How many clauses should an NDA have?

A standard NDA should have 10 to 14 clauses. The essential clauses are: definition of confidential information, obligations of the receiving party, exclusions from confidentiality, term and duration, permitted disclosures, return of materials, remedies for breach, governing law, dispute resolution, and signature blocks. Additional clauses like non-solicitation, residual knowledge, and survival provisions strengthen the agreement depending on the context.

What is the most important clause in an NDA?

The definition of confidential information is the most important clause. Everything else in the NDA depends on what counts as "confidential." If the definition is too narrow, sensitive information falls outside the agreement's protection. If it is too broad, courts may refuse to enforce it. The best approach is a specific list of categories (financial data, customer lists, product roadmaps, source code) combined with a catch-all for information marked as confidential.

Is a one-way or mutual NDA better?

It depends on the relationship. Use a mutual NDA when both parties share confidential information — business partnerships, joint ventures, merger discussions, or technology collaborations. Use a one-way NDA when only one party discloses — hiring contractors, pitching to investors, or sharing proprietary information with potential clients. Mutual NDAs are more balanced and are generally preferred in business-to-business contexts because they protect both sides equally.

How long should an NDA last?

The confidentiality obligation in an NDA typically lasts 2 to 5 years after the agreement ends. For trade secrets, the obligation should last "for so long as the information qualifies as a trade secret under applicable law" — which can be indefinite. The agreement term itself (the period during which information can be shared) is usually 1 to 3 years, depending on the nature of the relationship.

Can I write my own NDA without a lawyer?

Yes. An NDA does not require legal representation to be enforceable. What matters is that the agreement covers the essential clauses, clearly defines confidential information, specifies the obligations of each party, and is signed by both parties. Using a contract generator that includes jurisdiction-aware templates ensures you cover state-specific enforceability requirements without paying legal fees.

The Ultimate NDA Checklist: 12 Clauses Every Agreement Needs

An NDA that misses a single critical clause is worse than no NDA at all — it creates a false sense of security while leaving actual gaps that any competent attorney will exploit during a dispute.

Whether you are sharing a business idea with a potential partner, onboarding a contractor who will access sensitive systems, or entering merger discussions with another company, the NDA is the first line of defense for your confidential information.

This is the complete, numbered checklist. Every clause. What it should say. What happens if you leave it out.

The 12-clause NDA checklist

1. Identification of the parties

What to include: Full legal names, business entities (LLC, Corp, sole proprietor), addresses, and the role each party plays — Disclosing Party, Receiving Party, or both (for a mutual NDA).

Why it matters: If the parties are not clearly identified, the agreement may be unenforceable against the intended recipient. This is especially critical when dealing with subsidiaries, affiliates, or individuals acting on behalf of a company.

Checklist items:

[ ] Full legal name of each party (not just "Company A")
[ ] Entity type (LLC, Inc., sole proprietorship)
[ ] Address for notices
[ ] Role designation (Disclosing Party / Receiving Party / both)

2. Definition of confidential information

What to include: A specific, categorized list of what counts as confidential. Include both tangible and intangible information. Add a catch-all for information designated as confidential in writing.

Essential categories:

[ ] Financial information — revenue, projections, pricing, margins
[ ] Business plans and strategies — roadmaps, expansion plans, marketing strategies
[ ] Customer and client data — lists, contracts, purchasing history
[ ] Technical information — source code, algorithms, formulas, designs
[ ] Trade secrets — proprietary processes, methods, techniques
[ ] Employee information — compensation, organizational structure
[ ] Any information marked "Confidential" by the disclosing party

The risk of vagueness: "All business information" is too broad to enforce. "The company's customer list maintained in Salesforce, including contact details, contract values, and renewal dates" is specific enough to hold up in court.

3. Exclusions from confidentiality

What to include: Information that does not qualify as confidential, even if it falls within the categories above.

Standard exclusions:

[ ] Information already known to the receiving party before disclosure
[ ] Information that becomes publicly available through no fault of the receiving party
[ ] Information independently developed by the receiving party without reference to confidential materials
[ ] Information received from a third party with no confidentiality obligation
[ ] Information required to be disclosed by law, regulation, or court order (with notice to the disclosing party)

Why this matters: Without exclusions, the NDA becomes unreasonably broad. Courts in most jurisdictions look for reasonable exclusions as evidence that the agreement was negotiated in good faith. An NDA without exclusions may be deemed unconscionable.

4. Obligations of the receiving party

What to include: The specific duties of the party receiving confidential information.

Checklist items:

[ ] Use confidential information only for the stated purpose of the agreement
[ ] Protect confidential information with the same degree of care used for own confidential information (but no less than reasonable care)
[ ] Limit access to employees, contractors, and advisors with a need to know
[ ] Require anyone who receives confidential information to be bound by equivalent confidentiality obligations
[ ] Not reverse-engineer, decompile, or disassemble any confidential materials (if applicable)
[ ] Notify the disclosing party immediately upon discovery of any unauthorized disclosure

5. Permitted disclosures

What to include: Circumstances under which the receiving party may share confidential information without violating the agreement.

