No matter if a company is a listed company or a bootstrapped startup that is struggling, they will both use the same agreement to make sure that the people they work with don't use their company's confidential information without getting permission first.
Most of the time, these kinds of agreements are called "confidentiality agreements" or "non-disclosure agreements." Both agreements are about the same thing, which is keeping information secret and private.
Changes between how each name is used can be small. In real life, the use depends a lot more on the people involved than on what the law says.
If you are a tech company, not signing a good non-disclosure agreement can hurt your most important confidential and proprietary information, such as when you share source code or a proprietary algorithm.
And you must keep these important details close to your heart.
You could find yourself in a bind if you don't know what will happen if someone leaks, misuses, or even sells confidential information about your company.
Before you sign a non-disclosure agreement as a business owner or founder, you should look into the following things to avoid making these mistakes.
No such thing as a "standard agreement" exists.
Let's get one thing straight. No such thing as a "standard agreement" exists. Before you sign the non-disclosure agreement, make sure you read and understand all of its terms and conditions.
Make sure it shows what you and the other party agreed to and why you signed the contract in the first place. If you don't pay attention when you sign an agreement, you could end up letting in a lot of trouble.
Figure out who will be responsible for the terms.
Figure out who will be responsible for keeping the non-disclosure agreement in place.
Figure out who can get or look at the confidential information.
Make sure you know if you're giving the private information to a business or a person, like an adviser. In real life, it can be hard to tell where the lines are, so you should try to be as specific as possible about the representatives of the receiving party who may have access to the confidential information.
For example, if you sign a non-disclosure agreement with a company as the receiving party, the shareholders, directors, and employees of the receiving party, as well as third parties like legal counsel, accountants, and financial and tax advisers, may be able to see confidential information. If you only want certain key people in the other company to have access, you can say in the agreement that the information can only be shared with those people (like the cofounders of the receiving party).
Unilateral vs mutual non disclosure agreement
Make it clear if the non-disclosure agreement should be one-sided (also called "one-way") or two-sided (also called "two-way").
For example, if you are the only one who will be sharing confidential information, you should have a unilateral non-disclosure agreement instead.
Keep in mind that a non-disclosure agreement can sometimes involve more than two parties (though it can be rare). Also, the process of negotiating can take a long time, especially if everyone wants the same terms.
Agree on what the non-disclosure contract is for.
The next thing to think about is how the person receiving the confidential information might use it. For example, if the deal is about an investor's plan to buy a business, the non-disclosure agreement should make it clear that the purpose of the agreement is to evaluate the purchase.
If you hire a consulting firm to help your business, make it clear that the information is being shared so that consulting services can be done to increase sales, etc.
Who will make sure the deal is kept?
Find out which party to the non-disclosure agreement is most likely to need to enforce the obligations of the other party. In practise, the first person who sends out the draught may be able to make changes to it.
In other words, the terms in the draught document might be better for the party who wrote it. During this step, you should talk to a lawyer who can help you find important legal issues that you might miss.
Make sure you know what "confidential information" is at stake.
Read carefully about what "confidential information" means. Make sure the definition covers all of the information you plan to share with the other party. In real life, many entrepreneurs who use templates may ignore or completely forget about the definition.
For instance, the definition of "confidential information" may have been copied and pasted from another transaction (which may be inapplicable in your case). If you are the one doing the sharing, you should try to make the definition of "confidential information" as narrow as possible.
But if you are the party getting the documents, you may want to negotiate for a broad definition so that more documents can be shared (this could be useful in an investment deal where the investor may need to test the valuation assertion before deciding on whether to acquire or invest in the company).
Agree on the formal way to share information
Indicate if the confidential information can only be shared in writing, orally, or electronically, and if it must be marked "confidential" for the non-disclosure agreement to apply. When most or all documents are shared through email or a cloud platform, it can be hard and impractical to do.
You could also look into setting up a virtual data room (VDR), which is also called a "secure data room" and lets you share documents while keeping the information safe. Secure data room providers have more features than emailing documents as attachments, such as "locking" the documents so that only certain users can see them (based on the email address or even IP address).
