Updated: February 2026 • Based on UK Law

A tech startup shares its algorithm with a potential investor. No NDA signed — “we trust each other.” Three months later, a competitor launches an almost identical product. The investor’s associate had forwarded the pitch deck. No NDA means no legal recourse. The startup loses its competitive advantage and £2 million in projected revenue.

Now compare that to the founder who spent 10 minutes signing a mutual NDA before the same meeting. When the leak happens, she obtains a court injunction within 48 hours, freezing the competitor’s launch. The NDA didn’t just protect her information — it gave her the legal weapon to act.

But here’s what most businesses miss: from October 2025, sweeping changes under the Victims and Prisoners Act 2024 mean NDAs can no longer prevent crime victims from reporting to police or seeking support. Combined with proposed Employment Rights Bill restrictions, UK businesses face the most significant NDA regulatory changes in decades.

Quick Navigation:

What Is a Non-Disclosure Agreement (NDA)?

A non-disclosure agreement is a legally binding contract that prevents recipients from sharing or misusing confidential information. Under UK law, NDAs must be reasonable in scope and cannot restrict whistleblowing, crime reporting, or — from October 2025 — victim disclosures under the Victims and Prisoners Act 2024.

This guide covers NDA types, breach consequences, legality, GDPR implications, employment law and upcoming legislative changes. Free NDA compliance checklist included.

✓ Non-Disclosure Agreement Template (England & Wales)

Answer guided questions — your NDA is built for you. Includes October 2025 compliance updates. No legal knowledge needed. Free updates included when we update for law changes or improvements — at no extra cost. From £10, no subscriptions.

→ Build Your Non-Disclosure Agreement

Prefer to write your own? Download the free NDA compliance checklist →

What Are the Three Types of NDA?

Quick Answer: Unilateral (one-way) where only one party shares confidential information, mutual (two-way) where both parties exchange sensitive information, and multilateral involving three or more parties.

Unilateral NDAs — When You’re the Only One Sharing

The most common type. One party discloses confidential information, the other agrees not to share it.

You’ll use these when onboarding new employees, sharing product designs with manufacturers, disclosing financials to potential investors, or providing confidential data to consultants.

The receiving party bears all confidentiality obligations. The disclosing party retains full control.

In some circumstances, a one-way NDA needs to be executed as a deed rather than a simple contract — especially where no consideration is exchanged.

Mutual NDAs — When Both Sides Are Vulnerable

Both parties share sensitive information and agree to keep it confidential. Essential when exploring joint ventures, potential mergers, strategic partnerships, technology licensing, or collaborative product development.

The symmetrical nature requires careful drafting. Unlike unilateral agreements where one party clearly holds power, mutual NDAs demand fair, reciprocal terms that neither party can later claim were unconscionable or unreasonably one-sided.

Multilateral NDAs — Three or More Parties

Rather than executing multiple bilateral NDAs between each pair of parties, a single multilateral agreement streamlines the process.

Common in consortium projects, multi-party joint ventures, supply chain arrangements, or industry collaborations involving competitors working on pre-competitive research.

Drafting demands particular attention to information flow matrices — explicit provisions detailing which parties can access which categories of confidential information. Without clear boundaries, the structure creates confusion about permitted disclosures.

Hybrid and Specialised Structures

Beyond these three primary types, businesses encounter hybrid structures. A primarily unilateral NDA might include limited mutual obligations for certain categories. A mutual NDA might have asymmetric duration periods reflecting different sensitivity levels.

Industry-specific variations also exist: pharmaceutical NDAs for clinical trial data, technology sector NDAs covering source code and algorithms, financial services NDAs protecting trading strategies, or creative industry NDAs safeguarding artistic concepts.

Key Takeaway: Unilateral NDAs protect one party’s information. Mutual NDAs create balanced obligations when both parties share. Multilateral NDAs streamline protection for three or more parties but require careful drafting of information flow provisions.

What Happens If You Breach an NDA in the UK?

Quick Answer: Civil liability including financial damages, injunctions preventing further disclosure, and reputational damage. While most breaches are civil matters, extreme cases involving insider trading or violating court injunctions can result in criminal charges.

The Financial Hit

The primary consequence is civil liability for damages. The person whose secrets you spilled can claim compensation for any losses caused by the leak.

If your breach resulted in lost clients or business opportunities, those damages add up quickly. Some NDAs contain liquidated damages clauses — predetermined breach penalties ranging from a few thousand pounds to hundreds of thousands.

Beyond direct compensation, courts may order payment of the other party’s legal costs. If the breach is particularly reckless or intentional, punitive damages might be awarded — though these are less common in UK contract law than in US jurisdictions.

Court Injunctions — Stopping You in Your Tracks

A breach can lead to an injunction — a court order preventing further disclosure of sensitive information.

Injunctions come in different forms. Interim injunctions prevent breach before it occurs. Prohibitory injunctions stop ongoing breaches. Mandatory injunctions require positive action like returning or destroying confidential materials.

