How to Write a Confidentiality Agreement or NDA – Confidentiality Agreements and Non-Disclosure Agreements (NDAs) are some of the most useful and widely used legal contracts. This guide explains the who, what, when, where, how and why of Confidentiality Agreements. So read on.
Legal issues covered in this guide
Click on any of the questions below to jump to that section of this legal guide.
- What is a Confidentiality Agreement?
- What is a Non-Disclosure Agreement or NDA?
- What is the difference between a Confidentiality Agreement and a Non-Disclosure Agreement (NDA)?
- What is the difference between a Confidentiality Agreement and a Non-Compete Agreement?
- What is a Mutual or Reciprocal Confidentiality Agreement?
- How does a Confidentiality Agreement work?
- Why use a Confidentiality Agreement?
- What are the risks of not using a Confidentiality Agreement?
- When should I use a Confidentiality Agreement?
- What information can be protected with a Confidentiality Agreement?
- What information can not be protected with a Confidentiality Agreement?
- Who can be prevented from disclosure by a Confidentiality Agreement?
- Will a Confidentiality Agreement protect my information from being stolen?
- What can I do to further protect my Confidential Information?
- Can a Confidentiality Agreement be part of an employment contract?
- Can a Confidentiality Agreement be part of a MOU?
- Are Confidentiality Agreements legally binding?
- How long does a Confidentiality Agreement last?
- Can a Confidentiality Agreement last forever?
- Can my confidential information ever be disclosed without my approval?
- Can a Confidentiality Agreement be cancelled?
- Can a Confidentiality Agreement be assigned?
- What happens if a Confidentiality Agreement is broken?
- What Confidentiality Agreement format should I use?
- Who should sign the Confidentiality Agreement?
If after reading this guide you still have a question, get in touch as we’d love to keep adding your questions to this comprehensive guide.
What is a Confidentiality Agreement?
A Confidentiality Agreement is an agreement between individuals or companies (or a combination of both) to keep certain information confidential or secret. A Confidentiality Agreement may take one of two forms, either:
- One party discloses confidential information to another party (“One-Way”), or
- Both parties exchange confidential information with each other (“Two-Way”)
By signing a Confidentiality Agreement, the person receiving confidential information undertakes the obligation not to disclose the confidential information described in the agreement. You can have a Confidentiality Agreement with a wide range of people, for example:
- Business partners
- Expert witnesses
- Former employees
- Ghost writers
- Personal assistants
- Vendors, etc.
What is a Non-Disclosure Agreement or NDA?
A Non-Disclosure Agreement (or NDA) is effectively the same thing as a Confidentiality Agreement. It is really just a different name for the same kind of document. The agreement is used to get the recipient of the confidential information to agree not to disclose the information to anyone else (hence the term, “Non-Disclosure”).
What is the difference between a Confidentiality Agreement and a Non-Disclosure Agreement (NDA)?
In practice, there can be some minor differences between a Confidentiality Agreement and a Non-Disclosure Agreement. These are not really differences in the legal effect of either document, but differences in when they are used. For example:
- Higher degree of secrecy: Confidentiality Agreements are used when a higher degree of secrecy is required. Non-disclosure implies you must not disclose personal or private information. But keeping information confidential implies that you need to be more proactive in making sure information is kept secret. This could include putting restrictions on the use of confidential information, protecting electronic databases, preventing theft by employees, requiring sub-contractors to be bound by the same agreement, etc.
- “Two-Way” agreements: Confidentiality Agreements are more likely to be used when there is a “two-way” (or multi-lateral) exchange of secret or commercially sensitive information. When the obligation is “one-way” (or unilateral) the document is more likely to be called a Non-Disclosure Agreement.
- Employment contracts: Confidentiality Agreements are more frequently used in employment or personal situations. Information that people come across as an employee is often particularly sensitive, commercially valuable or potentially personally damaging. For these reasons, many employers use Confidentiality Agreements rather than Non-Disclosure Agreements.
- Third party or startup: Non-Disclosure Agreements are more frequently used in third party or startup situations. These third parties could be vendors, suppliers, customers, contractors or potential investors and the type of information that needs to be kept secret could be a trade secret, patent, invention, intellectual property, pricing arrangement, financial information, etc. A long Confidentiality Agreement could put some parties off. Instead, a brief NDA, which covers the most important terms and is squeezed onto one or two pages, could be more user friendly.
- United States: Non-Disclosure Agreements or NDAs are more commonly used in the US. The term Confidentiality Agreement is more commonly used in Australia, New Zealand, England and Canada.
