NDA (Non-Disclosure Agreement): Definition, How It Works, and Examples (2026)
Also known as: Non-Disclosure Agreement, Confidentiality agreement, CDA, Confidentiality and non-use agreement
TL;DR
A Non-Disclosure Agreement (NDA) is a contract that binds one or both parties to keep certain information confidential — used in hiring, vendor relationships, M&A discussions, and anywhere sensitive information has to be shared before a broader agreement is signed.
The two flavors: one-way and mutual
Most NDAs fall into one of two structures. A unilateral (one-way) NDA protects one party's information — typical when a company is sharing secrets with a contractor, vendor, or investor who is not sharing in return. A mutual NDA protects both sides' information — typical in M&A, partnership discussions, or vendor relationships where both parties exchange sensitive data.
Using the wrong flavor is a common and avoidable mistake. If you are only receiving information, a mutual NDA creates unnecessary obligations on your side. If both parties share, a one-way NDA leaves the other side unprotected and may make them reluctant to share.
What a solid NDA includes
The essential clauses that every NDA should address:
- • Definition of "Confidential Information" — broad enough to cover what matters, specific enough to be enforceable
- • Exclusions — publicly available info, previously known info, independently developed info, info received from a third party
- • Permitted uses — what the recipient can do with the info
- • Non-use clause — cannot use the info for purposes beyond the permitted ones
- • Duration — how long the obligation lasts (2-5 years typical; trade secrets often perpetual)
- • Return or destruction obligation — what happens at the end
- • Governing law and venue
- • Injunctive relief — acknowledgment that monetary damages alone are insufficient for breach
Common traps in NDAs
A handful of clauses deserve extra scrutiny:
Definition too broad
Some NDAs define confidential info as "anything disclosed." This is unenforceable in practice because the recipient cannot track "everything you said." Better: require that confidential info be marked as such or, if oral, confirmed in writing within 30 days.
Perpetual duration
Most obligations should end 2-5 years after disclosure. Perpetual obligations can be struck down as unreasonable restraint. Trade secrets are the exception — those can be perpetual under trade-secret law separately.
Non-compete dressed as NDA
Some NDAs include overbroad non-use clauses that function as non-competes. Courts increasingly strike these down, especially with the FTC's 2024 non-compete rule. Keep non-use focused on the specific info, not entire industries.
One-sided remedies
Watch for attorney-fees clauses that only run one way, or injunctive-relief clauses that skew against you. These are negotiable in mutual NDAs.
When you need an NDA (and when you don't)
NDAs are overused. They add friction and sometimes delay real relationship-building. A quick decision guide:
| Situation | NDA needed? |
|---|---|
| Sharing a pitch deck with a VC | No — most VCs won't sign |
| Sharing detailed financials with a potential acquirer | Yes — mutual NDA |
| Hiring a contractor who will see customer data | Yes, plus DPA |
| Talking to a potential partner about a joint product | Yes — mutual NDA |
| Sending a job candidate their offer letter | No, offer letter covers confidentiality |
| Exploring a competitive intelligence project | Yes, unilateral NDA |
| Public-facing marketing discussion | No |
NDAs with offshore workers
Standard US NDAs apply extraterritorially but enforcement against offshore workers is harder. Practical approaches:
- • Work through a staffing agency whose contracts with workers include confidentiality
- • Use governing law of the worker's country, not US, for primary enforcement
- • Pair NDA with strong technical controls (least-privilege access, monitoring, device management)
- • For high-sensitivity work, use a local counsel's NDA template in the worker's country
Frequently asked questions
Is an NDA legally enforceable?
Yes, if well-drafted and reasonable in scope and duration. Courts regularly enforce NDAs with injunctive relief plus damages. Overly broad or indefinite NDAs can be struck down or blue-penciled to reasonable limits.
How long should an NDA last?
Typical duration: 2-5 years from disclosure for most business-confidential information. Trade secrets can be protected indefinitely under separate trade-secret law. Very short-term deals (investor pitches) sometimes use 1-2 years.
What is the difference between an NDA and a confidentiality agreement?
Functionally identical. NDA is a subset of confidentiality agreements. "Confidentiality agreement" is sometimes used when confidentiality is one section of a broader contract; "NDA" typically refers to a standalone document.
Do I need an NDA when hiring a contractor?
Usually yes, either standalone or as a clause in the service contract. For contractors who will see customer data, trade secrets, or source code, confidentiality obligations should be explicit and supported by technical controls.
Can I enforce an NDA against someone in another country?
Yes, but harder. Enforcement across borders requires either the foreign country's courts enforcing your judgment (Hague Convention or bilateral treaty) or local litigation in the defendant's country. Better approach: write the NDA under the worker's local law or use a staffing agency that handles this.
Should I sign an NDA before discussing my startup idea with someone?
Depends on whom. For VCs and experienced advisors, generally no — they will not sign and the ask signals inexperience. For potential co-founders, developers, or partners who will see deeper material, yes.