How to Write a Confidentiality Agreement or NDA

Last updated: 5 May 2022

These are some of the most useful and widely used legal contracts, especially for startups. This guide explains the who, what, where, how, why and when to use them. So read on.

Legal issues covered in this guide

Click on any of the questions below to jump to that section of this legal guide.

If after reading this guide you still have a question, get in touch as we’d love to keep adding your questions to this comprehensive guide.

Confidentiality Agreements and Non-Disclosure Agreements (NDA)

What is a Confidentiality Agreement?

A CA (also called a Non-Disclosure Agreement or NDA) is a legal contract between two parties that details proprietary or sensitive information to be shared, how the information is to be used and the consequences if the information is misused or leaked.

The sharing of information is usually one of two forms, either:

  • One party discloses confidential information to another party (“One-Way”), or
  • Both parties exchange confidential information with each other (“Two-Way”)

With the One-Way agreement, the person receiving confidential information undertakes the obligation not to disclose the confidential information described in the agreement. With the Two-Way, both parties agree not to disclose the confidential information provided to them. This type of arrangement can be used with a wide range of people, for example:

  • Accountants
  • Auditors
  • Business partners
  • Cleaners
  • Clients
  • Consultants
  • Contractors
  • Doctors
  • Employees
  • Expert witnesses
  • Friends
  • Former employees
  • Ghost writers
  • Housekeepers
  • Investors
  • Janitors
  • Lawyers
  • Maids
  • Nannies
  • Personal assistants
  • Psychologists
  • Suppliers
  • Therapists
  • Vendors, etc.

What is a Mutual or Reciprocal Confidentiality Agreement?

A “One-Way” Confidentiality Agreement (also referred to as a “Unilateral” agreement) is used when one person discloses confidential information to someone else and they agree not to divulge this information to others.

A “Two-Way” Confidentiality Agreement (also referred to as a “Mutual”, “Reciprocal” or “Bilateral” agreement) is used when both parties are disclosing confidential information to each other. For example, they may be considering a partnership in a business, buying something together or developing something together and both people have confidential information to share with one another. Both parties agree not to disclose this confidential information and both people are under the same duty of confidentiality.

What is a Non-Disclosure Agreement or NDA?

A Non-Disclosure Agreement (or NDA) is effectively the same thing as a Confidentiality Agreement. It is really just a different name for the same kind of document. The agreement is used to get the recipient of the confidential information to agree not to disclose the information to anyone else (hence the term, “Non-Disclosure”).

What is the difference between a Confidentiality Agreement and a Non-Disclosure Agreement (NDA)?

In practice, there can be some minor differences between a Confidentiality and a Non-Disclosure Agreement. These are not really differences in the legal effect of either document, but differences in when they are used. For example:

  1. Higher degree of secrecy: Confidentiality Contracts are used when a higher degree of secrecy is required. Non-disclosure implies you must not disclose personal or private information. But keeping information confidential implies that you need to be more proactive in making sure information is kept secret. This could include putting restrictions on the use of confidential information, protecting electronic databases, preventing theft by employees, requiring sub-contractors to be bound by the same agreement, etc.
  2. “Two-Way” agreements: The most common type of confidentiality arrangement is when there is a “two-way” (or multi-lateral) exchange of secret or commercially sensitive information. When the obligation is “one-way” (or unilateral) the document is more likely to be called a Non-Disclosure Agreement.
  3. Employment contracts: Confidentiality contracts are more frequently used in employment or personal situations. Employees often come across information that is particularly sensitive, commercially valuable or potentially personally damaging. The employer is usually holding personal and confidential information about the employee also. For these reasons, many employers use an agreement for confidentiality rather than Non-Disclosure.
  4. Third party or startup: Non-Disclosure Agreements are more frequently used in third party or startup situations. These third parties could be vendors, suppliers, customers, contractors or potential investors and the type of information that needs to be kept secret could be a trade secret, patent, invention, intellectual property, pricing arrangement, financial information, etc. A long agreement could put some parties off. Instead, a brief NDA, which covers the most important terms and is squeezed onto one or two pages, could be more user friendly.
  5. United States: Non-Disclosure Agreements or NDAs are more commonly used in the US. The term Confidentiality Agreement is more commonly used in Australia, New Zealand, England and Canada.

Confidentiality Agreements and Employment

What is the difference between a Confidentiality and Non-Compete Agreement?