Ignore an injunction and you face contempt of court charges — heavy fines or imprisonment in extreme cases.

If You’re an Employee

Breach an NDA with your employer and you face disciplinary action, immediate dismissal (typically summary dismissal for gross misconduct), and personal liability for the company’s financial losses.

The lasting damage is reputational. Future employers conducting reference checks may discover the breach, significantly impacting career prospects.

Account of Profits — Handing Back What You Made

Courts may order the breaching party to hand over any profits made by misusing the confidential data.

If someone used your trade secrets to develop a competing product and generated £100,000 in profits, courts might order them to pay you that £100,000 — even if your actual losses were lower. This strips away unjust enrichment rather than merely compensating proven losses.

When It Becomes Criminal

NDA breaches themselves are civil matters. But related conduct can lead to criminal charges.

Stealing confidential documents could be prosecuted as theft. Using confidential information for insider trading attracts criminal charges. Breaching the Data Protection Act 2018 brings regulatory penalties. Breaking an NDA related to a government or military contract may be construed as a national security violation under the Official Secrets Act 1989.

If a court issues an injunction and you violate it, contempt of court claims carry criminal consequences.

What Actually Happens When Someone Gets Caught

First, you’ll receive a cease-and-desist letter with evidence of the breach. Parties often negotiate a settlement — financial compensation or additional restrictions. If that fails, the injured party starts legal action for breach of contract.

The burden of proof lies with the party alleging breach. They must demonstrate that confidential information was disclosed, the disclosure breached the NDA’s terms, and they suffered damages.

Defences That Actually Work

Not every disclosure constitutes an actionable breach. Valid defences include:

  • Information was already in the public domain
  • The recipient obtained information independently from another source
  • Disclosure was required by law or court order
  • The information didn’t meet the NDA’s definition of confidential
  • The NDA itself was unenforceable due to unreasonableness or lack of consideration

An NDA — regardless of its terms — cannot prevent disclosures to the police or regulatory bodies about criminal offences. From October 2025, these protections significantly expand under new legislation.

Key Takeaway: NDA breaches trigger financial damages, injunctions, and reputational harm. Criminal consequences are rare but possible where breach involves theft, insider trading, or violating court orders. Valid defences exist including public domain information and legally required disclosures.

Never Share Confidential Information Without an NDA in Place

Editor + Interview Versions Included • £20 One Time • No Subscriptions

Preview NDA Template
Lifetime Access • Free Updates • 30-Day Money-Back Guarantee

Quick Answer: Yes — when properly drafted, reasonable in scope, and not attempting to restrict lawful rights such as whistleblowing or reporting criminal conduct. From October 2025, significant new restrictions apply to protect crime victims and prevent harassment cover-ups.

What Makes an NDA Enforceable?

An NDA is a legally binding document. If a party who signed it later discloses or misuses the information they agreed to keep confidential, that’s an unlawful breach of confidence.

For an NDA to be enforceable, it must satisfy basic contract law requirements:

  • Offer and acceptance — both parties agree to the terms
  • Consideration — something of value exchanged (employment, payment, mutual information sharing)
  • Intention to create legal relations
  • Capacity — parties must have legal capacity to contract

The NDA must also not violate public policy or attempt to conceal illegal activity.

How Courts Assess “Reasonable”

Overly broad or unreasonable clauses can make the entire agreement unenforceable.

Courts consider duration (is the confidentiality period appropriate?), scope (is the definition of confidential information specific enough?), geographic restrictions, and the balance of obligations versus legitimate business interests.

An NDA protecting genuine trade secrets indefinitely? Likely enforceable. An NDA claiming all information discussed in meetings — regardless of whether already public — for 50 years? Unreasonable and unenforceable.

What NDAs Can Never Prevent — Regardless of Wording

  • Protected disclosures under whistleblowing legislation (Employment Rights Act 1996, s.43J)
  • Reporting a crime to the police
  • Discussing pay with colleagues for equal pay purposes
  • Complying with legal obligations or court orders

Any clause attempting to restrict these disclosures is void — whether the NDA says otherwise or not.

October 2025 — The Victims and Prisoners Act 2024

This is the big one.

Under section 17 of the Act, NDAs signed on or after 1 October 2025 cannot prevent victims of crime from disclosing information about relevant conduct to:

  • Police or other bodies investigating or prosecuting crime
  • Qualified lawyers for seeking legal advice
  • Regulated healthcare professionals for obtaining support
  • Victim support services
  • Regulators for cooperating with investigations
  • Close family members for personal support
  • Persons authorised to receive information on behalf of any of the above

The carve-out applies to disclosures made for personal support or redress. Clauses may still restrict publicity-driven statements or release of commercial secrets unrelated to the offence.

The Ministry of Justice’s June 2025 guidance urges employers to specify within settlement agreements exactly what information can be shared, with whom and why.

August 2025 — Higher Education Restrictions

From 1 August 2025, under the Higher Education (Freedom of Speech) Act 2023, registered providers cannot enter NDAs with students, staff or visiting speakers where they come forward with complaints of sexual misconduct, abuse, harassment or bullying.

