Non-Disclosure Agreement UK Guide 2025: Legal Requirements, Victims and Prisoners Act Changes & Enforcement [Complete Framework]

The costly mistake most UK businesses make with NDAs can be avoided — download our free NDA Compliance Checklist to secure your confidential information and legal compliance in 20 minutes.

From 1 October 2025, sweeping changes under the Victims and Prisoners Act 2024 fundamentally transform how NDAs operate in the UK. Non-disclosure agreements signed on or after this date cannot prevent victims of crime from reporting to police, seeking legal advice, or accessing support services. Combined with proposed Employment Rights Bill restrictions on harassment and discrimination disclosures, UK businesses face the most significant NDA regulatory changes in decades.

Before we explore this evolving legal framework, here’s a free resource to help you navigate the new compliance landscape:

Quick Navigation

• What are the three types of NDA?
• What happens if you breach an NDA in the UK?
• Are non-disclosure agreements legal in the UK?
• Is the UK moving to ban NDAs?
• What are the GDPR implications of non-disclosure agreements?
• What happens to non-disclosure agreements after Brexit?
• Is non-disclosure agreement covered by UK employment law?
• Is non-disclosure agreement tax deductible for businesses?
• Are non-disclosure agreements subject to VAT?
• How does non-disclosure agreement work?

What are the three types of NDA?

Quick Answer: The three main types of non-disclosure agreements are unilateral (one-way) NDAs where only one party shares confidential information, mutual (two-way) NDAs where both parties exchange sensitive information, and multilateral NDAs involving three or more parties sharing confidential information.

Understanding NDA types is crucial for selecting the appropriate protection level for your business relationships. Each type serves distinct purposes and creates different confidentiality obligations depending on information flow between parties.

Unilateral NDAs (One-Way Agreements): Unilateral NDAs are one-way agreements where only one party discloses confidential information. They are commonly used when an employer shares proprietary information with employees or contractors. In employment contexts, new workers routinely sign unilateral NDAs protecting technical information, trade and business secrets, client details and any other confidential information which an employee may discover during their employment.

Common unilateral NDA scenarios include employers onboarding new employees, businesses sharing product designs with manufacturers, companies disclosing financial information to potential investors, or organisations providing confidential data to consultants or advisors. The receiving party bears all confidentiality obligations while the disclosing party retains full control over their sensitive information.

In some circumstances, a one-way NDA will need to be executed as a deed rather than a simple contract. Some NDAs require execution as a deed to strengthen enforceability, especially where no consideration is exchanged.

Mutual NDAs (Two-Way Agreements): Mutual NDAs are used when both parties are sharing sensitive information that needs to be kept confidential. These agreements involve both parties sharing sensitive information and agreeing to keep it confidential. Businesses considering collaboration opportunities commonly implement mutual NDAs before revealing any sensitive information during preliminary negotiation stages.

Mutual NDAs are essential when businesses explore joint ventures, potential mergers, strategic partnerships, technology licensing arrangements, or collaborative product development. Both parties have equal confidentiality obligations, creating balanced protection that recognises the mutual vulnerability of sharing proprietary information.

The symmetrical nature of mutual NDAs requires careful drafting to ensure obligations apply equally to both parties. Unlike unilateral agreements where one party clearly holds power, mutual NDAs demand fair, reciprocal terms that neither party can later claim were unconscionable or unreasonably one-sided.

Multilateral NDAs (Multi-Party Agreements): Multilateral NDAs involve three or more parties where each party shares confidential information with some or all of the others. Rather than executing multiple bilateral NDAs between each pair of parties, a single multilateral agreement streamlines the process while maintaining comprehensive protection.

Complex business arrangements often require multilateral NDAs: consortium projects involving multiple companies, multi-party joint ventures, supply chain arrangements with numerous participants, or industry collaborations involving competitors working on pre-competitive research. The complexity increases significantly with each additional party, requiring precise definition of who can share what information with whom.

Drafting multilateral NDAs demands particular attention to information flow matrices—explicit provisions detailing which parties can access which categories of confidential information. Without clear boundaries, the multilateral structure can create confusion about permitted disclosures, potentially undermining the entire agreement’s effectiveness.

Hybrid and Specialised NDA Structures: Beyond these three primary types, businesses may encounter hybrid structures combining elements of different NDA types. For instance, a primarily unilateral NDA might include limited mutual obligations for certain categories of information, or a mutual NDA might have asymmetric duration periods reflecting different information sensitivity levels.

Industry-specific variations also exist: pharmaceutical NDAs for clinical trial data, technology sector NDAs covering source code and algorithms, financial services NDAs protecting trading strategies, or creative industry NDAs safeguarding artistic concepts. While these remain fundamentally unilateral, mutual, or multilateral in structure, they incorporate specialised provisions addressing sector-specific confidentiality concerns.

For comprehensive guidance on protecting business confidential information across different contractual relationships, explore our UK Business Legal Templates covering various business scenarios. New businesses should also review our free legal checklist for startups which includes confidentiality agreement guidance.

What happens if you breach an NDA in the UK?

Quick Answer: Breaching an NDA in the UK typically results in civil liability including financial damages to compensate losses, injunctions preventing further disclosure, and reputational damage. While most breaches are civil matters, extreme cases involving insider trading or violating court injunctions can result in criminal charges.

Breaking an NDA is a serious matter with major legal and financial consequences. Understanding potential repercussions helps businesses and individuals appreciate the importance of confidentiality obligations and the risks of non-compliance.

Financial Damages and Compensation: The primary consequence of breaching an NDA is civil liability for damages. The person or company whose secrets you spilled can claim damages, including compensation for any losses they suffered due to the leak. Courts calculate actual damages based on the harm caused by the leak—if your breach resulted in the loss of clients or business opportunities, those damages could add up quickly.

Common consequences include financial damages to compensate the injured party or legal injunctions to stop further disclosures. Some NDAs contain liquidated damages clauses specifying predetermined breach penalties—these might range from a few thousand pounds to hundreds of thousands, depending on the importance of the information and the potential impact of a breach. Liquidated damages differ from compensatory damages as they’re predetermined within the contract rather than determined by courts assessing actual financial impact.

Beyond direct compensation, courts may also order payment of the other party’s legal costs, including solicitor fees. If the breach is seen as particularly reckless or intentional, punitive damages designed to punish the wrongdoer might be awarded, though these are less common in UK contract law than in US jurisdictions.

Injunctive Relief: A breach could lead to an injunction, which is a court order preventing further disclosure of sensitive information. UK courts can issue injunctions—legal orders stopping you from taking certain actions (like sharing more information) or, in serious cases, forcing you to recover confidential information from those you’ve shared it with.

Injunctions come in different forms: interim injunctions prevent breach before it occurs if the disclosing party learns of threatened disclosure, prohibitory injunctions stop ongoing breaches, and mandatory injunctions require positive action like returning or destroying confidential materials. If you ignore an injunction, it could lead to contempt of court charges, which may result in heavy fines or imprisonment in extreme cases.

The severity of injunctive relief depends on breach circumstances. Courts consider factors including the sensitivity of disclosed information, extent of actual or potential harm, whether the breach was deliberate or negligent, and whether damages alone would adequately compensate the injured party. For truly irreplaceable trade secrets or situations where monetary compensation cannot adequately remedy harm, injunctions become the primary enforcement mechanism.

Employment Consequences: If an employee breaches an NDA with their employer, they may face disciplinary action or an official warning, immediate dismissal depending on the severity of the breach, and liability for financial losses meaning they could be required to compensate the company for damages. Employment termination for NDA breach is often summary dismissal (without notice) as confidentiality breaches typically constitute gross misconduct.