While an Agreement protects against the release of certain private information, a Non-Compete Agreement protects a business from employees, partners, contractors or other similar parties from competing with the business.

For example, if Anne sells a popular restaurant to Ben, and the next month, Anne opens up a new restaurant on the same block, then it might not take long for Ben’s customers to leave Ben and to follow Anne. To protect against this, Ben would use a Non-Compete Agreement, which prevents Anne from opening a similar restaurant, within a certain proximity to Ben’s restaurant, for a certain time period.

In addition to business sales, Non-Compete Agreements can also be used in a number of different scenarios, for example:

  • To prevent an employee leaving their job to work for a competitor
  • To prevent business partners from setting up a competing business
  • To prevent a contractor with access to a business’s confidential information from using that information to set up a competing business, etc.

Can a confidentiality arrangement be part of an employment contract?

Yes, it is common for an employment contract to contain terms that address confidentiality. However, the confidentiality terms in an employment contract are usually not as comprehensive as those in a standalone Confidentiality Contract. Therefore, if you are relying on an employment contract, you should check the terms provide sufficient protection.

An important aspect of a Confidentiality Contract is in making sure that the party receiving the information actually realises what is expected of them and appreciates the seriousness of the confidentiality obligations. This can prevent them from inadvertently releasing information. Having a confidentiality clause buried on page 9 of an employment contract may not have the same effect!

And remember, have the employee sign the Confidentiality Contract when they are first hired.

Can a confidentiality arrangement be part of a MOU?

This depends on the nature of the Memorandum of Understanding (MOU). In many cases, MOUs are not intended to be legally binding. Instead, they are used to set out the expectations of the parties, so that they can get started on a project and formalise their structures in due course.

Some MOUs contain one or more clauses which address confidentiality. However, if the MOU is not legally binding, then any confidentiality obligations within it will also not be legally binding. This is not ideal because it will mean that if the other party wants to breach the confidentiality obligations, they can – and will not face any consequences for doing so.

Therefore, it is a better idea to use a separate Confidentiality Contract which covers all of the necessary terms and is legally binding.

Benefits of Agreements

Why use an Agreement?

Individuals and organisations at times have to share information with others that they would not like the public to come across and they would like to protect. Other times they are involved in disputes and other matters that they also would like to keep private. When these instances occur, to ensure that those who receive information keep the information private, it is common to enter into a Non-Disclosure or Confidentiality arrangement.

For example, a business might have to share trade secrets, internal documents or even new ideas with contractors, employees, potential partners, investors, financiers or advisors. In order to control the release of the information and to ensure that it is only used by the intended recipient in a way that is approved by the party that is releasing the information, a Confidentiality or Non-Disclosure Agreement can be used. In some cases the agreement includes the requirement to keep confidential the fact that there was even an exchange of information at all!

What are the risks of not having a confidentiality arrangement in place?

If you do not use or have a confidentiality arrangement in place, you will have no way to protect the confidentiality of your information. Without an agreement, if you are releasing sensitive information, then the party that receives that information will then be able to do what they like with it. They could set up their own competing business, they could sell the information to your competitors or they could even broadcast the information on billboards or TV if they wanted to.

Practicalities of Agreements

How does an Agreement work?

A Confidentiality Contract is an agreement between the two parties. The party receiving the information agrees that, in return for being provided the information, they will keep the information confidential.

The contract first defines the information that is to be kept confidential (e.g. “all customer lists and all specifications related to XYZ project”). Then it sets out the various things that the receiving party must actually do to keep the information confidential (e.g. use current data protection standards, have employees sign a confidentiality clause or contract, etc.).

This type of agreement makes the receiving party legally responsible for any losses that the disclosing party may incur, if the receiving party does not keep the information confidential. In addition, it usually allows the disclosing party to obtain an injunction, which is a court order that stops the receiving party from doing something, such as communicating the confidential information to other people.

When should I use an Agreement?

You should use an agreement before you disclose valuable and confidential information to another person or company. Here are some examples of when Agreements should be used:

  • After resignation
  • Business sale
  • Contracting with a manufacturer
  • Divorce
  • Due diligence
  • Financial advice
  • Firing or terminating an employee
  • Hiring a new employee
  • Hiring a consultant
  • Hiring a contractor
  • Merger and acquisition
  • Purchasing a business
  • Real estate sale or purchase
  • Registering patent
  • Selling a business
  • Starting a business, etc.