Any such NDA entered into from that date is void.

The Employment Rights Bill — What’s Coming Next

Clause 22A of the Employment Rights Bill effectively nullifies any term — in an employment contract, settlement agreement, staff policy or stand-alone NDA — that prevents a worker from alleging or discussing workplace harassment or discrimination.

Royal Assent is pencilled in for autumn 2025, with Clause 22A expected to commence during the first implementation window in 2026.

What the Solicitors Regulation Authority Says

The SRA has issued warning notices about NDA misuse. NDAs must not include clauses known to be unenforceable or use warranties, indemnities and clawback clauses designed to inhibit permitted reporting or disclosures.

Taking unfair advantage of an opposing party — whether unrepresented or represented — breaches professional obligations.

Where NDAs Remain Perfectly Legitimate

Despite heightened scrutiny, NDAs remain lawful for protecting genuine trade secrets, safeguarding intellectual property during business discussions, maintaining confidentiality of settlement terms (except where restricted by new legislation), protecting customer data, and ensuring confidentiality during M&A discussions.

The key is ensuring NDAs protect legitimate business interests without overreaching into areas where public policy demands transparency.

Key Takeaway: NDAs are legal when properly drafted, reasonable, and don’t restrict lawful rights. October 2025 changes prevent NDAs from stopping crime victims reporting to police and support services. Whistleblowing disclosures cannot be prevented regardless of NDA wording. Legitimate business confidentiality remains fully protectable.

Is the UK Moving to Ban NDAs?

Quick Answer: Not entirely. The Employment Rights Bill proposes banning confidentiality clauses that prevent workers from discussing harassment and discrimination. Combined with October 2025 Victims and Prisoners Act restrictions, NDAs face significant new limitations — but they remain legal for legitimate business purposes.

What the Employment Rights Bill Actually Does

Clause 22A nullifies any term that prevents a worker from alleging or discussing workplace harassment, discrimination, or the employer’s handling of those issues.

Disclosures by a worker about sexual harassment will become a protected disclosure for whistleblowing purposes — excluded from the scope of confidentiality provisions entirely.

The ban won’t apply to “excepted agreements” meeting conditions determined by the Secretary of State in secondary legislation. It’s been suggested this could include an NDA requested by the worker themselves.

Royal Assent is pencilled in for autumn 2025, with Clause 22A expected to commence during the first implementation window in 2026.

What Employers Should Do Right Now

  • Audit all template contracts and settlement agreements
  • Revise confidentiality wording to remove over-broad gagging language
  • Train HR and legal teams on the new limits
  • Prepare alternative approaches to settling discrimination disputes

Existing NDAs remain valid. But any renewal or material variation after the provisions come into force triggers the new regime. Update templates well in advance.

So What ISN’T Being Banned?

Despite the headlines, NDAs remain essential for protecting trade secrets, proprietary technology, client lists, financial information, product development plans, and intellectual property during negotiations.

The restrictions target specific misuse — covering up wrongdoing. Not legitimate business confidentiality.

Why These Changes Are Happening

NDA scrutiny intensified after the #MeToo movement raised concerns about how confidentiality agreements had been used to silence victims of sexual harassment. At its worst, payments were exchanged for the silence of victims.

In 2019, the UK government launched a consultation reviewing the use of confidentiality clauses. That review produced the Victims and Prisoners Act 2024 and the pending Employment Rights Bill provisions.

The Reputational Risk You’re Not Thinking About

Beyond legal compliance, consider the optics. Misusing NDAs to silence employees — particularly in harassment cases — triggers public scrutiny, legal challenges and employment law claims.

Even where technically legal, heavy-handed NDA use can trigger significant reputational damage when publicised.

Key Takeaway: NDAs are not being banned wholesale. Restrictions target misuse — silencing victims and covering up wrongdoing. Legitimate business confidentiality protection remains fully legal. Employers should audit templates now and remove over-broad gagging language before the new provisions commence.

What Are the GDPR Implications of NDAs?

Quick Answer: NDAs must comply with UK GDPR when they involve processing personal data. They require a lawful basis for processing, transparency about data use, and respect for data subject rights. NDAs cannot override UK GDPR obligations — confidentiality provisions must explicitly permit data protection-mandated disclosures to the ICO and data subjects.

When Does GDPR Actually Apply to an NDA?

Whenever an NDA covers information that includes personal data — any information relating to an identified or identifiable living individual — UK GDPR applies alongside confidentiality obligations.

This happens more often than people think. Employee NDAs protect staff information. Customer data includes personal details. Business partner NDAs cover contact details and relationship information. Consultant agreements protect client data encountered during work.

What Lawful Basis Are You Relying On?

When processing personal data under an NDA, organisations typically rely on:

  • Performance of a contract — where processing is necessary to perform the NDA itself
  • Legitimate interests — where confidentiality protection is a legitimate business interest balanced against individual rights
  • Consent — less common in B2B NDA contexts

The Data (Use and Access) Act 2025 introduces “recognised legitimate interests” that don’t require full assessments — including sharing data within company groups for internal administration and ensuring network security.