Beyond immediate employment consequences, NDA breaches create lasting professional reputational damage. Even if the financial cost isn’t catastrophic, breaches of confidentiality can seriously harm your business’s reputation—both with customers and potential partners. Future employers conducting reference checks may discover the breach, significantly impacting career prospects.

Account of Profits: In some cases, the breaching party may be ordered to hand over any profits made by misuse of the confidential data. This remedy, known as “account of profits,” prevents wrongdoers from benefiting financially from their breach. If someone used your trade secrets to develop a competing product and generated £100,000 in profits, courts might order them to pay you that £100,000 even if your actual losses were lower.

Account of profits is particularly relevant when the breaching party has commercially exploited confidential information, creating a competitive advantage or generating revenue directly attributable to the breach. This remedy focuses on stripping away unjust enrichment rather than merely compensating proven losses.

Criminal Consequences (Rare but Possible): While NDA breaches themselves are civil matters, related conduct (such as theft of documents, insider trading, or violating a court injunction) can lead to criminal consequences. A non-disclosure agreement is a civil contract, so breaking one is generally not considered a criminal offence. However, several scenarios can elevate matters to criminal liability:

If someone steals confidential documents, that act could potentially be prosecuted as theft, which is a criminal offence. Using confidential information for insider trading (such as on the stock market) could attract criminal charges outside the NDA claim itself. If the NDA breach involves violating laws such as the Data Protection Act 2018, there may be regulatory penalties (though prison is still rare for individuals, it’s theoretically possible in egregious cases).

If you break an NDA related to a government or military contract, it may be construed as espionage or a national security violation under the Official Secrets Act 1989. You could face criminal penalties if you leverage information protected by an NDA to facilitate illegal activities. If a court issues an injunction to stop breaching an NDA and you violate this order, contempt of court claims can lead to criminal charges.

The Breach Process—What Actually Happens: If someone believes you’ve broken an NDA, here’s what typically happens: you’ll likely receive a cease-and-desist letter asking you to stop the offending behaviour with evidence of the breach. Parties often negotiate a settlement rather than go to court—this might include financial compensation or agreeing to additional restrictions. If you can’t resolve the matter, the injured party may start legal action for breach of contract.

Courts will look at the specific wording of your NDA, so having a well-drafted and unambiguous agreement is critical if you ever need to enforce it. The burden of proof lies with the party alleging breach—they must demonstrate that confidential information was disclosed, the disclosure breached the NDA’s terms, and they suffered damages as a result.

Defences to Breach Claims: Not every disclosure constitutes an actionable breach. Valid defences include: information was already in the public domain, the recipient obtained information independently from another source, disclosure was required by law or court order, the information didn’t meet the NDA’s definition of confidential information, or the NDA itself was unenforceable due to unreasonableness or lack of consideration.

Under the common law, an NDA, irrespective of its terms, cannot validly seek to prevent a person from making disclosures to the police or appropriate regulatory or statutory bodies in relation to a criminal offence. From October 2025, these protections significantly expand under new legislation.

For businesses setting up comprehensive confidentiality frameworks, our business setup guide explains how NDAs fit into overall legal compliance. The free NDA compliance checklist helps verify your agreements meet current UK legal requirements.

Are non-disclosure agreements legal in the UK?

Quick Answer: Yes, non-disclosure agreements are legal and enforceable in the UK when properly drafted, reasonable in scope, and don’t attempt to restrict lawful rights such as whistleblowing or reporting criminal conduct. From October 2025, significant new restrictions apply to protect crime victims and prevent harassment cover-ups.

NDAs remain a legitimate and widely-used legal tool for protecting business confidential information, but their lawful use operates within increasingly defined boundaries. Recent legislative changes fundamentally reshape what NDAs can and cannot do.

Core Legal Framework: An NDA is a legally binding document. If a party that has signed an NDA later discloses or uses the information that they’ve agreed to keep confidential (in a way that they’ve agreed not to), this will be an unlawful ‘breach of confidence’. NDAs are enforceable if they are properly drafted, reasonable, and do not attempt to restrict lawful rights, such as whistleblowing or reporting harassment.

For an NDA to be legally enforceable, it must satisfy basic contract law requirements: offer and acceptance (both parties must agree to the terms), consideration (something of value exchanged—often employment, payment, or mutual information sharing), intention to create legal relations, and capacity (parties must have legal capacity to contract). Additionally, the NDA must not violate public policy or attempt to conceal illegal activity.

Reasonable Scope Requirements: Courts scrutinise NDAs for reasonableness. Overly broad or unreasonable clauses could make the agreement invalid or unenforceable in court. Reasonableness assessment considers duration (is the confidentiality period appropriate for the information type?), scope of protected information (is the definition of confidential information specific enough?), geographic restrictions (if any), and the balance of obligations versus legitimate business interests.

An NDA attempting to protect genuinely confidential trade secrets indefinitely would likely be enforceable, while an NDA claiming all information discussed in meetings—regardless of whether already public knowledge—for 50 years would likely be deemed unreasonable and unenforceable. The test is whether restrictions go beyond what’s necessary to protect legitimate confidential interests.

Mandatory Legal Limitations: Regardless of what an NDA says, certain disclosures cannot be prevented by law. Section 43J of the Employment Rights Act 1996 continues to invalidate any section in an agreement that attempts to prevent a worker from making a “protected disclosure” (whistleblowing). Any part of an agreement that tries to stop a worker from making a protected disclosure is invalid and cannot be enforced.

NDAs cannot prevent individuals from making protected disclosures under whistleblowing legislation, reporting a crime to the police, discussing their pay with colleagues when discussing equal pay issues, or complying with legal obligations or court orders. These limitations exist regardless of NDA wording—attempting to restrict these disclosures renders those provisions void.

Victims and Prisoners Act 2024 Changes (Effective 1 October 2025): The legislative change makes clear in statute that non-disclosure agreements cannot be enforced insofar as they seek to prevent victims from reporting crime to the police. Non-disclosure agreements signed on or after 1 October 2025 will be legally unenforceable to the extent that they seek to prevent such disclosures.

Under section 17 of the Victims and Prisoners Act 2024, non-disclosure agreements signed on or after 1 October 2025 will not be enforceable against victims of crime in relation to disclosure of information about relevant conduct to: police or other bodies which investigate or prosecute crime for investigating or prosecuting the relevant conduct, qualified lawyers for seeking legal advice about the relevant conduct, regulated professionals (including regulated healthcare professionals) for obtaining professional support in relation to the relevant conduct, victim support services for obtaining support in relation to the relevant conduct, regulators for cooperating with the regulator in relation to the relevant conduct, close family members for obtaining personal support, and persons authorised to receive information on behalf of any of the above.

Importantly, the carve-out applies only to disclosures made for personal support or redress; clauses may still restrict publicity-driven statements or release of commercial secrets unrelated to the offence. The Ministry of Justice’s June 2025 guidance urges employers to specify within settlement agreements exactly what information can be shared, with whom and why, to ensure boundaries are clear.

Higher Education Sector Restrictions (Effective 1 August 2025): From 1 August 2025, under the Higher Education (Freedom of Speech) Act 2023, registered Higher Education Providers will have a duty to ensure that they do not enter into non-disclosure agreements with students, staff, members or visiting speakers where they come forward with a complaint of sexual misconduct, abuse or harassment, or any other form of bullying or harassment. Any such non-disclosure agreements entered into from 1 August 2025 will be void.

Proposed Employment Rights Bill Restrictions: Clause 22A of the Employment Rights Bill effectively nullifies any term, whether in an employment contract, settlement agreement, staff policy or stand-alone NDA, that seeks to prevent a worker from alleging or discussing workplace harassment or discrimination, or the employer’s handling of those issues. Royal Assent for the Bill is pencilled in for autumn 2025, with Clause 22A expected to commence during the first implementation window in 2026 once regulations are settled.