From a practical perspective, it is a good idea to provide the agreement ahead of time, particularly if it is a detailed document. For example, if you have a one hour appointment with a software developer and you turn up with a long agreement that they have never seen before, this could slow you down significantly. Instead, it is much better if you can send a copy through at least a few days ahead and ask them to have a signed copy ready for you on the day.

What information can be protected with an Agreement?

Confidential information may include:

  • App ideas
  • Business ideas
  • Business plans
  • Concepts
  • Financial information
  • Formulae
  • Inventions
  • Medical records
  • Recipes
  • Research and development
  • Software programs, etc.

And the confidential information may be in the form of:

  • Electronic data
  • Musical notes
  • Oral descriptions
  • Pictures
  • Software code
  • Written words, etc.

In order to be protected as confidential information there are 3 conditions that must be met:

  1. Informed: The information must have been given to the recipient in a relationship of confidence. This means that the person receiving the information must be aware and know that this information is secret and that it must be protected and kept confidential.
  2. Valuable: Unauthorised use or dissemination of the information must be likely to cause damage to the person who is giving out the information. The measure of damage does not necessarily have to be financial damage. For example, it could be in terms of inability to continue the project as a result of the information becoming public.
  3. Not in public domain: The information should not be known to the public or be in the public domain. This is not a deciding factor however, as sometimes the information may already be in the public domain but it is the manner it is being used which may create a confidential arrangement.

Even if all of the above elements are present, the information may still not be “legally” considered confidential. These elements may be present in the assessment of one person but not necessarily in the assessment of others. For example, simply wanting to prevent a competitor from having access to certain information (without a sound basis for that restriction, other than choosing to be uncooperative with your competitors) is not usually enough to make the information legally confidential.

What information can not be protected with an Agreement?

The type of information that can be included under the umbrella of confidential information is virtually unlimited. However, any information that is already known to the other party or is in the public domain cannot be defined as confidential information. Additionally there may be information that is confidential to you but may not be legally considered confidential information.

Who can be prevented from disclosure by a Agreement?

The recipient of the confidential information is prevented from disclosing the information. If that recipient needs to disclose the information to other people (e.g. colleagues, advisers or employees) then the agreement usually requires those other people be covered under the same duty of confidentiality.

What Agreement format (email, letter, agreement) should I use?

The Legal123 Confidentiality Agreement template has four versions: email, letter, “one-way” agreement and “two-way” agreement. These different formats are provided for different stages of discussion and provide different levels of protection.

The Email template is a short, yet effective version of confidentiality obligation that can be agreed by both parties in an email. It is not necessary for either person to sign it for it to be effective and create the confidential protection. Use it for preliminary discussions and to get moving quickly on discussions with an interested party.

The Letter template is a short, clear Agreement, designed to create the confidential protection but through a hard-copy paper format. Both parties must sign (or e-sign) the agreement. Use this format to emphasize the importance of your confidential information before signing a more formally agreed understanding.

The “One-Way” Agreement template is a more complete agreement where one person is giving confidential information to another and wants to ensure the information is further protected. Both persons are required to sign, agreeing to the terms.

The “Two-Way” Agreement template is also a more complete agreement but is used when both persons are providing confidential information to each other and they wish to ensure the information is further protected. Both persons are required to sign, agreeing to the terms.

During initial discussions, you might want to start by using the standard or general Email non disclosure agreement template. Then as discussions progress you could be more formal and move to the Letter template. Then before final negotiations the “One-Way” or “Two-Way” forms of the agreement could be used.

Who should sign the Agreement?

The party disclosing the information and the party receiving the information should both sign the agreement.

If either party is a company, however, then there will only be certain people who can sign on behalf of the company. It is important that the correct people sign, because if they do not then the company may not actually be bound by the Agreement.

The Corporations Act sets out the rules about who can sign on behalf of a company (usually two Directors or a Director and the Secretary). In addition, it is possible for the company to legally authorise other people to sign on behalf of the company, but this would need to be done by way of a Power of Attorney.

Generally speaking, a salesperson, office manager, receptionist or any other person working for the company is unlikely to have the legal authority to sign the agreement on behalf of the company. And if the wrong person signs the agreement then it will not be legally binding!

Do Agreements Work?

Will an agreement for confidentiality protect my information from being stolen?