Data Subject Rights vs Your NDA

Here’s where it gets tricky. UK GDPR grants individuals rights including access to their personal data, rectification, erasure, restriction, portability and objection.

NDAs cannot override these rights.

If an individual exercises a data subject access request, you must provide their personal data even if it’s subject to an NDA — though you may need to redact third-party confidential information.

You Still Have to Report Breaches to the ICO

Under UK GDPR Article 33, organisations must report certain personal data breaches to the Information Commissioner’s Office within 72 hours.

NDAs cannot prevent these mandatory notifications. If confidential customer data protected by an NDA is compromised, you must still report — regardless of confidentiality obligations.

ICO investigations may also require disclosure of information subject to NDAs. Cooperation with data protection authorities takes precedence over NDA confidentiality.

International Data Transfers and NDAs

When NDAs involve international business relationships, data transfers outside the UK trigger additional requirements.

The Data (Use and Access) Act 2025 introduces a new test where the Secretary of State determines whether the destination country’s data protection standard is “not materially lower” than the UK’s.

NDAs should address which transfer mechanisms apply (adequacy decisions, standard contractual clauses, or other safeguards), confirm both parties comply with applicable data protection laws, and clarify how confidentiality obligations interact with data protection requirements in each jurisdiction.

Data Processing Agreements Are Separate

When one party processes personal data on behalf of another, UK GDPR Article 28 mandates a Data Processing Agreement. This is separate from and additional to any NDA.

Some organisations try combining both in a single document. While possible, this risks confusion. Better practice involves separate agreements with clear cross-references.

See our Data Processing Agreement guide for these requirements.

Drafting NDAs That Play Nice with GDPR

Well-drafted NDAs address the GDPR intersection through:

  • Explicit carve-outs for data subject rights and mandatory ICO disclosures
  • Provisions confirming both parties comply with applicable data protection law
  • Clarity about whether a controller-processor relationship exists
  • Security requirements meeting UK GDPR Article 32
  • Procedures for handling data breaches affecting confidential information

Key Takeaway: NDAs involving personal data must comply with UK GDPR. Data subject rights cannot be overridden by confidentiality clauses. Mandatory ICO breach notifications take precedence over NDA obligations. Include explicit GDPR carve-outs in every NDA involving personal data.

Bundle & Save

Website Legal & Compliance Pack

Stay GDPR-Ready • 5 Templates + Editor & Interview Versions • Save 40% vs Buying Individually

One-Time Payment (£60) • No Subscriptions • Instant Access
Get the Website Legal & Compliance Pack – Save 40%

Lifetime Access • Free Updates • 30-Day Money-Back Guarantee

What Happens to NDAs After Brexit?

Quick Answer: Minimal practical changes for domestic UK agreements. The main impacts involve EU GDPR adequacy decisions for data transfers, potential divergence between UK and EU confidentiality law, and considerations for NDAs governing cross-border EU-UK business relationships.

For Purely Domestic NDAs — Almost Nothing Changed

UK confidentiality law derives primarily from common law principles and UK contract law, not EU legislation. NDAs governed by English law continue applying exactly as before.

Pre-Brexit NDAs remain fully enforceable. You don’t need to update existing agreements solely due to Brexit — unless they contain specific provisions like exclusive EU jurisdiction clauses or references to EU law that should now reference UK law.

Governing Law and Jurisdiction — The Tricky Part

If the parties aren’t both in the same country, the NDA must state which law governs and which courts can enforce it. Remember — England and Wales have a different legal system to Scotland.

Avoid granting exclusive jurisdiction to one country’s courts. You may want to enforce the NDA in a different country if an unauthorised disclosure happens there.

Cross-Border Enforcement Got Harder

Before Brexit, EU regulations facilitated judgment recognition across member states. Post-Brexit, enforcement of UK court judgments in EU countries depends on bilateral arrangements or international conventions.

This means additional costs and time to enforce UK judgments in EU courts, the need for local legal advice in relevant jurisdictions, and increased importance of arbitration clauses — which may offer smoother cross-border enforcement through the New York Convention.

Data Protection Adequacy — The Ongoing Question

The EU granted the UK adequacy decisions allowing personal data transfers without additional safeguards. The most recent review concluded that the UK continues to ensure a level of protection essentially equivalent to EU GDPR.

But if UK data protection law diverges substantially from EU standards, adequacy could be withdrawn. The Data (Use and Access) Act 2025 represents the UK’s first significant post-Brexit data protection reform.

Organisations should monitor regulatory developments and include flexibility in NDAs to adapt transfer mechanisms if needed.

Northern Ireland — A Special Case

Under the Windsor Framework, Northern Ireland maintains unique status regarding certain EU rules. NDAs involving Northern Ireland parties may face additional considerations depending on whether they relate to goods (subject to EU rules in some respects) or services (generally subject to UK rules).