What is the difference between a Confidentiality Agreement and a Non-Compete Agreement?
While a Confidentiality Agreement protects against the release of certain private information, a Non-Compete Agreement protects a business from employees, partners, contractors or other similar parties from competing with the business.
For example, if Anne sells a popular restaurant to Ben, and the next month, Anne opens up a new restaurant on the same block, then it might not take long for Ben’s customers to leave Ben and to follow Anne. To protect against this, Ben would use a Non-Compete Agreement, which prevents Anne from opening a similar restaurant, within a certain proximity to Ben’s restaurant, for a certain time period.
In addition to business sales, Non-Compete Agreements can also be used in a number of different scenarios, for example:
- To prevent an employee leaving their job to work for a competitor
- To prevent business partners from setting up a competing business
- To prevent a contractor with access to a business’s confidential information from using that information to set up a competing business, etc.
What is a Mutual or Reciprocal Confidentiality Agreement?
A “One-Way” Confidentiality Agreement (also referred to as a “Unilateral” agreement) is used when one person discloses confidential information to someone else and they agree not to divulge this information to others.
A “Two-Way” Confidentiality Agreement (also referred to as a “Mutual”, “Reciprocal” or “Bilateral” agreement) is used when both parties are disclosing confidential information to each other. For example, they may be considering a partnership in a business, buying something together or developing something together and both people have confidential information to share with one another. Both parties agree not to disclose this confidential information and both people are under the same duty of confidentiality.
How does a Confidentiality Agreement work?
A Confidentiality Agreement is a contract between the two parties that sign the agreement. The party receiving the information agrees that, in return for being provided the information, they will keep the information confidential.
The agreement first defines the information that is to be kept confidential (e.g. “all customer lists and all specifications related to XYZ project”). Then the agreement sets out the various things that the receiving party must actually do to keep the information confidential (e.g. use current data protection standards, have employees sign Confidentiality Agreements, etc.).
The agreement makes the receiving party legally responsible for any losses that the disclosing party may incur, if the receiving party does not keep the information confidential. In addition, a Confidentiality Agreement usually allows the disclosing party to obtain an injunction, which is a court order that stops the receiving party from doing something, such as communicating the confidential information to other people.
Why use a Confidentiality Agreement?
Individuals and organisations at times have to share information with others that they would not like the public to come across and they would like to protect. Other times they are involved in disputes and other matters that they also would like to keep private. When these instances occur, to ensure that those who receive information keep the information private, it is common to enter into a Non-Disclosure or Confidentiality Agreement.
For example, a business might have to share trade secrets, internal documents or even new ideas with contractors, employees, potential partners, investors, financiers or advisors. In order to control the release of the information and to ensure that it is only used by the intended recipient in a way that is approved by the party that is releasing the information, a Non-Disclosure Agreement or Confidentiality Agreement can be used. In some cases the Confidentiality Agreement includes the requirement to keep confidential the fact that there was even an exchange of information at all!
What are the risks of not using a Confidentiality Agreement?
If you do not use a Confidentiality Agreement (or NDA) then you will have no way to protect the confidentiality of your information. If you are releasing sensitive information, then the party that receives that information will then be able to do what they like with it. They could set up their own competing business, they could sell the information to your competitors or they could even broadcast the information on billboards or TV if they wanted to.
When should I use a Confidentiality Agreement?
You should use a Confidentiality Agreement before you disclose valuable and confidential information to another person or company. Here are some examples of when Confidentiality Agreements should be used:
- After resignation
- Business sale
- Contracting with a manufacturer
- Due diligence
- Financial advice
- Firing or terminating an employee
- Hiring a new employee
- Hiring a consultant
- Hiring a contractor
- Merger and acquisition
- Purchasing a business
- Real estate sale or purchase
- Registering patent
- Selling a business
- Starting a business, etc.
From a practical perspective, you may wish to provide the Confidentiality Agreement ahead of time, particularly if it is a detailed document. For example, if you have a one hour appointment with a software developer and you turn up with a 10 page Confidentiality Agreement that they have never seen before, this could slow you down significantly. Instead, it is much better if you can send a copy through at least a few days ahead and ask them to have a signed copy for you on the day.
What information can be protected with a Confidentiality Agreement?
Confidential information may include:
- App ideas
- Business ideas
- Business plans
- Financial information
- Medical records
- Research and development
- Software programs, etc.
And the confidential information may be in the form of:
- Electronic data
- Musical notes
- Oral descriptions
- Software code
- Written words, etc.