Yes, but to get the best protection you may need to consider doing some other things as well.

While this type of agreement undoubtedly provides valuable protections for your information, if somebody wants to breach the agreement they might do so. If they want to make unauthorised copies of your information and to use the information for their own purposes, they may try to do that. They may even try to claim that the information was theirs in the first place.

So in addition to using a Agreement, you should also consider lodging patents, trademarks and copyrights. By using these you can register ownership of your information, such as your idea, product or logo.

What can I do to further protect my confidential information?

First, you should ensure that you have clearly marked all documents containing the information as “confidential”. This does not mean the information is immediately considered confidential just because you have labeled it confidential, but it will be taken into account by any court in determining what information is confidential. It may also make it more likely that the recipient of the information will maintain its confidentiality. Not all breaches are deliberate. Many are inadvertent, but clear labels can help to prevent them.

Second, you should restrict access to the confidential information to a certain level of employee only (e.g. senior management). You should require any person who will or may have access to the confidential information to sign an agreement. This prevents the person from later stating they did not know the nature of the information to be kept confidential.

Third, you should ensure that if any confidential information needs to be disposed of, it is done in a manner that ensures it is destroyed and cannot be retrieved. For example, it should be shredded or disposed of in locked security disposal bins.

Can my confidential information ever be disclosed without my approval?

Yes, there are limits to confidentiality. The other party may be “compelled” or required by law to disclose your confidential information. For example:

  • Courts can subpoena confidential information
  • Specific legislation (e.g. The Privacy Act for OH&S purposes)
  • Employees “whistleblowing” on illegal, corrupt or dangerous activities
  • The Australian Taxation Office has special powers over financial institutions and accountants

Are Agreements legally binding?

If an Agreement is validly executed (i.e. signed) then it is legally binding.

It forms a contract between the two parties who have signed it. However, it is important that the correct people sign the agreement. For example, if either party is a company then there will only be certain people who can sign on behalf of the company – usually two company Directors or a Director and the Secretary. A salesperson, office manager, receptionist or any other person working for the company is unlikely to have the legal authority to sign on behalf of the company.

And if the wrong person signs the agreement, then it will not be legally binding!

What happens if a Confidentiality Agreement is broken?

Most Agreements make the receiving party legally responsible for any losses that the disclosing party may incur if the information is not kept confidential. For example, if the receiving party provides some of the information to a competitor, leading to a reduction in sales worth $100,000 for the disclosing party, then the disclosing party may sue the receiving party for that $100,000.

In addition, most agreements usually allow the disclosing party to obtain an injunction, which is a court order that stops the receiving party from doing something, such as communicating the confidential information to other people. If they then breach the injunction, by going ahead with releasing the information, they may face imprisonment or fines.

An injunction can be useful as a first step. If the disclosing party discovers that the receiving party is planning to release the information, or has released some but not all of it, then an injunction can be a way to “nip it in the bud” before more damage is done. Once the damage has been done, then it will be necessary to sue the other party in order to claim compensation.

Limits of Agreements

How long does an Agreement last?

You can limit the confidential requirement to either specific information and/or for a specified period, stated in the agreement.

Can a Confidentiality Contract last forever?

Yes, Confidentiality Contracts can last indefinitely. The time that the information must be kept confidential can be stated in the agreement itself.

Can a confidentiality arrangement be cancelled?

Yes. If both parties agree, then depending on the agreement terms, the parties may terminate either the confidentiality section and obligations only or the entire agreement itself.

Can confidentiality obligations be assigned?

This usually depends on the terms of the individual agreement. In many cases, the party disclosing the information may be able to assign its rights under the agreement to another party. For example, if it sells part of its business.

Generally, the party that received the confidential information will not be able to transfer or assign its obligations. It has already received the confidential information and cannot “un-see” it. Therefore, the confidentiality obligations are likely to continue, even if the party that disclosed the information agrees that the information can subsequently be provided to another party.

We hope you found this online guide on How to Write a Confidentiality Agreement or NDA in Australia helpful.

About Vanessa Emilio

Vanessa Emilio (BA Hons, LLB, ACIS, AGIA) is the Founder and CEO of and Practice Director of Legal123 Pty Ltd. Vanessa is a qualified Australian lawyer with more than 20 years experience in corporate, banking and trust law. Follow this link to read the full bio of Vanessa Emilio.