Practical Drafting for Post-Brexit NDAs

  • Specify governing law clearly (English law, EU member state law, or a neutral jurisdiction)
  • Include non-exclusive jurisdiction clauses enabling enforcement in multiple countries
  • Address data protection compliance including adequacy or alternative transfer mechanisms
  • Consider arbitration clauses for smoother cross-border enforcement
  • Include review provisions to assess whether regulatory changes require amendment

Key Takeaway: Brexit minimally impacts domestic UK NDAs. Cross-border UK-EU NDAs require careful governing law and jurisdiction provisions. EU adequacy decisions currently facilitate data transfers. Potential UK-EU regulatory divergence requires ongoing monitoring. Arbitration clauses may offer more reliable cross-border enforcement.

Are NDAs Covered by UK Employment Law?

Quick Answer: Yes — extensively. NDAs in employment contracts, settlement agreements, and protecting employee-accessed confidential information are all covered. Recent legislative changes including the Victims and Prisoners Act 2024 and proposed Employment Rights Bill significantly restrict NDA use in employment contexts.

NDAs in Employment Contracts — Standard Practice

Non-disclosure clauses are routinely included in employment contracts to protect trade secrets, client details, business strategies, financial information, product development plans, and employee data accessed during employment.

These provisions operate during employment and typically continue for a specified period after employment ends.

Settlement Agreements — Where It Gets Complicated

NDAs are commonly used in settlement agreements following employment termination, often where disputes or grievances are involved. They typically cover the fact that a settlement has been reached, the financial terms, circumstances leading to termination, and details of workplace disputes.

From October 2025, the Victims and Prisoners Act 2024 significantly restricts what settlement NDAs can cover. The proposed Employment Rights Bill will further prohibit NDAs preventing discussion of harassment and discrimination.

Whistleblowing — The Line That Cannot Be Crossed

Section 43J of the Employment Rights Act 1996 invalidates any clause that prevents a worker from making a protected disclosure. This is absolute — no NDA can override it.

Protected disclosures cover reasonable beliefs about criminal offences, failure to comply with legal obligations, miscarriages of justice, danger to health and safety, damage to the environment, and deliberate concealment of any of the above.

Post-Employment Restrictions — NDAs Plus Restrictive Covenants

Employment NDAs often work alongside non-compete clauses, non-solicitation of customers, non-solicitation of employees, and non-dealing provisions.

While NDAs protect confidential information, restrictive covenants limit competitive activities. Both must be reasonable to be enforceable.

What Employees Should Know Before Signing

  • Get independent legal advice — ask the employer to pay for it (standard practice for settlement agreements)
  • You should have a minimum of 10 days to consider terms before signing
  • You can be accompanied during negotiations by a colleague or trade union representative

What Employment NDAs Can and Cannot Restrict

CAN lawfully restrict: disclosure of genuine trade secrets, sharing customer lists, revealing business strategies, and disclosing other employees’ personal or salary information (except for equal pay discussions).

CANNOT lawfully restrict: whistleblowing about wrongdoing, reporting crimes to police, discussing pay for equal pay purposes, making complaints to employment tribunals, reporting to regulatory bodies, or — from October 2025 — discussing harassment, discrimination, or criminal conduct of which the employee is a victim.

Enforcement — What Employers Must Prove

Employers seeking to enforce employment NDAs must demonstrate the information was genuinely confidential, the NDA was properly incorporated, the restriction is reasonable in duration and scope, enforcement serves legitimate business interests, and the restriction doesn’t violate statutory rights.

Courts are sceptical of overbroad employment NDAs. Attempting to prevent employees from working in their field or using general skills typically fails. NDAs must target specific confidential information, not general capabilities.

Key Takeaway: Employment NDAs are extensively regulated. Whistleblowing protections are absolute. October 2025 changes and the proposed Employment Rights Bill significantly restrict NDA use to silence harassment and discrimination victims. Employers should audit all template contracts and settlement agreements now.

Are NDAs Tax Deductible for Businesses?

Quick Answer: Yes. Legal fees for creating, reviewing, or enforcing NDAs are tax deductible as business expenses under “legal and professional fees,” reducing taxable profit. Both initial drafting costs and ongoing review expenses qualify.

What Qualifies as Deductible?

HMRC allows businesses to deduct costs incurred “wholly and exclusively” for business purposes. Legal documentation protecting confidential business information clearly meets this test.

Deductible NDA expenses include initial drafting, legal review of NDAs presented by other parties, updating NDAs for legislative changes (like October 2025 compliance), enforcement costs including cease-and-desist letters and litigation, and settlement costs resolving breach disputes.

Revenue Expense — Not Capital

NDA legal fees are typically revenue expenditure — deductible against profits in the year incurred. NDAs are operational documents enabling business activity, not assets with enduring value.

That means immediate tax relief, not deductions spread over multiple years.