Professional Regulatory Requirements: The Solicitors Regulation Authority issued warning notices about NDA misuse. NDAs must not include or propose clauses known to be unenforceable or use warranties, indemnities, and claw back clauses in a way which is designed to, or has the effect of, improperly preventing or inhibiting permitted reporting or disclosures being made.

Taking unfair advantage of an opposing party—whether unrepresented or represented by a lawyer, professional adviser, litigation friend, intermediary or other third party—would result in a breach of professional obligations. This includes taking advantage of an opposing party’s lack of legal knowledge or where they have limited access to legal representation or advice.

Legitimate Uses of NDAs: Despite heightened scrutiny, NDAs remain lawful and appropriate for: protecting genuine trade secrets and proprietary business information, safeguarding intellectual property during business discussions, maintaining confidentiality of settlement terms (except where restricted by new legislation), protecting customer data and commercially sensitive information, and ensuring confidentiality during merger and acquisition discussions.

The key is ensuring NDAs protect legitimate business interests without overreaching into areas where public policy demands transparency. Properly drafted NDAs clearly delineate what information is protected, for how long, and explicitly carve out all legally required disclosures.

For comprehensive legal protection across your business operations, explore our UK Business Legal Templates covering NDAs and commercial contracts. Employment-related confidentiality provisions should be reviewed alongside our Employment Documents Guide.

Now that you understand the legal framework and recent regulatory changes, here’s a comprehensive solution that addresses all compliance obligations:

Is the UK moving to ban NDAs?

Quick Answer: The UK is not banning NDAs entirely, but the Employment Rights Bill proposes to ban employers from using confidentiality clauses to prevent workers from alleging or disclosing workplace harassment and discrimination. Combined with October 2025 Victims and Prisoners Act restrictions, NDAs face significant new limitations while remaining legal for legitimate business purposes.

Recent legislative developments reflect growing concern about NDA misuse to silence victims of misconduct while preserving their legitimate role in protecting business confidential information. Understanding this nuanced regulatory evolution is essential for compliant NDA use.

Employment Rights Bill Provisions: An amendment to the Employment Rights Bill is set to ban employers from using confidentiality clauses to prevent workers from discussing harassment and discrimination. Clause 22A effectively nullifies any term, whether in an employment contract, settlement agreement, staff policy or stand-alone NDA, that seeks to prevent a worker from alleging or discussing workplace harassment or discrimination, or the employer’s handling of those issues.

Under the Employment Rights Bill, disclosures by a worker about sexual harassment will be a protected disclosure for whistleblowing purposes and therefore such disclosures will be excluded from the scope of confidentiality provisions in NDAs. Similarly, the Government is proposing that contractual provisions which purport to prevent a worker from making allegations of or disclosing information about workplace discrimination and harassment (or how an employer responded to such allegations or disclosures) will also be void, unless contained in an “excepted agreement”.

The ban will not apply to “excepted agreements”, provided they meet conditions determined by the Secretary of State in secondary legislation. It has been suggested that this could include an NDA requested by a worker. Royal Assent for the Bill is pencilled in for autumn 2025, with Clause 22A expected to commence during the first implementation window in 2026 once regulations are settled.

What This Means Practically: Employers should audit all template contracts and settlement agreements now, revise confidentiality wording, train HR and legal teams on the new limits, and prepare alternative approaches to settling discrimination disputes where secrecy can no longer be guaranteed. Existing NDAs remain valid, but any renewal or material variation after the provisions come into force will trigger the new regime. Templates should therefore be updated well in advance to remove over-broad gagging language.

NDAs Are NOT Being Banned—Key Clarifications: Despite headlines suggesting wholesale NDA bans, the reality is far more nuanced. NDAs remain lawful and essential for: protecting trade secrets, proprietary technology, and business strategies, safeguarding client lists and customer information, maintaining confidentiality of financial information and business plans, protecting intellectual property during negotiations, and ensuring confidentiality during mergers and acquisitions.

The restrictions target specific misuse of NDAs to cover up wrongdoing, not legitimate business confidentiality protection. The government’s position, consistently reiterated in guidance, is that NDAs and confidentiality clauses should never be used to cover up inappropriate behaviour and wrongdoing including harassment. They should also not be seen to stop claims of whistleblowing or discrimination.

Historical Context—Why These Changes: NDA scrutiny intensified following the #MeToo movement, which raised concerns about how confidentiality agreements and out-of-court payouts have reportedly been used by wealthy, powerful men to hush-up victims of sexual harassment. At its worst, there have been allegations of such misconduct being covered up by the making of a payment in exchange for the silence of the victim.

In 2019, the UK government launched a consultation to review the use of confidentiality clauses and address unethical practices. Proposed changes have progressively moved through Parliament, resulting in the Victims and Prisoners Act 2024 and the pending Employment Rights Bill provisions.

Victims and Prisoners Act 2024 Focus: While not a “ban,” this Act creates substantial new restrictions. As of June 2024, the UK has new legislation in place that aims to prevent non-disclosure agreements from being used to prevent victims from reporting criminal conduct to law enforcement, family, or others. The focus is specifically on protecting crime victims, not restricting legitimate business confidentiality.

International Comparisons: The UK’s approach balances protecting victims with preserving legitimate business confidentiality tools. Some jurisdictions have taken more restrictive approaches—certain US states have banned NDAs in sexual harassment settlements entirely, while others heavily restrict their use. The UK’s targeted approach attempts to prevent specific abuses without eliminating NDAs as a business tool.

Reputational Considerations: Beyond legal compliance, employers must consider reputational risks. Misusing NDAs to silence employees, particularly in cases of harassment or whistleblowing, can lead to public scrutiny, legal challenges and employment law claims. Even where technically legal, heavy-handed NDA use can trigger significant reputational damage when publicised.

What Employers Should Do Now: In response to these developments, businesses should review all existing NDA templates and settlement agreements, explicitly carve out all legally protected disclosures including crime reporting, whistleblowing, and discrimination allegations, provide clear plain English explanations of what NDAs cover and don’t cover, ensure employees signing NDAs receive independent legal advice with adequate time to consider terms (minimum 10 days for settlement agreements), train HR and legal teams on proper NDA use and limitations, and document legitimate business purposes for confidentiality provisions.

Legitimate NDA Uses Remain Protected: Properly scoped NDAs protecting genuine business interests face no restriction. The changes target NDAs used to silence victims or cover up wrongdoing, not NDAs protecting trade secrets, customer lists, product development information, or other legitimate confidential business information. Businesses can continue using NDAs confidently when they serve proper business purposes and include appropriate carve-outs.

For businesses navigating these regulatory changes, our UK Business Legal Templates provide current, compliant documentation. New businesses should consult our free legal checklist covering confidentiality agreement best practices.

What are the GDPR implications of non-disclosure agreements?

Quick Answer: NDAs must comply with UK GDPR when they involve processing personal data, requiring lawful basis for processing, transparency about data use, and respecting data subject rights. NDAs cannot override UK GDPR obligations, and confidentiality provisions must explicitly permit data protection-mandated disclosures to ICO and data subjects.

The intersection of confidentiality obligations and data protection law creates complex compliance challenges. While NDAs protect business information, UK GDPR protects individuals’ personal data—sometimes these objectives collide, requiring careful navigation.

When NDAs Involve Personal Data: Many business scenarios involving NDAs inherently include personal data: employee NDAs protecting staff information, customer confidential information including personal details, business partner NDAs covering contact details and relationship information, and consultant agreements protecting client personal data encountered during work.

