What is NDA (Non-Disclosure Agreement)?

NDAs are used at multiple stages of a business relationship. Before a commercial negotiation, an NDA protects pricing, business plans, and strategic information shared with a potential supplier or partner. During a supplier engagement, it protects technical specifications, client data, and operational processes. After a relationship ends, it controls how long confidentiality obligations persist.

The most critical element of an NDA is the definition of confidential information. An NDA that defines confidential information too broadly (everything shared between the parties) can be difficult to enforce because courts may require a more specific definition. Too narrow, and important information falls outside protection.

Standard NDA provisions include: the definition of confidential information, permitted disclosures (e.g. to employees who need to know), exclusions (information already in the public domain), the duration of the obligation (commonly two to five years, or indefinitely for trade secrets), and the consequences of breach — typically a penalty clause or injunction.

For smaller businesses, the most practical use of an NDA is with IT suppliers and consultants who gain access to customer data, financial systems, or proprietary processes. In these cases, the NDA should also reference applicable data protection obligations.

Sharing sensitive information without an NDA leaves you with limited recourse if it is misused. Proving that a supplier disclosed your pricing structure or customer list requires establishing that they had an obligation not to — and that is much harder without a written agreement.

An NDA does not guarantee confidentiality, but it creates a contractual basis for claiming compensation if a breach occurs. For SMBs working with multiple external parties, a standard NDA template that can be issued quickly protects both the relationship and the underlying information.