In order to be be protected as confidential information there are 3 conditions that must be met:
- Informed: The information must have been given to the recipient in a relationship of confidence. This means that the person receiving the information must be aware and know that this information is secret and that it must be protected and kept confidential.
- Valuable: Unauthorised use or dissemination of the information must be likely to cause damage to the person who is giving out the information. The measure of damage does not necessarily have to be financial damage. For example, it could be in terms of inability to continue the project as a result of the information becoming public.
- Not in public domain: The information should not be known to the public or be in the public domain. This is not a deciding factor however, as sometimes the information may already be in the public domain but it is the manner it is being used which may create a confidential arrangement.
Even if all of the above elements are present, the information may still not be “legally” considered confidential. These elements may be present in the assessment of one person but not necessarily in the assessment of others. For example, simply wanting to prevent a competitor from having access to certain information (without a sound basis for that restriction, other than choosing to be uncooperative with your competitors) is not usually enough to make the information legally confidential.
What information can not be protected with a Confidentiality Agreement?
The type of information that can be included under the umbrella of confidential information is virtually unlimited. However, any information that is already known to the other party or is in the public domain cannot be defined as confidential information. Additionally there may be information that is confidential to you but may not be legally considered confidential information.
Who can be prevented from disclosure by a Confidentiality Agreement?
The recipient of the confidential information is prevented from disclosing the information. If that recipient needs to disclose the information to other people (e.g. colleagues, advisers or employees) then the confidentiality agreement usually requires those other people be covered under the same duty of confidentiality.
Will a Confidentiality Agreement protect my information from being stolen?
Yes, but to get the best protection you may need to consider doing some other things as well.
While a Confidentiality Agreement undoubtedly provides valuable protections for your information, if somebody wants to breach the Agreement they might do so. If they want to make unauthorised copies of your information and to use the information for their own purposes, they may try to do that. They may even try to claim that the information was theirs in the first place.
So in addition to using a Confidentiality Agreement, you should also consider lodging patents, trademarks and copyrights. By using these you can register ownership of your information, such as your idea, product or logo.
What can I do to further protect my Confidential Information?
First, you should ensure that you have clearly marked all documents containing the information as “confidential”. This does not mean the information is immediately considered confidential just because you have labeled it confidential, but it will be taken into account by any court in determining what information is confidential. It may also make it more likely that the recipient of the information will maintain its confidentiality. Not all breaches are deliberate. Many are inadvertent, but clear labels can help to prevent them.
Second, you should restrict access to the confidential information to a certain level of employee only (e.g. senior management). You should require any person who will or may have access to the confidential information to sign a Confidentiality Agreement. This prevents the person from later stating they did not know the nature of the information to be kept confidential.
Third, you should ensure that if any confidential information needs to be disposed of, it is done in a manner that ensures it is destroyed and cannot be retrieved. For example, it should be shredded or disposed of in locked security disposal bins.
Can a Confidentiality Agreement be part of an employment contract?
Yes, it is common for an employment contract to contain terms that address confidentiality. However, the confidentiality terms in an employment contract are usually not as comprehensive as those in a standalone Confidentiality Agreement. Therefore, if you are relying on an employment contract, you should check the terms provide sufficient protection.
An important aspect of a Confidentiality Agreement is in making sure that the party receiving the information actually realises what is expected of them and appreciates the seriousness of the confidentiality obligations. This can prevent them from inadvertently releasing information. Having a confidentiality clause buried on page 9 of an employment contract may not have the same effect!
And remember, have the employee sign the Confidentiality Agreement when they are first hired.
Can a Confidentiality Agreement be part of a MOU?
This depends on the nature of the Memorandum of Understanding (MOU). In many cases, MOUs are not intended to be legally binding. Instead, they are used to set out the expectations of the parties, so that they can get started on a project and formalise their structures in due course.
Some MOUs contain one or more clauses which address confidentiality. However, if the MOU is not legally binding, then any confidentiality obligations within it will also not be legally binding. This is not ideal because it will mean that if the other party wants to breach the confidentiality obligations, they can – and will not face any consequences for doing so.
Therefore, it is a better idea to use a separate Confidentiality Agreement which covers all of the necessary terms and is legally binding.
Are Confidentiality Agreements legally binding?
If a Confidentiality Agreement is validly executed (i.e. signed) then it is legally binding.