Templates vs Bespoke — Both Deductible

Whether you purchase template NDAs or pay for bespoke legal drafting, both are tax deductible. Template purchases typically cost £10–£500. Bespoke legal drafting ranges from £500–£3,000 depending on complexity.

Enforcement Costs Count Too

If someone breaches your NDA and you incur solicitor fees sending cease-and-desist letters, negotiating settlement, or pursuing litigation — all deductible.

However, damages paid to you may be taxable receipts. Damages compensating for lost profits are typically taxable trading receipts. Damages compensating for capital asset loss may be capital receipts.

VAT Recovery on Legal Fees

VAT-registered businesses can typically reclaim the 20% VAT on NDA-related legal fees. A £1,000 + VAT solicitor bill costs your business just £1,000 after VAT recovery.

Tax Savings by Business Structure

For sole traders and partnerships, legal fees reduce trading profits subject to income tax and Class 4 National Insurance.

For limited companies, legal fees reduce corporation tax liability — currently 25% for profits over £250,000, or 19% for profits under £50,000, with marginal relief between.

A £2,000 NDA drafting fee saves £500 for a company paying 25% corporation tax, or up to £900 for a sole trader paying 45% higher-rate income tax.

Pre-Trading Expenses — Startups Take Note

Creating NDAs before commencing trading? HMRC allows pre-trading expenses incurred within seven years of commencing trading to be treated as if incurred on the first day of trading.

Startups developing IP before formal trading often need NDAs for investor discussions. Those costs become deductible once trading starts.

What’s NOT Deductible

  • Damages or penalties you pay for breaching someone else’s NDA
  • Criminal fines if NDA breach involves criminal conduct
  • Costs unrelated to trading — purely personal NDAs

Key Takeaway: NDA legal fees are deductible business expenses — both template purchases and bespoke drafting. Revenue expenditure means immediate tax relief. VAT-registered businesses can reclaim 20% VAT on legal fees. Penalties for breaching someone else’s NDA are not deductible.

Are NDAs Subject to VAT?

Quick Answer: NDAs themselves are not subject to VAT — they’re legal contracts, not supplies of goods or services. However, legal fees for drafting or reviewing NDAs are subject to 20% VAT, which VAT-registered businesses can typically reclaim as input tax.

The Document vs The Service — An Important Distinction

Creating an NDA doesn’t trigger VAT liability on the document itself. But hiring a solicitor to draft it? That’s a service — standard-rated at 20%.

When you engage a solicitor to draft an NDA for £1,000, the invoice totals £1,200 (£1,000 + £200 VAT). VAT applies to the legal service, not the document produced.

Reclaiming VAT on Legal Fees

VAT-registered businesses making taxable supplies can reclaim VAT on NDA-related legal fees as input tax. That £1,200 inclusive solicitor bill costs your business just £1,000.

Requirements: your business must be VAT-registered, the services must relate to taxable business activities, you must hold a valid VAT invoice, and the NDA must be for business purposes.

Partial Exemption — When Full Recovery Isn’t Available

Businesses making both taxable and exempt supplies may face restrictions on input VAT recovery. If your business makes significant exempt supplies (like financial services or insurance), you might not fully recover VAT on legal fees.

Most UK businesses make fully taxable supplies and can reclaim all input VAT. Those with exempt activities should seek specialist VAT advice.

Cross-Border Legal Services — Reverse Charge

Engaging an EU-based or international legal adviser to draft UK NDAs? The reverse charge mechanism typically applies — the UK business accounts for VAT rather than the overseas supplier.

The overseas supplier invoices without UK VAT. The UK business self-accounts for VAT (recording both output and input simultaneously). The net position is typically neutral for fully taxable businesses.

Using NDAs Doesn’t Create Output VAT

Having employees sign confidentiality provisions or entering NDAs with business partners doesn’t create output VAT. You’re not making a taxable supply — you’re protecting business information. NDAs are business tools, not supplies to others.

Key Takeaway: NDAs themselves aren’t subject to VAT. Legal fees for drafting or reviewing them are standard-rated at 20%. VAT-registered businesses can reclaim this as input tax. Using NDAs in your business doesn’t create output VAT liability.

How Does a Non-Disclosure Agreement Work?

Quick Answer: An NDA creates a legally binding contract obligating the receiving party not to disclose or misuse confidential information. When signed, it establishes legal consequences for unauthorised disclosure — including damages, injunctions, and potential termination of business relationships.

The Core Obligation

An NDA sets out how you share information or ideas in confidence. The receiving party agrees not to disclose protected information to unauthorised third parties and not to use it except for the specifically permitted purpose.

Specify that purpose as precisely as you can. You can always widen it later through written amendment — but you won’t be able to narrow the restriction without the receiving party’s consent.

What Actually Gets Protected?

NDAs typically protect three categories:

  • Information explicitly marked “confidential”
  • Information disclosed orally or visually and confirmed in writing as confidential within a specified period (often 5–30 days)
  • Information that would reasonably be understood as confidential given its nature or circumstances

NDAs cannot protect information already in the public domain, already known to the receiving party before disclosure, independently developed without using the disclosing party’s information, or received from a third party with no confidentiality obligation.