You can even stop the team of the person receiving the documents from downloading them or making copies of them. They can be helpful when sharing sensitive information like sales data, financial forecasts, source code, and so on.
Mark the documents that are private with the word "confidential."
If you want certain information to be kept secret, you should write "confidential" as large as possible on the document. In other words, put a clear note or disclaimer on the document to make sure that the document is kept secret. When you give out a document that may have information that isn't relevant to the transaction, you can also censor or remove information that isn't needed.
Be careful with your personal information and privacy.
Don't give out personal information about customers or anything else that could hurt their privacy. For example, if you give a third party your sales records or information about your employees, you need to make sure you have permission from both the customer (usually in the privacy policy) and the employee (usually in the employment agreement) to do so.
Maybe if you really need to share the data, use dummy data (i.e., data that does not relate to any actual person) or anonymise the data so that the receiving party cannot trace or identify the person.
Have a formal report of any data breach or leak
A good non-disclosure agreement should also say that the receiving party must tell the giving party right away if the agreement is broken in any way. In real life, it might be hard to prove that such a breach has happened (unless you end up discovering the data leak on your own). But this clause could mean that the receiving party has to do more, like give you the right information and let you know so that the right steps can be taken to reduce future risks.
Set a date for when the deal will end.
There should be an end date on every non-disclosure agreement. In other words, agree on the "cut-off" date by which the person receiving the confidential information must return it.
In practise, it may be hard or even impossible for the person who received the documents to go back and make sure that "all electronic records" of them have been deleted. For example, documents you may have sent through email or the cloud may be saved or cached by the receiving party's email or network backup programmes.
If you really want to make sure that the person who receives your shared documents doesn't copy or send them to someone else, you might want to look into a third-party platform that offers secure data rooms and lets you make documents "view only."
Figure out what will happen if confidentiality is broken.
Figure out what the best solution would be if a non-disclosure agreement is broken. Usually, it is challenging to assess the financial damages suffered by the disclosing party.
If you are willing to go to court to enforce your rights by hiring a lawyer to file a legal claim against the other party, you may be able to get equitable remedies like an injunction. In practise, if you are the innocent party, the judge will look at your evidence and decide if it is right to give you an injunction or damages (usually in the form of money) if they are in your favour.
Check the non-disclosure agreement to see what law it is based on.
Look in the agreement for the law that applies. I remember reading a non-disclosure agreement signed by two Malaysian companies, but the governing law ended up being New York laws!
In hindsight, I don't think it's because people don't trust the Malaysian courts or anything like that. I think it's more likely that one of the parties used a template they found on the internet, but it wasn't right for their deal. It's also a shame that neither party bothered to read the agreement.
Keep an eye out for "hidden provisions."
Look also for what I call the “hidden provisions”. Boilerplate clauses, like the one above about the law that applies, are the typical legalese clauses that are in every agreement.
In real life, it can be hard to tell the difference between a "standard clause" and a "non-standard clause" if you don't read or deal with legal agreements often.
So, it's a good idea to have a business lawyer look over the draught agreement one last time before you sign it. An example of a “hidden clause” is an exclusivity clause (also known as a “no shop” clause) that requires you to refrain from engaging another interested party until your existing engagement or duration expires.
Even though this is common and standard in an investment term sheet, agreeing to such a restriction in a non-disclosure agreement can make it hard to find a potential customer or other business partner.
Conclusion
When you decide to work with a new party, a well-written non-disclosure agreement can help you reduce the risks. Before you sign an agreement, you should carefully think about and evaluate its terms to make sure they cover and protect your most important confidential and proprietary information.
A good non-disclosure agreement also covers what will happen if the receiving party doesn't follow the terms of the agreement, like if they give the information to the wrong people or use it for things that aren't covered by the agreement.
Lastly, you should have a lawyer look over the non-disclosure agreement to make sure it doesn't include any obligations that you didn't expect.