It forms a contract between the two parties who have signed it. However, it is important that the correct people sign the agreement. For example, if either party is a company then there will only be certain people who can sign on behalf of the company – usually two company Directors or a Director and the Secretary. A salesperson, office manager, receptionist or any other person working for the company is unlikely to have the legal authority to sign on behalf of the company.
And if the wrong person signs the Agreement, then it will not be legally binding!
How long does a Confidentiality Agreement last?
You can limit the confidential requirement to either specific information and/or for a specified period, stated in the agreement.
Can a Confidentiality Agreement last forever?
Yes, Confidentiality Agreements can last indefinitely. The time that the information must be kept confidential can be stated in the agreement itself.
Can my confidential information ever be disclosed without my approval?
Yes, there are limits to confidentiality. The other party may be “compelled” or required by law to disclose your confidential information. For example:
- Courts can subpoena confidential information
- Specific legislation (e.g. The Privacy Act for OH&S purposes)
- Employees “whistleblowing” on illegal, corrupt or dangerous activities
- The Australian Taxation Office has special powers over financial institutions and accountants
Can a Confidentiality Agreement be cancelled?
Yes. If both parties agree, then they may terminate a Confidentiality Agreement.
Can a Confidentiality Agreement be assigned?
This usually depends on the terms of the Confidentiality Agreement. In many cases, the party disclosing the information may be able to assign its rights under the agreement to another party. For example, if it sells part of its business.
Generally, the party that received the confidential information will not be able to assign its obligations. It has already received the confidential information and cannot “un-see” it. Therefore, the confidentiality obligations are likely to continue, even if the party that disclosed the information agrees that the information can subsequently be provided to another party.
What happens if a Confidentiality Agreement is broken?
A Confidentiality Agreement makes the receiving party legally responsible for any losses that the disclosing party may incur if the information is not kept confidential. For example, if the receiving party provides some of the information to a competitor, leading to a reduction in sales worth $100,000 for the disclosing party, then the disclosing party may sue the receiving party for that $100,000.
In addition, a Confidentiality Agreement usually allows the disclosing party to obtain an injunction, which is a court order that stops the receiving party from doing something, such as communicating the confidential information to other people. If they then breach the injunction, by going ahead with releasing the information, they may face imprisonment or fines.
An injunction can be useful as a first step. If the disclosing party discovers that the receiving party is planning to release the information, or has released some but not all of it, then an injunction can be a way to “nip it in the bud” before more damage is done. Once the damage has been done, then it will be necessary to sue the other party in order to claim compensation.
What Confidentiality Agreement format (email, letter, agreement) should I use?
The Legal123 Confidentiality Agreement template has four versions: email, letter, “one-way” agreement and “two-way” agreement. These different formats are provided for different stages of discussion and providing different levels of protection.
The Email template is a short, yet effective version of a Confidentiality Agreement that can be agreed by both parties in an email. It is not necessary for either person to sign it for it to be effective and create the confidential protection. Use it for preliminary discussions and to get moving quickly on discussions with an interested party.
The Letter template is a short, clear Confidentiality Agreement, designed to create the confidential protection but through a hard-copy paper format. Both parties must sign (or e-sign) the agreement. Use this format to emphasize the importance of your confidential information before signing a more formally agreed understanding.
The “One-Way” Agreement template is a more complete agreement where one person is giving confidential information to another and wants to ensure the information is further protected. Both persons are required to sign, agreeing to the terms.
The “Two-Way” Agreement template is also a more complete agreement but is used when both persons are providing confidential information to each other and they wish to ensure the information is further protected. Both persons are required to sign, agreeing to the terms.
During initial discussions you might want to start by using the Email template. Then as discussions progress you could be more formal and move to the Letter template. Then before final negotiations the “One-Way” or “Two-Way” forms of the agreement could be used.
Who should sign the Confidentiality Agreement?
The party disclosing the information and the party receiving the information should both sign the Confidentiality Agreement.
If either party is a company, however, then there will only be certain people who can sign on behalf of the company. It is important that the correct people sign, because if they do not then the company may not actually be bound by the Confidentiality Agreement.
The Corporations Act sets out the rules about who can sign on behalf of a company (usually two Directors or a Director and the Secretary). In addition, it is possible for the company to legally authorise other people to sign on behalf of the company, but this would need to be done by way of a Power of Attorney.
Generally speaking, a salesperson, office manager, receptionist or any other person working for the company is unlikely to have the legal authority to sign the agreement on behalf of the company. And if the wrong person signs the agreement then it will not be legally binding!
We hope you found this guide on How to Write a Confidentiality Agreement or NDA helpful.