Whenever an NDA covers information that includes personal data—any information relating to an identified or identifiable living individual—UK GDPR applies alongside confidentiality obligations. Organizations must satisfy both regimes simultaneously, ensuring confidentiality agreements don’t inadvertently breach data protection requirements.

Lawful Basis for Processing Under NDA: If you are located in the EU or UK, the General Data Protection Regulation (GDPR) and UK GDPR require explaining the valid legal bases relied on to process personal information. When processing personal data under an NDA relationship, organizations typically rely on: performance of a contract (where processing is necessary to perform the NDA itself), legitimate interests (where confidentiality protection constitutes a legitimate business interest balanced against individual rights), or consent (though this is less common in B2B NDA contexts).

The Data (Use and Access) Act 2025 introduces “recognised legitimate interests” that don’t require full legitimate interest assessments, including sharing data within groups of companies for internal administrative purposes and ensuring the security of network and information systems. However, even recognised legitimate interests must respect individual rights and freedoms.

Data Subject Rights vs Confidentiality: UK GDPR grants individuals rights including access to their personal data, rectification of inaccurate data, erasure (“right to be forgotten”), restriction of processing, data portability, and objection to processing. NDAs cannot override these rights. If an individual exercises their data subject access request (DSAR), you must provide their personal data even if it’s subject to an NDA, though you may need to redact third-party confidential information.

This creates practical challenges: an employee subject to an NDA exercises a DSAR seeking all personal data held about them, including settlement agreement details. The organization must provide this information while potentially redacting genuinely confidential business information unrelated to the data subject. The ICO has published guidance on balancing confidentiality with transparency obligations.

Mandatory Disclosures to ICO: Under UK GDPR Article 33, organizations must report certain personal data breaches to the Information Commissioner’s Office within 72 hours. NDAs cannot prevent these mandatory breach notifications. If confidential customer data protected by NDA is compromised in a breach, the organization must still report to ICO regardless of confidentiality obligations.

Similarly, ICO investigations may require disclosure of information subject to NDAs. UK GDPR enforcement powers enable ICO to access personal data and related information during investigations. Organizations cannot refuse ICO requests citing NDA confidentiality—cooperation with data protection authorities takes precedence.

Privacy Notices and NDA Transparency: Organizations must provide privacy notices explaining how personal data is processed. When NDAs are involved, privacy notices should explain that certain information may be subject to confidentiality obligations, how those obligations interact with data protection rights, that data subject rights remain exercisable despite confidentiality provisions, and who to contact with questions about the interplay between confidentiality and data protection.

Transparency obligations under UK GDPR Articles 13 and 14 cannot be negated by NDAs. Even where information is highly confidential, individuals whose personal data you process must receive adequate privacy information.

International Data Transfers and NDAs: When NDAs involve international business relationships, data transfers outside the UK trigger additional UK GDPR requirements. The Data (Use and Access) Act 2025 introduces a new test where the Secretary of State determines whether the destination country’s standard of data protection is “not materially lower” than the standard in the UK.

NDAs should address cross-border data transfer compliance, specifying which transfer mechanisms apply (adequacy decisions, standard contractual clauses, or other safeguards), confirming both parties will comply with applicable data protection laws, and clarifying how confidentiality obligations interact with data protection requirements in each jurisdiction.

Data Processing Agreements vs NDAs: When one party processes personal data on behalf of another (controller-processor relationship), UK GDPR Article 28 mandates a Data Processing Agreement (DPA). This is separate from and additional to any NDA. Our Data Processing Agreement guide explains these requirements, while our free DPA compliance checklist ensures proper coverage.

Some organizations attempt to combine confidentiality and data processing obligations in a single document. While possible, this risks confusion—better practice involves separate agreements with clear cross-references explaining how they interact.

Data Breach Scenarios: If a party to an NDA suffers a personal data breach affecting confidential information, multiple obligations arise simultaneously: notifying ICO under UK GDPR Article 33 (if breach meets notification thresholds), notifying affected individuals under UK GDPR Article 34 (if high risk to rights and freedoms), notifying the other party under NDA breach notification provisions, and taking remedial action to prevent further breaches.

NDAs should explicitly carve out data breach notifications, confirming that mandatory data protection disclosures don’t constitute confidentiality breaches. Without such carve-outs, organizations might hesitate to fulfill UK GDPR obligations, creating regulatory compliance risks.

Practical Drafting Considerations: Well-drafted NDAs address UK GDPR intersection through: explicit carve-outs for data subject rights exercise and mandatory ICO disclosures, provisions confirming both parties comply with applicable data protection law, clarity about whether a controller-processor relationship exists (requiring separate DPA), provisions for secure processing meeting UK GDPR Article 32 security requirements, and procedures for handling data breaches affecting confidential information.

For comprehensive data protection compliance alongside confidentiality protection, our Data Processing Agreement guide explains controller-processor relationships while maintaining proper confidentiality frameworks.

What happens to non-disclosure agreements after Brexit?

Quick Answer: Post-Brexit, UK NDAs continue operating under UK law with minimal practical changes for domestic agreements. The main impacts involve EU GDPR adequacy decisions for data transfers, potential divergence between UK and EU confidentiality law, and considerations for NDAs governing cross-border EU-UK business relationships.

Brexit’s impact on NDAs is less dramatic than many feared, but businesses with EU relationships must understand key changes to maintain effective confidentiality protection across jurisdictions.

UK Law Continues to Govern: For purely domestic UK NDAs, Brexit changed little. Confidentiality law derives primarily from common law principles and UK contract law, not EU legislation. NDAs governed by English law, Welsh law, Scots law, or Northern Irish law continue applying as before. The fundamental legal framework protecting confidential information remains intact.

Pre-Brexit NDAs remain fully enforceable. Organizations need not update existing agreements solely due to Brexit unless they contain specific provisions requiring modification (such as exclusive EU jurisdiction clauses or references to EU law that should now reference UK law).

Governing Law and Jurisdiction Clauses: If you and the other party to the NDA are not both in the same country, the NDA will need to state which law governs the agreement. Remember England and Wales have a different legal system to Scotland. It will also need to state in which courts it can be enforced.

Post-Brexit considerations for governing law include: UK-EU business relationships should consider whether English law or an EU member state’s law governs the agreement, jurisdiction clauses should specify UK or EU courts with careful consideration of enforcement, and organizations should avoid granting exclusive jurisdiction to one country’s courts as you may want to enforce the NDA in a different country if an unauthorised disclosure is made there.

Cross-Border Enforcement: Before Brexit, EU regulations facilitated judgment recognition and enforcement across member states. Post-Brexit, enforcement of UK court judgments in EU countries, and vice versa, depends on bilateral arrangements or international conventions. This creates additional complexity for cross-border NDA enforcement.

Practical implications include potential additional costs and time required to enforce UK judgments in EU courts, need for local legal advice in relevant jurisdictions, and increased importance of alternative dispute resolution (arbitration) clauses which may offer smoother cross-border enforcement through the New York Convention on Recognition and Enforcement of Foreign Arbitral Awards.

Data Protection and Brexit: UK GDPR adequacy decisions significantly impact NDAs involving personal data transfers between UK and EU. The EU granted the UK adequacy decisions allowing personal data transfers from EU to UK without additional safeguards. These adequacy decisions require periodic review—the most recent review concluded that the UK continues to ensure a level of protection essentially equivalent to the EU GDPR level.

For NDAs involving UK-EU data transfers: data flowing from EU to UK currently benefits from adequacy decisions, making transfers straightforward under existing mechanisms. However, if UK data protection law diverges substantially from EU standards, adequacy could be withdrawn, requiring additional transfer mechanisms. Organizations should monitor regulatory developments and include flexibility in NDAs to adapt transfer mechanisms if needed.

