customers during the NDA period.

5. Have both parties sign the same document. Avoid situations where each side has a different version. One signed copy, shared between parties, avoids confusion.

How Vinny Can Help

Drafting an NDA from a blank page is daunting, especially if you are not a lawyer. Vinny's template library includes customizable NDA templates — both mutual and unilateral — that you can adapt to your specific situation using plain-language AI guidance. Upload an existing NDA and Vinny will analyze it, flag missing clauses, and score potential risks so you know exactly where you stand before signing.

---

This article is for informational purposes only and does not constitute legal advice. Consult a licensed attorney for advice specific to your situation.