How Long Should Confidentiality Last?

Common durations are 3 or 5 years. After that, they can use and disclose your information freely.

Some information warrants indefinite protection — trade secrets, proprietary formulas, algorithms and customer lists (though these may eventually lose commercial value).

The duration should match sensitivity. Product launch plans might need 1–2 years. Manufacturing processes might need indefinite protection. Courts scrutinise perpetual obligations carefully.

Who Can the Receiving Party Share With?

Be realistic. The person you’re talking to might need to share your information with their employees or professional advisers. They may need to copy your information for this purpose.

Standard permitted disclosures allow sharing with employees and directors on a need-to-know basis, professional advisers (solicitors, accountants, consultants) bound by confidentiality, and potentially subcontractors under confidentiality obligations.

The receiving party remains responsible for ensuring permitted recipients maintain confidentiality.

Disclosures That Can’t Be Prevented

Once information becomes public, an NDA can’t be enforced. Beyond that, some disclosures can never be prevented:

  • Disclosures required by law or court order
  • Disclosures to regulatory bodies
  • Whistleblowing disclosures about wrongdoing
  • From October 2025, victim disclosures under the Victims and Prisoners Act 2024

Well-drafted NDAs explicitly carve these out, confirming legally required revelations don’t constitute breaches.

When Should You Use an NDA?

Don’t disclose your ideas or information until the recipient has signed and returned the NDA. Without one, you’re taking the risk that others could use your ideas without permission.

Common scenarios include sharing financials with a potential investor, hiring a solicitor for company legal affairs, presenting products or technology to partners, hiring employees or contractors who’ll access proprietary information, discussing intellectual property for product development, and negotiating business partnerships or joint ventures.

The NDA Lifecycle

Once signed, the NDA progresses through initial disclosure for the permitted purpose, ongoing use within agreed parameters, conclusion of the permitted purpose, post-termination confidentiality for the specified duration, and eventual expiry of obligations (if time-limited).

Maintain records throughout — the signed NDA, records of what was disclosed and when, confidential markings, and any amendments agreed during the relationship.

Always Check Before You Sign

Always check any NDA another party asks you to sign. Make sure it doesn’t unfairly restrict your future activities.

Key negotiation points: Is the definition of confidential information reasonable? Is the duration proportionate? Are permitted disclosures adequate? Are mandatory legal disclosures carved out? Are liquidated damages reasonable?

Key Takeaway: NDAs work by creating legally binding obligations not to disclose or misuse confidential information. Specify the permitted purpose precisely. Match duration to information sensitivity. Include carve-outs for mandatory legal disclosures. Always read an NDA carefully before signing — check the scope, duration and restrictions are reasonable.

Frequently Asked Questions: Non-Disclosure Agreements UK

What is a non-disclosure agreement?

A legally binding contract that protects confidential information from being shared or misused. Sometimes called confidentiality agreements, NDAs ensure recipients agree not to disclose or misuse the information provided, creating legal consequences for unauthorised disclosure.

What are some examples of non-disclosure agreements?

Common examples include employee confidentiality agreements protecting trade secrets, investor NDAs covering business plans and financial projections, contractor NDAs safeguarding proprietary processes, M&A NDAs protecting due diligence information, and settlement agreement confidentiality provisions.

How do you create an NDA legally in the UK?

Identify all parties with full legal names. Define confidential information clearly. Specify the permitted purpose. Set a reasonable duration (typically 3–5 years or indefinite for trade secrets). Include carve-outs for mandatory legal disclosures. Specify governing law and jurisdiction. Ensure both parties sign. Professional legal review strengthens enforceability.

What are the legal requirements for NDAs in the UK?

UK NDAs must satisfy basic contract law requirements — offer and acceptance, consideration, intention to create legal relations, and capacity. They cannot restrict whistleblowing, crime reporting, or — from October 2025 — victim disclosures under the Victims and Prisoners Act 2024. Terms must be reasonable and not contrary to public policy.

Can NDAs be claimed as a business expense?

Yes. Legal fees for creating, reviewing, or enforcing NDAs are deductible under “legal and professional fees.” Both initial drafting and ongoing review expenses reduce taxable profits. VAT-registered businesses can also reclaim the 20% VAT charged on solicitor fees.

Can NDAs be used by contractors?

Yes. Contractors routinely work under NDAs protecting client confidential information. These are typically unilateral NDAs where the contractor agrees not to disclose business information. Contractors should review carefully to ensure they don’t overly restrict future work or use of general skills and knowledge.

What are the benefits of an NDA?

Protecting trade secrets and proprietary information, enabling safe sharing of confidential information for business discussions, establishing clear expectations between parties, providing legal recourse if confidentiality is breached, facilitating investor discussions and partnership negotiations, and protecting competitive advantages.

How do you implement an NDA successfully?