Regulatory Divergence Potential: While UK and EU confidentiality law remain closely aligned currently, divergence is possible over time. The Data (Use and Access) Act 2025 represents the UK’s first significant post-Brexit data protection reform, introducing changes to UK GDPR including recognised legitimate interests and modified international transfer regimes.

Future divergence might include different approaches to NDA enforceability, varying restrictions on NDAs in employment contexts, different data protection requirements affecting confidential information, or distinct sector-specific regulations. Organizations with UK-EU operations should monitor both regimes and ensure NDAs remain compliant with all applicable laws.

Professional Services and Brexit: Some professions face additional cross-border recognition challenges post-Brexit. Solicitors, for example, may need additional qualifications to practice in EU jurisdictions. This impacts legal advice provision on NDAs—UK solicitors advising on EU law aspects or EU solicitors advising on UK law may face practice restrictions requiring local qualified advice.

Practical Drafting for Post-Brexit NDAs: NDAs governing UK-EU relationships should: specify governing law clearly (English law, EU member state law, or potentially a neutral jurisdiction), include non-exclusive jurisdiction clauses enabling enforcement in multiple countries, address data protection compliance explicitly including adequacy reliance or alternative transfer mechanisms, consider arbitration clauses for smoother cross-border enforcement, avoid overly UK-specific or EU-specific language that might cause confusion in the other jurisdiction, and include review provisions to assess whether Brexit-related regulatory changes require amendment.

Northern Ireland Special Considerations: Under the Northern Ireland Protocol (now the Windsor Framework), Northern Ireland maintains unique status regarding certain EU rules. NDAs involving Northern Ireland parties or operations may face additional considerations depending on whether they relate to goods (subject to EU rules in some respects) or services (generally subject to UK rules).

Ongoing Monitoring Requirements: Brexit’s impact on NDAs continues evolving as UK and EU law potentially diverge. Organizations should establish processes to monitor regulatory changes in relevant jurisdictions, review cross-border NDA templates periodically, ensure legal advice covers all applicable jurisdictions, and maintain flexibility to adapt NDAs as legal frameworks develop.

For businesses navigating post-Brexit legal compliance, our business setup guide addresses cross-border considerations. The UK Business Legal Templates collection provides current UK-law-compliant documentation.

If you’re serious about comprehensive legal protection across your business operations, this next resource provides complete coverage:

Is non-disclosure agreement covered by UK employment law?

Quick Answer: Yes, NDAs are extensively covered by UK employment law, particularly when used in employment contracts, settlement agreements, or to protect employee-accessed confidential information. Recent legislative changes including the Victims and Prisoners Act 2024 and proposed Employment Rights Bill significantly restrict NDA use in employment contexts.

The employment law dimension of NDAs has become one of the most heavily regulated areas, reflecting concern about NDA misuse to silence employees experiencing misconduct while recognizing legitimate business confidentiality needs.

NDAs in Employment Contracts: Often, non-disclosure clauses or confidentiality provisions are included in the employment contract between the employer and employee in order to protect technical information, trade and business secrets, client details and any other confidential information which an employee may discover during their employment.

Standard employment contracts typically include clauses protecting: trade secrets and proprietary processes, customer lists and client relationships, business strategies and financial information, product development plans and pricing structures, and employee personal data accessed during employment. These provisions operate during employment and typically continue for a specified period after employment ends.

Settlement Agreement NDAs: NDAs are also used as part of settlement agreements following the end of employment, often where disputes or grievances are involved. Settlement agreement confidentiality provisions typically cover: the fact that a settlement has been reached, the settlement terms including financial amounts, circumstances leading to employment termination, and details of any workplace disputes or grievances.

However, from October 2025, the Victims and Prisoners Act 2024 significantly restricts what settlement NDAs can cover. From Autumn 2025, proposed Employment Rights Bill provisions will further prohibit NDAs preventing discussion of harassment and discrimination.

Whistleblowing Protections: Section 43J of the Employment Rights Act 1996 continues to invalidate any section in an agreement that attempts to prevent a worker from making a “protected disclosure” (whistleblowing). Any part of an agreement that tries to stop a worker from making a protected disclosure is invalid and cannot be enforced.

Protected disclosures cover reasonable beliefs about: criminal offences, failure to comply with legal obligations, miscarriages of justice, danger to health and safety, damage to the environment, and deliberate concealing of any of the above. NDAs cannot prevent employees reporting these matters to appropriate authorities, even if settlement agreements attempt to restrict such disclosures.

Post-Employment Restrictions: NDAs in employment contexts often work alongside post-termination restrictive covenants including non-compete clauses, non-solicitation of customers, non-solicitation of employees, and non-dealing provisions. While NDAs protect confidential information, restrictive covenants limit competitive activities. Both must be reasonable to be enforceable, with courts scrutinizing whether restrictions go beyond protecting legitimate business interests.

Employee Rights When Signing NDAs: Employees confronted with NDAs should get independent legal advice and ask that the employer pays for it—this is standard practice for settlement agreements. The employer should provide employees with a minimum of 10 days to consider confidentiality clauses before signing. There’s no legal requirement to provide workplace colleagues as representatives, but you should allow the employees affected to be accompanied during negotiations by a work colleague or trade union representative.

What NDAs Can and Cannot Restrict: Employment NDAs CAN lawfully restrict: disclosure of genuine trade secrets and proprietary business information, sharing customer lists or client confidential information, revealing business strategies or product development plans, and disclosing other employees’ personal or salary information (except for equal pay discussions).

Employment NDAs CANNOT lawfully restrict: whistleblowing about wrongdoing, reporting crimes to police, discussing pay for equal pay purposes, making complaints to employment tribunals, reporting to regulatory bodies, or from October 2025, discussing harassment, discrimination, or criminal conduct of which the employee is a victim.

Enforcement in Employment Context: Employers seeking to enforce employment NDAs must demonstrate: the information was genuinely confidential (not merely general knowledge or skills), the NDA was properly incorporated into the employment contract or settlement agreement, the restriction is reasonable in duration and scope, enforcement serves legitimate business interests, and the restriction doesn’t violate public policy or statutory rights.

Courts are skeptical of overbroad employment NDAs. Attempting to prevent employees from working in their field or using general skills and knowledge acquired during employment typically fails. NDAs must target specific confidential information, not general employee capabilities.

Settlement Agreement Practical Requirements: For settlement agreement confidentiality clauses to be enforceable: the employee must receive independent legal advice from a qualified advisor, the agreement must identify the advisor who provided advice, there must be adequate consideration (usually a payment exceeding statutory entitlements), the employee must have reasonable time to consider terms (minimum 10 days), and the agreement must include required statutory wording confirming it satisfies settlement agreement requirements.

Training and HR Policies: Organizations should implement policies and training ensuring HR teams understand lawful and unlawful NDA uses, managers know they cannot use confidentiality to cover up misconduct, employees understand their rights to report wrongdoing despite NDAs, and settlement negotiations comply with current legal requirements including mandatory carve-outs.

Comprehensive employment documentation requires more than just NDAs. Our Employment Documents Guide covers the complete suite of contracts, policies, and procedures. For employment law compliance, consult our free legal checklist addressing key employment obligations.

Is non-disclosure agreement tax deductible for businesses?

Quick Answer: Yes, legal fees for creating, reviewing, or enforcing non-disclosure agreements are tax deductible as business expenses under “legal and professional fees,” reducing taxable profit. Both initial NDA drafting costs and ongoing review expenses qualify as allowable deductions.

Understanding tax treatment of NDA-related costs helps businesses properly account for these expenses and maximize available tax relief. Legal fees protecting confidential business information clearly constitute legitimate business expenses.

