What should be included in a non-disclosure agreement?

Every NDA needs six core elements: identification of the parties (disclosing and receiving), a clear definition of what counts as confidential information, the obligations of the receiving party, exclusions from confidentiality (such as publicly known information), the duration of the confidentiality obligation, and remedies for breach. Most NDAs also include a governing law clause and signature blocks.

Is a one-sided NDA or mutual NDA better?

It depends on the relationship. A unilateral (one-sided) NDA protects only one party's information — common when hiring contractors or employees. A mutual NDA protects both parties — standard for business partnerships, joint ventures, and merger discussions where both sides share sensitive data. When in doubt, use a mutual NDA for equal protection.

How long should an NDA last?

Most NDAs impose confidentiality obligations for 2 to 5 years after disclosure. Some trade secret NDAs have no expiration. The right duration depends on the nature of the information — customer lists may only need 2 years, while proprietary technology formulas may warrant indefinite protection. Courts generally enforce reasonable time limits.

Can I write my own NDA without a lawyer?

Yes. NDAs follow a well-established legal structure. A properly drafted NDA with clear definitions, reasonable scope, and standard clauses is enforceable whether a lawyer wrote it or not. Courts evaluate the document's content and clarity, not who created it. The key is using precise language and including all required elements.

What makes an NDA unenforceable?

An NDA can be invalidated if the definition of confidential information is too vague or overly broad, if the duration is unreasonable, if it lacks consideration (something of value exchanged), or if it tries to protect information that is already public. Courts also reject NDAs signed under duress or by parties who lack legal capacity.

How to Write a Non-Disclosure Agreement: Step-by-Step Guide

A non-disclosure agreement is the first line of defense for any business sharing sensitive information. Whether you are onboarding a new employee, evaluating a potential partner, or hiring a contractor, an NDA sets the legal boundary around what stays private.

This guide walks you through writing an NDA from scratch — every clause, every decision point, and the mistakes that can render one unenforceable.

Why NDAs Matter

Every business operates on information that would harm it if leaked: client lists, pricing strategies, product roadmaps, financial projections, source code, manufacturing processes. Without a signed NDA, there is no legal mechanism to prevent the recipient from sharing or exploiting that information.

An NDA creates:

Legal recourse if confidential information is disclosed
Clear boundaries around what is and is not protected
Deterrence — the existence of the agreement discourages careless handling
Documentation that both parties understood the confidential nature of shared materials

Unilateral vs. Mutual NDAs

Before writing anything, decide which type you need.

Unilateral NDA: One party shares confidential information; the other agrees to protect it. Use this for employee onboarding, contractor agreements, and investor pitches where only your side is sharing sensitive data.

Mutual NDA: Both parties share and protect each other's information. Use this for partnership discussions, joint ventures, merger due diligence, and any negotiation where both sides bring proprietary information to the table.

The structure is nearly identical. The difference is whether obligations run in one direction or both.

The 7 Essential Clauses

1. Party Identification

Name every individual and legal entity. Include full legal names, not nicknames or abbreviations. If a company is involved, name the company and specify that employees and agents of that company are also bound by the agreement.

Example: "This Non-Disclosure Agreement is entered into by Acme Corp., a Delaware corporation ('Disclosing Party'), and Jane Doe, an individual residing in California ('Receiving Party')."

2. Definition of Confidential Information

This is the most important clause. A vague definition creates the biggest vulnerability.

Strong approach: List specific categories:

Technical data, trade secrets, and know-how
Business and financial information
Customer and supplier lists
Marketing and sales strategies
Product designs, prototypes, and specifications
Software, source code, and algorithms
Any information marked as "Confidential" or "Proprietary"

Weak approach: "All information shared between the parties." Courts have struck down NDAs with definitions this broad because they fail to put the receiving party on notice of what they must protect.

3. Obligations of the Receiving Party

Spell out exactly what the receiving party must do and must not do:

Maintain confidentiality using at least the same degree of care they use for their own confidential information (and no less than reasonable care)
Limit disclosure to employees and agents who need to know and who are bound by similar confidentiality obligations
Not use confidential information for any purpose other than the stated business relationship
Not reverse-engineer, decompile, or disassemble any products or materials
Promptly notify the disclosing party of any unauthorized disclosure

4. Exclusions

No NDA covers everything. Standard exclusions protect the receiving party from unreasonable claims:

Information that was already publicly available before disclosure
Information that becomes publicly available through no fault of the receiving party
Information the receiving party already possessed before the NDA
Information independently developed without reference to confidential materials
Information received from a third party who had the right to disclose it
Information required to be disclosed by law, regulation, or court order (with prompt notice to the disclosing party)

5. Term and Survival

Set two timeframes:

Agreement term: How long the NDA is in effect (typically 1–3 years for the business relationship)
Survival period: How long confidentiality obligations last after the agreement ends (typically 2–5 years, sometimes indefinite for trade secrets)

The survival clause is critical. Without it, obligations could arguably end when the agreement terminates, leaving sensitive information unprotected.

6. Remedies and Relief

State that unauthorized disclosure would cause irreparable harm not adequately compensated by monetary damages, and that the disclosing party is entitled to seek injunctive relief (a court order stopping the disclosure) without posting a bond. This language is standard and courts expect it in NDAs.

You can also include:

Liquidated damages (a predetermined amount for breach)
Indemnification (the breaching party covers the other's losses and legal fees)
Attorney's fees clause (the losing party pays)

7. Governing Law and Jurisdiction

Choose a state whose laws will govern the agreement. This determines how courts interpret the NDA's terms. Pick the state where the disclosing party is headquartered, where the confidential information is primarily located, or where potential disputes would most likely be litigated.

State-Specific Considerations

NDA enforceability varies by state:

California: Courts strictly scrutinize non-compete provisions bundled with NDAs. Keep your NDA focused on confidentiality, not competition restrictions.
Texas: NDAs tied to employment must be ancillary to an otherwise enforceable agreement. Standalone employee NDAs need clear consideration beyond continued employment.
New York: Broadly enforces NDAs but requires the confidential information to actually be treated as confidential. If you share "confidential" information publicly, the NDA may not protect it.
Florida: One of the most NDA-friendly states. The Uniform Trade Secrets Act provides strong statutory backing.

Common Mistakes to Avoid

Overly broad definitions — Claiming "everything" is confidential means nothing is. Be specific.
No exclusions — Courts view NDAs without standard exclusions as overreaching.
Missing consideration — For standalone NDAs (not part of a larger deal), ensure both parties give something of value.
Unreasonable duration — A 20-year NDA on general business information is likely unenforceable. Match the duration to the information's useful life.
Confusing NDA with non-compete — An NDA protects information. A non-compete restricts employment. Mixing them up invites judicial scrutiny.

Create Your NDA Now

Writing an NDA from scratch requires attention to every clause. Missing one element — a clear definition, proper exclusions, or a survival clause — can undermine the entire agreement.

Create a jurisdiction-aware NDA on Contract.diy in minutes. Every agreement includes all seven essential clauses, state-specific provisions, and signature blocks ready for execution.