Use NDAs before disclosing confidential information. Define what’s protected clearly. Ensure all parties understand their obligations. Maintain records of what’s disclosed and when. Mark confidential documents appropriately. Train employees on requirements. Address suspected breaches promptly.

What are the advantages and disadvantages of NDAs?

Advantages include legal protection for confidential information, clear boundaries, and a deterrent against unauthorised disclosure. Disadvantages include drafting costs (£500–£3,000 for bespoke), administrative burden of managing multiple NDAs, potential to intimidate legitimate whistleblowing if poorly drafted, and limited effectiveness once information enters the public domain.

How do you manage NDAs effectively?

Maintain a central register of all NDAs including parties, dates and expiry. Track what confidential information was disclosed under each. Monitor compliance. Review periodically for continued relevance. Update templates to reflect legislative changes. Train staff on requirements.

What are the best practices for NDAs?

Define confidential information precisely. Use reasonable durations matching information sensitivity. Carve out mandatory legal disclosures explicitly. Specify permitted disclosures clearly. Include appropriate remedies. Choose governing law carefully. Obtain professional legal review. Maintain proper records of execution and disclosure.

When should you use an NDA?

Before sharing trade secrets or proprietary information, during partnership or joint venture discussions, when presenting to potential investors, before hiring consultants accessing confidential information, during M&A due diligence, when sharing customer lists or strategies, and whenever disclosing information that provides competitive advantage.

How do you choose the right NDA?

Choose based on information flow direction (unilateral if only you disclose, mutual if both parties share, multilateral for three or more parties), relationship type (employment, partnership, investor, vendor), information sensitivity, appropriate duration, and whether you need sector-specific provisions.

The Truth About “Free” Legal Template Sites (What You’re Really Signing Up For)

Most websites offering a “free legal template” follow the same pattern:

  • You click because it’s advertised as free
  • You spend 10–15 minutes answering questions
  • At the very end, you must create an account or start a “free trial”
  • Your card is required upfront
  • The subscription auto-renews at £29–£39 per month

This isn’t a free template — it’s a subscription service. Many people only realise after being charged £300–£400 over the year.

Why These “Free” Templates Are a Legal Risk

  • Outdated wording: not aligned with current UK law
  • Missing mandatory clauses: required for legal validity
  • No compliance guidance: leaving users without legal context
  • No structured checklist: no way to verify the document works
  • Not kept updated: often unchanged when legislation changes

One incorrect clause can weaken or invalidate the entire document.

Hidden Problem: Many “Free Template” Sites Aren’t Even UK-Based

Another major issue is that many free or auto-subscription template sites operate outside the UK and use documents originally drafted for the US legal system. These are then loosely adapted for “international use,” which creates serious problems:

  • Incorrect terminology: taken from US contract law
  • Missing UK statutory references: essential legal requirements omitted
  • Non-applicable clauses: terms that don’t apply under UK legislation
  • Legal conflicts: risks breaching UK consumer, employment, or GDPR rules

Why Templates UK Does the Opposite

  • Drafted by UK professionals: written by experienced business & legal experts
  • UK-law only: no US crossover or generic “international” templates
  • One-time price from £10: no subscriptions, no renewals
  • Full preview: see the exact document before buying
  • Lifetime access: free lifetime updates included

My Templates Dashboard

All purchased templates are stored in your personal My Templates page, organised by category.

When we update a template for UK law changes, the new version appears automatically in your dashboard — free, forever.

Build a growing library of UK legal documents across every area of your business and personal life.

Transparent Pricing

From £10 per template — with free lifetime usage and free lifetime updates. No subscriptions. No renewals. No auto-billing.

Not ready to buy? Use our free interactive checklists to guide your own document — no payment required.

No tricks. No trials. No hidden fees. Just the exact UK-specific legal document you came for — at the price we told you upfront.

Build your own bespoke document with our Non-Disclosure Agreement Template. Preview the full document before buying — only pay when you’re happy with it.

Never Share Confidential Information Without an NDA in Place

Editor + Interview Versions Included • £20 One Time • No Subscriptions

Preview NDA Template
Lifetime Access • Free Updates • 30-Day Money-Back Guarantee

Get Every Template in One Bundle

The UK Legal Templates Ultimate Bundle includes 91 templates across every category — one purchase, lifetime updates, no subscriptions.

Explore Template Bundles by Category

One purchase, lifetime updates, no subscriptions.

Browse all bundles →

Explore the Master Business Legal Templates Pillar Guide

The complete overview of 37 essential UK business templates.

UK Business Legal Templates — Complete Master Guide

Explore All Templates UK Pillar Guides

Related Guides

Free Legal Templates & Interactive Checklists

Access all our free UK legal templates, checklists and downloadable PDFs.

Browse Free Templates →

Never Share Confidential Information Without an NDA in Place

Editor + Interview Versions Included • £20 One Time • No Subscriptions

Preview NDA Template
Lifetime Access • Free Updates • 30-Day Money-Back Guarantee

Last updated: February 2026

Disclaimer: This guide provides general UK legal information, not legal advice. Laws are current as of February 2026.