Legal and Professional Fees Deductibility: When you pay a solicitor or legal consultant to draft or review your NDA, these costs qualify as deductible legal and professional fees. HMRC allows businesses to deduct costs “wholly and exclusively” for business purposes. Legal documentation protecting business confidential information clearly meets this test.

NDA-related deductible expenses include: initial drafting of unilateral, mutual, or multilateral NDAs, legal review and advice on NDAs presented by other parties, updating NDAs to reflect legislative changes (like October 2025 Victims and Prisoners Act compliance), enforcement costs including cease-and-desist letters and litigation, and settlement costs resolving NDA breach disputes.

Revenue vs Capital Expenditure: Legal fees are typically revenue expenditure (deductible against profits) rather than capital expenditure (added to asset values). NDAs are operational documents enabling business activity, not assets with enduring value. This means immediate tax relief in the year incurred rather than spreading deductions over multiple years.

While some intellectual property creation costs might be capitalized, NDAs protecting that IP remain revenue expenses. For example, developing patentable technology might involve capitalizable costs, but the NDA used to protect that technology during investor discussions is a revenue expense deductible when incurred.

Template Purchase vs Bespoke Drafting: Whether you purchase template NDAs or pay for bespoke legal drafting, both are tax deductible. Template purchases typically cost £50-500, while bespoke legal drafting ranges from £500-3,000 depending on complexity and whether unilateral, mutual, or multilateral. Both represent allowable business expenses reducing taxable profits.

Online legal document platforms offering NDA templates, solicitor fees for tailored NDA drafting, costs of reviewing NDAs proposed by business partners, and expenses updating NDAs for legal compliance all qualify as deductible professional fees.

Enforcement and Litigation Costs: Legal costs arising from NDA breaches are deductible. If someone breaches your NDA and you incur solicitor fees sending cease-and-desist letters, negotiating settlement, or pursuing litigation, these costs reduce taxable profits. Even unsuccessful enforcement attempts generate deductible legal fees.

However, damages paid to you following successful NDA breach claims may be taxable receipts depending on what they compensate. Damages compensating for lost profits are typically taxable trading receipts, while damages compensating for capital asset loss may be capital receipts outside trading profit taxation.

VAT Recovery on Legal Fees: If your business is VAT-registered, you can typically reclaim VAT on legal fees for NDA creation and enforcement. Solicitors charge 20% VAT on their services, and this input VAT is recoverable if you make taxable supplies. This further reduces the net cost of professional legal NDA services.

The VAT recovery position: standard-rated legal services attract 20% VAT, VAT-registered businesses making taxable supplies can reclaim input VAT, output VAT doesn’t apply to NDA creation itself (it’s not a supply you make), and the effective cost of a £1,000 + VAT solicitor bill is £1,000 for VAT-registered businesses (VAT is reclaimable).

Tax Relief by Business Structure: For sole traders and partnerships, legal fees reduce trading profits subject to income tax and Class 4 National Insurance. For limited companies, legal fees reduce corporation tax liability (currently 25% for profits over £250,000, or 19% for profits under £50,000, with marginal relief between these thresholds).

The tax saving equals your marginal tax rate multiplied by the legal fee amount. A £2,000 NDA drafting fee saves £500 for a company paying 25% corporation tax, or up to £900 for a sole trader paying 45% higher-rate income tax.

Pre-Trading Expenses: For businesses creating NDAs before commencing trading, these may be pre-trading expenses. HMRC allows businesses to treat pre-trading expenses incurred within seven years of commencing trading as though incurred on the first day of trading, making them deductible against early profits.

Startups developing intellectual property before formal trading often need NDAs for investor discussions or development partner relationships. Costs of creating these pre-launch NDAs are deductible once trading commences, even though incurred before the business opened.

Record Keeping for Deductibility: Retain invoices for legal fees, including detailed descriptions of work performed. HMRC may query large legal expenses, so documentation proving they relate to business operations (NDA drafting, review, enforcement) ensures deductibility isn’t challenged during tax investigations or enquiries.

Best practices include maintaining: dated invoices from solicitors describing services as NDA-related, correspondence demonstrating business purpose, evidence linking NDAs to specific business relationships or transactions, and records showing the confidential information protected relates to trading activities.

Non-Deductible NDA Costs: While most NDA costs are deductible, certain expenses aren’t: damages or penalties you pay for breaching someone else’s NDA (penalties aren’t deductible), criminal fines if NDA breach involves criminal conduct (criminal penalties aren’t deductible), and costs unrelated to trading (purely personal NDAs wouldn’t be deductible business expenses).

International Considerations: For businesses operating internationally, NDA costs incurred protecting UK business interests are deductible against UK profits. If your business has international operations, proper allocation of legal costs between UK and overseas entities ensures appropriate tax treatment in each jurisdiction.

For comprehensive tax planning including deductible business expenses, our business setup guide covers tax registration and accounting requirements. New businesses should review our free legal checklist which includes tax compliance guidance.

Are non-disclosure agreements subject to VAT?

Quick Answer: Non-disclosure agreements themselves are not subject to VAT as they are legal contracts, not supplies of goods or services. However, legal fees for drafting or reviewing NDAs are subject to 20% VAT, which VAT-registered businesses can typically reclaim as input tax.

Understanding VAT treatment of NDAs and related services helps businesses properly account for costs and ensure compliance with VAT regulations. The distinction between the document itself and services creating it is crucial.

The Legal Document vs Legal Services Distinction: Creating, maintaining, or updating NDAs as legal documents doesn’t trigger VAT liability on the NDA itself—it’s a legal contract, not a taxable supply. However, if you purchase legal services to draft or review your NDA, those solicitor or legal consultant fees will be subject to 20% VAT.

When you engage a solicitor to draft an NDA for £1,000, the invoice totals £1,200 (£1,000 + £200 VAT). The VAT applies to the legal service provided, not the NDA document produced. If VAT-registered, your business can reclaim the £200 VAT as input tax.

Solicitor and Legal Consultant Fees: Legal professional services are standard-rated for VAT at 20%. This includes solicitor fees for NDA drafting, legal review of NDAs presented by other parties, advice on NDA enforceability, template customization services, and litigation services for NDA enforcement. All these services attract 20% VAT.

Input VAT Recovery: If your business is VAT-registered and makes taxable supplies, you can typically reclaim VAT on legal fees for NDA services as input tax. This significantly reduces the net cost of professional legal services. A £1,200 inclusive solicitor bill costs your VAT-registered business only £1,000 (you reclaim the £200 VAT from HMRC).

Input VAT recovery requirements: your business must be VAT-registered, the legal services must relate to your taxable business activities, you must hold a valid VAT invoice from the solicitor, and you use the NDA for business purposes (not purely personal matters).

Partial Exemption Considerations: Businesses making both taxable and exempt supplies (partially exempt businesses) may face restrictions on input VAT recovery. If your business makes significant exempt supplies (like financial services or insurance), you might not fully recover VAT on legal fees including NDA costs.

Partial exemption calculations determine what proportion of input VAT relates to taxable versus exempt activities. Most UK businesses make fully taxable supplies and can reclaim all input VAT, but those with exempt activities should seek specialist VAT advice.

Template Purchases and VAT: If you purchase NDA templates online, VAT treatment depends on the supplier’s characterization: if sold as a legal service, 20% VAT applies. If sold as a digital download without significant customization, it may still be standard-rated at 20%. Most template providers charge VAT, which VAT-registered businesses can reclaim.

No Output VAT on Using NDAs: When you use an NDA in your business—having employees sign confidentiality provisions or entering NDAs with business partners—this doesn’t create output VAT. You’re not making a taxable supply by requiring confidentiality; you’re protecting business information. NDAs are business tools, not taxable supplies to others.