[ ] Disclosure to legal counsel, accountants, or auditors bound by professional confidentiality
[ ] Disclosure to employees and contractors who have signed their own NDAs
[ ] Disclosure required by court order, subpoena, or regulatory requirement — with written notice to the disclosing party and cooperation to seek a protective order
[ ] Disclosure to potential investors or acquirers during due diligence (if applicable)

6. Term and duration

What to include: Two separate time periods — the agreement term (when information can be shared) and the confidentiality period (how long the obligations last after the agreement ends).

[ ] Agreement term: typically 1–3 years, depending on the relationship
[ ] Confidentiality period: typically 2–5 years after the agreement expires
[ ] Trade secret exception: obligations continue for as long as the information qualifies as a trade secret
[ ] Effective date clearly stated

7. Return and destruction of materials

What to include: What happens to confidential materials when the agreement ends or when the disclosing party requests their return.

[ ] Return all physical documents and materials within a specified number of days (typically 10–30)
[ ] Delete all electronic copies, including backups, within the same timeframe
[ ] Provide written certification of destruction if requested
[ ] Exception for copies retained in automated backup systems, provided they remain subject to the confidentiality obligations
[ ] Exception for copies required to be retained by law or regulation

8. Non-solicitation and non-compete (optional but common)

Not every NDA needs these clauses, but they are common in employment, partnership, and acquisition contexts.

[ ] Non-solicitation: the receiving party agrees not to recruit or solicit the disclosing party's employees, clients, or vendors for a defined period
[ ] Non-compete: the receiving party agrees not to compete directly in a defined market or geography for a limited time

Enforceability warning: Non-compete clauses face increasing restrictions. Several states (California, Minnesota, Oklahoma, North Dakota) ban most non-competes outright. Others require narrow scope, reasonable duration (6–12 months), and geographic limits. Over-broad non-competes are routinely struck down.

9. Remedies for breach

What to include: What happens when one party violates the agreement. This clause gives the NDA its teeth.

[ ] Right to seek injunctive relief (court order to stop the breach) without proving monetary damages
[ ] Right to seek monetary damages, including actual damages and consequential damages
[ ] Acknowledgment that breach may cause irreparable harm not adequately compensated by money damages
[ ] Attorney's fees and costs for the prevailing party in any enforcement action

Why this matters: Without a remedies clause, the disclosing party's only recourse is a breach of contract lawsuit seeking monetary damages — which requires proving the exact financial loss caused by the disclosure. Injunctive relief allows the court to stop the breach in progress.

10. Governing law and dispute resolution

[ ] Governing law: which state or country's laws apply to the agreement
[ ] Dispute resolution: mediation first, then arbitration or litigation
[ ] Venue: where disputes will be heard
[ ] Consent to jurisdiction: both parties agree to submit to the courts of the specified jurisdiction

11. Miscellaneous provisions

These are standard boilerplate provisions that strengthen enforceability:

[ ] Entire agreement: the NDA supersedes all prior discussions and agreements on the subject
[ ] Amendment: changes require written agreement signed by both parties
[ ] Severability: if one clause is unenforceable, the rest of the agreement survives
[ ] Waiver: failure to enforce a provision does not waive the right to enforce it later
[ ] Assignment: whether either party can transfer their rights under the agreement
[ ] Counterpart execution: the agreement may be signed in separate copies, each of which constitutes an original

12. Signature blocks

[ ] Printed name, signature, and date for each party
[ ] Title and authority to sign on behalf of the entity
[ ] Witness or notarization (if required by jurisdiction)

Quick reference: the full NDA checklist

Before signing or sending any NDA, verify it includes:

Party identification — Full legal names, entity types, roles
Confidential information definition — Specific categories, catch-all provision
Exclusions — Public information, independent development, prior knowledge, legal compulsion
Receiving party obligations — Purpose limitation, care standard, access restriction, notification
Permitted disclosures — Legal counsel, employees with NDAs, court orders
Term and duration — Agreement period, confidentiality period, trade secret exception
Return of materials — Physical return, electronic deletion, certification
Non-solicitation / non-compete — Reasonable scope, jurisdiction compliance
Remedies — Injunctive relief, damages, attorney's fees
Governing law — Applicable jurisdiction, dispute resolution, venue
Miscellaneous — Entire agreement, amendment, severability, waiver
Signatures — Name, title, date, authority

Create your NDA now

Every item on this checklist exists because someone, somewhere, signed an NDA without it and paid the price. The good news: you do not need to assemble these clauses from scratch.

Create an NDA on Contract.diy — jurisdiction-aware, professionally drafted, and built to cover every clause on this checklist.