Business Deal NDA: Frequently Asked Questions

Business deal NDAs have two important time periods:

Disclosure Term (1-3 years typical): The period during which parties can share information under the NDA. After this expires, no new disclosures are covered.

Survival Period (2-5 years typical): How long confidentiality obligations last after disclosure. This protects information shared during the disclosure term.

Recommendations by deal type:

• Partnership exploration: 2-year disclosure, 3-year survival
• M&A due diligence: 1-year disclosure, 3-5 year survival
• Vendor evaluation: 1-year disclosure, 2-year survival
• Trade secrets: Indefinite protection (for as long as they remain trade secrets)

Business deal NDAs typically protect:

• Financial information: Revenue, margins, pricing, budgets, projections
• Customer data: Customer lists, contract terms, account details
• Technical information: Product designs, source code, algorithms, architecture
• Strategic plans: Business plans, expansion strategies, M&A targets
• Operational data: Processes, vendor relationships, cost structures
• The negotiation itself: Often, even the fact that discussions are occurring is confidential

Information is typically excluded from protection if it:

• Is or becomes publicly available (not through breach)
• Was already known to the receiving party
• Is independently developed without using confidential information
• Is received from a third party without confidentiality restrictions

Yes, NDAs are fully negotiable contracts. Despite what some counterparties may claim ("This is our standard template"), most terms can be discussed and modified.

Commonly negotiated terms include:

• Mutual vs. one-way obligations
• Definition scope (what counts as confidential)
• Term and survival periods
• Permitted disclosures (who can see the information)
• Residuals clauses
• Non-solicitation provisions
• Governing law and venue

See our Negotiation Playbook for specific strategies and email templates.

If you have the leverage, proposing your own NDA gives you control over the terms and reduces negotiation time. However, the right approach depends on the situation:

Use your template when:

• You initiated the discussions
• You're the larger or more established party
• You're primarily disclosing (not receiving) information
• Speed is important and you have an approved template ready

Review their template when:

• They're a much larger company with rigid legal processes
• They initiated and are primarily disclosing
• Their template is reasonable and would save time
• The relationship dynamics favor accommodation

Pro tip: Always have your own template ready, even if you end up using theirs. It helps you identify problematic terms and propose specific alternative language.

A residuals clause allows the receiving party to use "residual information" - knowledge retained in the unaided memory of their personnel - even after the NDA ends. This can be problematic for protecting sensitive information.

Risks of broad residuals clauses:

• Trade secrets that can be memorized lose protection
• Pricing strategies can be recalled and used
• Technical approaches may be replicated "from memory"
• Creates a loophole for intentional memorization

Acceptable compromises:

• Exclude trade secrets from residuals entirely
• Limit to "general skills and experience" only
• Require that personnel weren't specifically assigned to memorize
• Exclude customer-specific or pricing information

For business deals involving true trade secrets, push to remove or significantly limit residuals clauses.

NDA breaches can result in several types of legal remedies:

Injunctive relief: A court order to stop the breaching party from further disclosure or use. This is often the most important remedy because it stops ongoing harm.

Monetary damages: Compensation for actual losses caused by the breach. You must typically prove the amount of your damages.

Consequential damages: Lost profits and other indirect damages (if not waived in the NDA).

Attorney fees: Recovery of legal costs if the NDA includes a fee-shifting provision.

Practical steps if you suspect a breach:

1. Document the suspected breach immediately
2. Preserve all evidence
3. Review your NDA for notice requirements
4. Consult with an attorney promptly
5. Consider sending a cease and desist letter

See our Breach Response Guide for detailed steps.

Proving an NDA breach typically requires showing:

1. A valid NDA existed: The signed agreement with clear terms.

2. Information was shared: Documentation of what was disclosed and when (emails, presentation decks, meeting notes).

3. Information was confidential: It was properly marked or fell within defined categories.

4. A breach occurred: The receiving party disclosed, used, or failed to protect the information as required.

5. You suffered damages: Lost business, competitive harm, or other measurable injury.

Evidence to preserve:

• Signed NDA and any amendments
• Records of what was shared and when
• Evidence of the unauthorized disclosure
• Documentation of resulting harm
• Communications with the breaching party

Across U.S. states: Generally yes. The governing law clause determines which state's laws apply, and courts typically honor choice-of-law provisions in business contracts.

