What are Non-Disclosure Agreements (NDA) and why are they important?

1. What is a Non-Disclosure Agreement?
A Non-Disclosure Agreement, commonly referred to as an “NDA,” is a contract in which two or more parties agree that certain information disclosed between them will be kept confidential and will not be shared with third parties without permission. In the business context, NDAs are a common document and have developed a fairly standardized structure internationally.

NDAs are primarily used to protect trade secrets, know-how, technical data, product or project information, and other sensitive corporate content that is not publicly known. While legal obligations to protect the interests of business partners often exist, such protection may not apply in every situation. This brief article highlights the advantages of NDAs and what should be considered.

An NDA should be executed before contract negotiations begin, often as soon as a company grants a potential partner or service provider access to confidential topics (e.g., IT architecture, product plans, data, or project documents). The NDA establishes a framework to safely exchange information necessary for negotiating the main contract.

Especially in the early stages of negotiations (e.g., initial discussions about potential collaborations, technical concept presentations, or project ideas), information of significant economic or strategic value is often shared. The more employees involved in negotiations, the higher the risk that information not strictly necessary for the negotiations may be inadvertently shared via email, video call, or pitch meetings.

An NDA signed early provides a clear legal framework. It ensures that all exchanged information may only be used for the purpose for which it was disclosed (e.g., to evaluate a collaboration or service) and not for personal use or shared with third parties.

Another aspect concerns the German Trade Secrets Act (GeschGehG). According to § 2 No. 1 GeschGehG, information is protected if it is secured by “reasonable confidentiality measures.” Protecting trade secrets requires not only technical and organizational measures but also contractual safeguards.

Moreover, an NDA builds trust: it signals seriousness and professionalism to potential partners, investors, or service providers. Companies that establish clear rules for handling confidential information from the outset demonstrate that they take compliance and data protection seriously.

An NDA should therefore not be signed only when the main contract is ready (especially as the main contract usually contains its own confidentiality clauses) but already before the first confidential disclosure. Only then does it serve as a preventive legal safety net during the sensitive phase when ideas, concepts, and technical descriptions turn into concrete projects.

2. Risks of sharing information without an NDA
Sharing confidential information without an NDA is legally risky. Without clearly defined obligations of confidentiality or restrictions on use, it may be difficult to prove in a dispute that a particular disclosure or use was unlawful. In addition to this structural risk, practical dangers include:

• Loss of ideas or know-how: Without clear usage restrictions, the other party could use confidential information for their own product development. Even if morally questionable, this is often legally unenforceable without an NDA.
• Reputational and competitive risks: Sharing internal information, such as pricing, IT systems, or security measures, can lead to reputational damage or disadvantages against competitors.
• Evidence issues in disputes: Even with clear intent to maintain confidentiality, it is difficult to prove a confidentiality obligation without a written agreement. Determining who knew what and when is often impossible.
• Compliance and liability issues: In regulated industries (IT services, finance, health data), lack of confidentiality safeguards may violate internal compliance rules or data protection regulations.

An effective NDA does not completely eliminate these risks, but it documents the parties’ intent and imposes contractual obligations.

3. Typical situations in practice
In business practice, confidential information is often shared before a main contract is concluded. Under time pressure, there is often the mistaken belief that “we can start and sort the paperwork later.” Typical situations include:

a) Pitch with service providers
A company plans to implement a new software solution and asks several service providers for a proposal. Technical details of the existing system landscape are disclosed (e.g., API structures, security-relevant information, process descriptions, or data models).

b) Cooperation between companies or development partners
Two companies are exploring joint product development. Prototype sketches, pricing strategies, and technical solutions are shared during discussions. Excitement is high, but a formal contract has not yet been executed.

c) M&A preliminary discussions and investor due diligence
Before a transaction, financial figures, business plans, or client lists are shared.

In these early stages, an NDA not only provides legal protection but also prevents mistrust and future conflicts. NDAs are required not only for large projects or mergers but also for everyday discussions about technical or business details. By specifying which information may be used and for which purposes, and the consequences of a breach, parties have a secure foundation.

4. Key points an NDA should cover
NDAs are often standardized but should be reviewed and adapted to the specific case. They provide contractual obligations to use disclosed information only for designated purposes, supplementing statutory protection (which may not exist internationally).

The purpose of an NDA is to provide fair, clear, and balanced protection of confidential information. A good NDA includes precise definitions, reasonable obligations, and balanced limits. Key points to consider include:

Clear definition of confidential information
The first step is to describe which information is considered confidential. Overly broad wording (“all information shared”) is difficult to enforce, while overly narrow definitions risk leaving important information unprotected. Typical examples include technical documentation, source code, business strategies, or client and price lists.

Purpose limitation and usage restrictions
Confidential information should only be used for the specifically defined purpose (e.g., evaluating a cooperation, preparing an offer, or planning a project). Access should be limited to employees who truly need it.

Duration and continuation of confidentiality
Even if negotiations fail, confidentiality obligations should remain (e.g., for two years after the end of negotiations). A reasonable time frame provides legal certainty.

Handling oral information and return obligations
Many confidentiality breaches occur informally in conversations, presentations, or online meetings. Therefore, oral disclosures should also be covered if confirmed in writing as confidential within a specified time. The NDA should also specify what happens to information after the discussions end (return or deletion obligations).

Penalty clauses as an enforcement tool
A key element is a contractual penalty clause, ensuring violations have tangible consequences. Proof of the breach is sufficient to claim the agreed penalty, without demonstrating specific damage. Penalties should be reasonable and allow judicial review. They also serve a preventive function, signaling that confidentiality is legally binding.

Exceptions to confidentiality
The NDA should address information already public, lawfully obtained from third parties, or required to be disclosed by mandatory law.

International considerations
For cross-border B2B projects, governing law and jurisdiction should be clearly defined. Otherwise, disputes may lead to uncertainty about applicable law and enforceability.

5. Conclusion
An NDA is not a formal document to sign “for completeness.” It is an essential part of professional contract preparation and a prerequisite for focusing on what matters: exchanging ideas, data, and concepts with confidence, without legal risks.

An early NDA provides legal certainty and clarity in communication. Parties know which information is sensitive, how it may be used, and the consequences of a breach.

Leaving the protection of information to chance risks not only economic harm but also the loss of know-how as a competitive factor.

Note

This article is for general informational purposes only and does not cover all possible circumstances. It does not replace individual legal advice or a case-specific review.

Despite careful preparation, no liability is assumed for the accuracy, completeness, or timeliness of the information. For legal evaluation or implementation recommendations in specific cases, professional legal advice should be sought.