Cross-Border Services and VAT: If you engage an EU-based or international legal advisor to draft UK NDAs, special VAT rules may apply. For services supplied to UK businesses by overseas suppliers, the reverse charge mechanism typically applies—the UK business accounts for VAT rather than the overseas supplier.

Under reverse charge: the overseas supplier invoices without UK VAT, the UK business self-accounts for VAT (recording both output VAT due and simultaneous input VAT recovery), and the net VAT position is typically neutral for fully taxable UK businesses. This administrative requirement doesn’t change the underlying cost, but affects VAT return completion.

Enforcement Costs and VAT: If you incur costs enforcing an NDA—solicitor fees for cease-and-desist letters, litigation costs, or settlement negotiations—these legal services are standard-rated at 20% VAT. VAT-registered businesses can reclaim this VAT as input tax related to protecting business assets (confidential information).

Insurance and VAT: If you hold professional indemnity insurance covering NDA-related claims, insurance premiums are exempt from VAT but subject to Insurance Premium Tax (IPT) at 12% standard rate or 20% higher rate depending on insurance type. Input VAT cannot be recovered on exempt insurance, but businesses don’t pay VAT on insurance premiums—they pay IPT instead.

Making Tax Digital (MTD): VAT-registered businesses with taxable turnover exceeding the VAT threshold must use MTD-compatible software for VAT returns. When recording legal fees including NDA costs, ensure your accounting software properly categorizes these as legal and professional fees with correct VAT treatment for accurate MTD VAT return submission.

Record Keeping: Maintain proper VAT records for NDA-related costs including VAT invoices from solicitors showing VAT number, amount, and date, records of input VAT claims on VAT returns, evidence that services relate to taxable business activities, and documentation supporting VAT treatment if queried by HMRC.

For comprehensive VAT and tax guidance, our business setup guide covers VAT registration and compliance. New VAT-registered businesses should consult our free legal checklist for VAT obligations.

How does non-disclosure agreement work?

Quick Answer: A non-disclosure agreement works by creating a legally binding contract obligating the receiving party not to disclose or misuse confidential information shared by the disclosing party. When signed, it establishes legal consequences for unauthorized disclosure including damages, injunctions, and potential termination of business relationships.

Understanding NDA operational mechanics helps both disclosing and receiving parties appreciate their obligations and the legal framework protecting confidential information throughout business relationships.

The Confidentiality Obligation Framework: An NDA is a legal contract. It sets out how you share information or ideas in confidence. The receiving party agrees not to disclose protected information to unauthorized third parties and not to use the information except for the specifically permitted purpose defined in the agreement.

A good NDA restricts the use of the ideas and information to a specific permitted purpose. This could be the evaluation of your idea or the discussion of a joint venture. Specify that purpose in the NDA as precisely as you can. You can always widen the permitted purpose later through written amendment, but you won’t be able to narrow the restriction on the use of your ideas or information later without the receiving party’s consent.

What Information Gets Protected: NDAs typically protect three categories of information: information explicitly marked “confidential,” information disclosed orally or visually that’s confirmed in writing as confidential within a specified period (often 5-30 days), and information that would reasonably be understood as confidential given its nature or the circumstances of disclosure.

NDAs cannot protect information that: is already in the public domain or becomes public through no fault of the receiving party, was already known to the receiving party before disclosure (with evidence), is independently developed by the receiving party without using the disclosing party’s confidential information, or is received from a third party with no confidentiality obligation.

Duration of Confidentiality: Think about how long the confidentiality should last. It’s common to see it limited to 3 or 5 years. After that time they will be able to use and disclose your information. Some information could be kept confidential forever, including trade secrets, proprietary formulas or algorithms, and customer lists (though these may eventually lose value).

The duration should match the information’s commercial sensitivity. Product launch plans might need protection for only 1-2 years until public release, while manufacturing processes might require indefinite protection. Courts scrutinize perpetual confidentiality obligations carefully, ensuring they’re justified by the information’s nature.

Permitted Disclosures: You should be realistic. The person you are talking to might need to share your information with others. This could be their employees or professional advisors. They may also need to copy your information for this purpose. Make sure that these disclosures to employees and professional advisers are made in confidence.

Standard NDA permitted disclosure provisions allow sharing with employees, officers, and directors with need-to-know, professional advisors (lawyers, accountants, consultants) bound by confidentiality, and potentially subcontractors or service providers under confidentiality obligations. The receiving party remains responsible for ensuring permitted recipients maintain confidentiality.

Mandatory Disclosures: Once information is made public in anyway, an NDA can’t be enforced. Additionally, some disclosures cannot be prevented regardless of NDA terms: disclosures required by law or court order, disclosures to regulatory bodies within their jurisdiction, whistleblowing disclosures about wrongdoing, and from October 2025, victim disclosures under the Victims and Prisoners Act 2024.

Well-drafted NDAs explicitly carve out these mandatory disclosures, confirming that legally required revelations don’t constitute breaches. This protects both parties—the receiving party can comply with legal obligations without breach liability, while the disclosing party maintains maximum protection for voluntary disclosures.

When to Use NDAs: Non-disclosure agreements are commonly used in the UK when you’re sharing financial information about your business with a potential investor or partner, hiring a solicitor to handle your company’s legal affairs, sharing ideas for your business or presenting new products or technology to partners, employees, investors, and potential buyers, hiring a new employee or contractor who will inevitably have access to sensitive and/or proprietary information, discussing intellectual property for product development, or negotiating business partnerships and joint ventures.

The NDA Lifecycle: Don’t disclose your ideas or information until the recipient has signed and returned the NDA to you. Without an NDA, you are taking the risk that others could use your ideas or information without your permission. Once signed, the NDA typically progresses through: initial disclosure of confidential information for the permitted purpose, ongoing use of information within agreed parameters, conclusion of the permitted purpose (e.g., deal completes or discussions terminate), post-termination confidentiality continuing for the specified duration, and eventual expiry of confidentiality obligations (if time-limited).

Breach and Enforcement: If a party that has signed an NDA later discloses or uses the information that they’ve agreed to keep confidential (in a way that they’ve agreed not to), this will be an unlawful ‘breach of confidence’. The injured party has legal recourse including seeking damages for losses caused by breach, account of profits (recovering profits made by the breaching party through misuse), court injunctions to prevent further misuse of the information, and termination of any ongoing business relationship.

Evidence and Documentation: Maintain records throughout the NDA lifecycle: the signed original NDA document, records of what confidential information was disclosed and when, marking on documents indicating confidential status, correspondence referencing the NDA and confidentiality obligations, and any amendments or clarifications agreed during the relationship.

If breach occurs, this documentation proves: an NDA existed and was validly executed, specific information was disclosed under the NDA’s protection, the breaching party had obligations regarding that information, and unauthorized disclosure or use occurred.

International Considerations: For cross-border NDAs, additional considerations include which country’s law governs the agreement (English law, another UK jurisdiction, foreign law, or potentially international arbitration rules), which courts have jurisdiction if disputes arise, how enforcement works across borders if breach occurs abroad, and whether data protection laws (UK GDPR, EU GDPR) affect information sharing.

Negotiating NDAs: Always check any NDA which another party asks you to sign. Make sure it doesn’t unfairly restrict your future activities. You could ask your potential partner or advisor if they have an NDA you could both use. Key negotiation points include the definition of confidential information (is it reasonable?), duration of confidentiality (proportionate to information sensitivity?), permitted disclosures (adequate for business needs?), carve-outs for mandatory legal disclosures, and remedies for breach (are liquidated damages reasonable?).