Internationally: More complex. Key considerations include:

• Choice of law: Specifying U.S. law may not be enforceable in all countries
• Choice of venue: Getting jurisdiction over a foreign party can be challenging
• Enforcing judgments: U.S. judgments aren't automatically enforceable abroad
• Local requirements: Some countries have specific confidentiality laws

Best practices for international NDAs:

• Consider arbitration with international enforcement (ICSID, ICC)
• Choose neutral governing law both parties can accept
• Include jurisdiction in a country where the other party has assets
• Consult with counsel familiar with the relevant jurisdictions

Not always, but it depends on the stakes and complexity:

When a lawyer is advisable:

• High-value M&A or investment transactions
• Deals involving significant intellectual property
• Complex multi-party arrangements
• International deals with cross-border issues
• When the other party has heavily negotiated your template

When templates may suffice:

• Standard partnership or vendor discussions
• Initial exploratory conversations
• Lower-stakes business development meetings
• When using well-drafted, recently-reviewed templates

Our NDA Generator creates comprehensive agreements suitable for most business discussions, but we recommend legal review for significant transactions.

Typically yes, but with important conditions. Most NDAs include a "permitted recipients" provision that allows sharing with:

• Employees: Those with a need to know for the business purpose
• Professional advisors: Attorneys, accountants, consultants
• Affiliates: Sometimes parent/subsidiary companies (watch this term)

Key requirements usually include:

• Recipients must have a genuine need to know
• They must be bound by confidentiality obligations (employment agreements or separate NDAs)
• You remain responsible for their compliance

Best practices:

• Brief employees on what they can and cannot do with the information
• Limit access to those who truly need it
• Mark shared materials as confidential
• Maintain records of who received what

Most well-drafted NDAs include a "legally required disclosure" exception that permits disclosure when required by:

• Court order or subpoena
• Government regulatory request
• Legal process in litigation

Standard requirements when making such disclosures:

1. Provide prompt notice: Alert the disclosing party as soon as possible (unless prohibited by law)
2. Cooperate on protection: Assist in seeking protective orders or confidential treatment
3. Limit disclosure: Only disclose what is legally required
4. Seek confidential treatment: Request that the court/agency maintain confidentiality

Important: The exception typically requires you to take reasonable steps to minimize disclosure, not just hand over everything requested.

Yes, in most cases. Under the U.S. Electronic Signatures in Global and National Commerce Act (ESIGN) and the Uniform Electronic Transactions Act (UETA), electronic signatures are generally valid and enforceable for NDAs.

Acceptable e-signature methods:

• DocuSign, Adobe Sign, or similar platforms
• Typed signatures with clear intent to sign
• Click-through agreements (with proper consent language)

Best practices for e-signatures:

• Use a reputable e-signature platform with audit trails
• Ensure all parties receive a copy of the signed document
• Keep records of the signing process
• Include language confirming e-signature validity

Exceptions: Some jurisdictions or specific document types may require wet signatures. Check local requirements for international deals.

The order of signatures doesn't affect enforceability, but there are practical considerations:

Having them sign first is advisable when:

• You're concerned they might not follow through
• You want to ensure they've accepted final terms
• You're the party with more leverage

Signing simultaneously works when:

• Using e-signature platforms that track all signatures
• Both parties are in the same meeting
• There's established trust between parties

Key principle: The NDA isn't binding until both parties have signed. Don't share confidential information until you have a fully executed copy.

Absolutely yes. M&A due diligence involves sharing your most sensitive information: complete financials, customer contracts, employee data, trade secrets, and strategic plans.

M&A NDAs often include additional provisions:

• Standstill: Prevents hostile takeover attempts using the information
• Non-solicitation: Protects against poaching employees or customers
• Exclusivity: May require exclusive negotiations for a period
• Return/destroy: Strict requirements if the deal doesn't close

Timing: The NDA should be signed before any substantive due diligence begins, including before opening data rooms or sharing detailed financials.

For M&A transactions, we strongly recommend legal counsel to ensure appropriate protections.

Both protect confidential information, but they serve different purposes:

Standalone NDA:

• Used before a business relationship is formalized
• Focuses solely on confidentiality
• Covers pre-deal discussions and evaluations
• Often replaced or superseded by the final contract

Confidentiality clause in a contract:

• Part of a broader agreement (service contract, partnership agreement)
• Covers information shared during the relationship
• May have different terms than the pre-deal NDA
• Survives along with the main contract

Best practice: Use an NDA for pre-deal discussions, then include comprehensive confidentiality provisions in your final agreement that supersede the NDA.