NDA Guide — Using Confidentiality Agreements in the UK

Before you share commercially sensitive information — with a potential partner, an investor, a supplier or a freelancer — it pays to put a non-disclosure agreement (NDA) in place. An NDA, also called a confidentiality agreement, sets out what information is confidential and how the recipient may use it. This guide explains how NDAs work in the UK and how to use them well. It is general information, not legal advice.

What is an NDA?

An NDA is a contract under which one or both parties agree to keep specified information secret and to use it only for an agreed purpose. It turns a vague expectation of confidence into a clear, enforceable obligation. In England and Wales an NDA is governed by ordinary contract law and sits alongside the general law of confidence and the Trade Secrets (Enforcement, etc.) Regulations 2018, which protect information that is genuinely secret and has commercial value.

Mutual or one-way?

Mutual NDA

Use a mutual NDA where both sides will disclose confidential information to each other — for example two businesses exploring a partnership, a joint venture or a possible acquisition. Both parties owe and are owed the same obligations, which often makes negotiation simpler.

One-way NDA

Use a one-way (unilateral) NDA where only one side is disclosing — for example when you brief a contractor, pitch to an investor, or share designs with a manufacturer. Only the recipient takes on confidentiality obligations.

What should an NDA cover?

• The parties — who is disclosing and who is receiving
• The definition of confidential information — broad enough to capture what matters, but clear
• The permitted purpose — what the recipient may actually use the information for
• Standard exclusions — information that is already public, already known, independently developed, or required to be disclosed by law or a regulator
• Obligations — to keep the information secret, limit who sees it, and not copy or misuse it
• Duration — how long the duty lasts, and what happens to the information at the end
• Return or destruction of materials on request
• Governing law and jurisdiction — England and Wales

How long should it last?

There is no fixed statutory period. A duration of three to five years after disclosure is common for ordinary commercial information, while genuine trade secrets may be protected for as long as they remain secret. Keep the term reasonable: a court is more likely to enforce an obligation that is proportionate to the information being protected than one that is open-ended for trivial information.

NDAs in employment and data

Confidentiality clauses often appear within employment documents — see the employee confidentiality agreement — and in settlement agreements. Remember that an NDA cannot lawfully prevent protected disclosures (whistleblowing) or the reporting of a crime. Where the information includes personal data, or where one party processes personal data for another, you may also need a data processing agreement under the UK GDPR, and where know-how is the crown jewels, a dedicated trade secrets agreement. For deals, a tailored M&A confidentiality agreement is available.

Practical tips

• Sign it before you share. An NDA signed after disclosure protects nothing already revealed.
• Mark confidential material. Labelling documents “confidential” makes obligations easier to enforce.
• Match the NDA to the deal. Choose mutual where both sides disclose, one-way where only one does.
• Keep the definition tight enough to be clear but wide enough to cover what you actually share.

How do I start?

Choose the right template — a mutual NDA, a one-way NDA, or a trade secrets agreement. Fill in the parties, the confidential information and the agreed purpose, and the agreement is ready to sign before any information changes hands.