Specialized NDA Contexts: Different business contexts require tailored NDA approaches: employment NDAs often combine confidentiality with restrictive covenants, merger and acquisition NDAs protect commercially sensitive due diligence information, technology licensing NDAs safeguard IP alongside licensing terms, and settlement agreement NDAs balance confidentiality with statutory disclosure rights.

For comprehensive business legal protection including confidentiality frameworks, explore our UK Business Legal Templates collection. New businesses should consult our free legal checklist covering all essential business legal documentation.

Frequently Asked Questions

What is non-disclosure agreement?

A non-disclosure agreement (NDA) is a legally binding contract that protects confidential information from being shared or misused. Sometimes called confidentiality agreements, NDAs ensure recipients of sensitive details agree not to disclose or misuse the information provided, creating legal consequences for unauthorized disclosure.

Examples of non-disclosure agreement

Common NDA examples include employee confidentiality agreements protecting trade secrets and customer information, investor NDAs covering business plans and financial projections, contractor NDAs safeguarding proprietary processes and client data, merger and acquisition NDAs protecting due diligence information, and settlement agreement confidentiality provisions.

How to create a non-disclosure agreement legally in the UK?

To create a legal UK NDA: identify all parties with full legal names, define what constitutes confidential information clearly, specify the permitted purpose for disclosure, set a reasonable duration (typically 3-5 years or indefinite for trade secrets), include carve-outs for mandatory legal disclosures, specify governing law and jurisdiction, and ensure both parties sign. Professional legal review strengthens enforceability.

What are the legal requirements for non-disclosure agreement UK?

UK NDAs must satisfy basic contract law requirements including offer and acceptance, consideration (something of value exchanged), intention to create legal relations, and capacity to contract. They cannot restrict whistleblowing, crime reporting, or from October 2025, victim disclosures under the Victims and Prisoners Act 2024. Terms must be reasonable and not contrary to public policy.

Can non-disclosure agreement be claimed as business expense?

Yes, legal fees for creating, reviewing, or enforcing NDAs are deductible business expenses under “legal and professional fees.” Both initial drafting costs and ongoing review expenses reduce taxable profits. VAT-registered businesses can also reclaim the 20% VAT charged on solicitor fees.

Can non-disclosure agreement be used by contractors?

Yes, contractors routinely work under NDAs protecting client confidential information they access during engagements. These are typically unilateral NDAs where the contractor agrees not to disclose the client’s business information. Contractors should review NDAs carefully to ensure they don’t overly restrict future work or use of general skills and knowledge.

What are the benefits of non-disclosure agreement?

Key benefits include protecting trade secrets and proprietary information, enabling safe sharing of confidential information for business discussions, establishing clear confidentiality expectations between parties, providing legal recourse if confidentiality is breached, facilitating investor discussions and partnership negotiations, and protecting competitive advantages.

How to implement non-disclosure agreement successfully?

Successful implementation requires using NDAs before disclosing confidential information, clearly defining what information is protected, ensuring all parties understand their obligations, maintaining records of what’s disclosed and when, marking confidential documents appropriately, training employees on confidentiality requirements, and promptly addressing suspected breaches.

What are the advantages and disadvantages of non-disclosure agreement?

Advantages include legal protection for confidential information, clear confidentiality boundaries, and deterrent effect against unauthorized disclosure. Disadvantages include costs of professional drafting (£500-3,000), administrative burden of managing multiple NDAs, potential to intimidate legitimate whistleblowing if poorly drafted, and limited effectiveness once information enters public domain.

How to manage non-disclosure agreement effectively?

Effective NDA management involves maintaining a central register of all NDAs including parties, dates, and expiry, tracking what confidential information was disclosed under each NDA, monitoring compliance with confidentiality obligations, reviewing NDAs periodically for continued relevance, updating templates to reflect legislative changes, and training staff on NDA requirements.

What are the best practices for non-disclosure agreement?

Best practices include defining confidential information precisely, using reasonable duration periods matching information sensitivity, explicitly carving out mandatory legal disclosures, specifying permitted disclosures clearly, including appropriate remedies for breach, choosing governing law and jurisdiction carefully, obtaining professional legal review, and maintaining proper records of NDA execution and information disclosure.

When should you use non-disclosure agreement?

Use NDAs before sharing trade secrets or proprietary information, during business partnership or joint venture discussions, when presenting products or ideas to potential investors, before hiring consultants who’ll access confidential information, during merger and acquisition due diligence, when sharing customer lists or business strategies, and whenever disclosing information that provides competitive advantage.

How to choose the right non-disclosure agreement?

Choose based on information flow direction (unilateral if you’re the only discloser, mutual if both parties share information, multilateral for three or more parties), relationship type (employment, business partnership, investor, vendor), information sensitivity requiring protection, duration appropriate for information type, and whether you need sector-specific provisions for your industry.

The Truth About “Free” Legal Template Sites (What You’re Really Signing Up For)

Most websites offering a “free legal template” follow the same pattern:

• You click because it’s advertised as free
• You spend 10–15 minutes answering questions
• At the very end, you must create an account or start a “free trial”
• Your card is required upfront
• The subscription auto-renews at £29–£39 per month

This isn’t a free template — it’s a subscription funnel. Many people only realise after being charged £300–£400 over the year.

Why These Free Templates Are a Legal Risk

• Outdated wording: not aligned with current UK law
• Missing mandatory clauses: required for legal validity
• No compliance guidance: leaving users without legal context
• No structured checklist: no way to verify the document works
• Not kept updated: often unchanged when legislation changes

One incorrect clause can weaken or invalidate the entire document.

Hidden Problem: Many “Free Template” Sites Aren’t Even UK-Based

Another major issue is that many free or auto-subscription template sites operate outside the UK and use documents originally drafted for the US legal system. These are then loosely adapted for “international use,” which creates serious problems:

• Incorrect terminology: taken from US contract law
• Missing UK statutory references: essential legal requirements omitted
• Non-applicable clauses: terms that don’t apply under UK legislation
• Legal conflicts: risks breaching UK consumer, employment, or GDPR rules

This is one of the most common reasons UK businesses face disputes or regulatory issues when using generic US-style templates.

Why Templates UK Does the Opposite

• Drafted by UK professionals: written by experienced business & legal experts
• UK-law only: no US crossover or generic “international” templates
• £10 one-time price: no subscriptions, no renewals
• Full preview: see the exact document before buying
• Two versions included: Editor + Interview formats
• Lifetime access: free lifetime updates included
• Free compliance checklist: included with every document

No tricks. No trials. No hidden fees. Just the exact UK-specific legal document you came for — at the price we told you upfront.

Get the professionally drafted Non-Disclosure Agreement Template and get it right the first time.

If your situation is complex or you want personalised guidance, you can also book a consultation with our UK legal experts here: Book a Consultation.

Explore the Master Legal Templates Pillar Guide

The complete overview of 37 essential UK business templates and all legal categories:

UK Business Legal Templates – Complete 2025 Master Guide

Explore All Templates UK Pillar Guides

• Employment Documents Guide UK
• How to Set Up a Business in the UK – Legal Guide
• Website Legal Documents UK – Compliance Guide
• Financial & Commercial Contracts UK – Protection Guide
• Commercial Office Lease Guide UK
• Digital & IP Agreements Guide UK

Related Guides

• Settlement Agreement Guide UK
• Data Processing Agreement Guide UK
• Consultancy Agreement Guide UK
• Employment Contract Guide UK

Free Legal Templates & Interactive Checklists

Access all our free UK legal templates, checklists and downloadable PDFs.

Browse Free Templates →

Last updated: November 2025

Disclaimer: This guide provides general UK legal information, not legal advice. Laws are current as of November 2025.