NDA Templates for Startups: Mutual, One-Way & Employee Non-Disclosure Agreements (2025)

Introduction: Why NDAs Matter for Startups

Every startup has secrets. Your proprietary technology, customer lists, business strategy, financial projections, and product roadmap are competitive advantages that must be protected.

Non-disclosure agreements (NDAs) are the first line of defense for protecting your confidential information when sharing it with potential investors, vendors, employees, contractors, or partners. But not all NDAs are created equal—and using the wrong NDA template can leave you exposed.

In this guide, you'll learn:

Types of NDAs (mutual, one-way, multilateral) and when to use each
When to use NDAs (and when NOT to use them)
Key NDA provisions that every startup needs
State-specific considerations (California restrictions, DTSA compliance)
NDA templates for different scenarios (employee, vendor, investor, partner)
Common NDA mistakes that leave startups vulnerable

Note: This guide provides general legal information. NDAs are legally binding contracts. Consult with an experienced startup attorney to ensure your NDAs are enforceable in your jurisdiction. Contact Promise Legal for personalized guidance.

What is an NDA?
Types of NDAs
When to Use an NDA
When NOT to Use an NDA
Key NDA Provisions
Mutual NDA Template
One-Way NDA Template
Employee NDA Template
California NDA Restrictions
DTSA Compliance (Defend Trade Secrets Act)
International Considerations
Common NDA Mistakes
NDA Enforcement
FAQs
Additional Resources

What is an NDA?

A non-disclosure agreement (NDA), also called a confidentiality agreement, is a legally binding contract in which one or more parties agree to keep certain information confidential.

How NDAs Protect Your Startup

1. Trade Secret Protection

NDAs are critical for maintaining trade secret protection under state and federal law. Under the Defend Trade Secrets Act (DTSA) and state trade secret laws (like the Uniform Trade Secrets Act), information qualifies as a trade secret only if:

It has independent economic value from not being generally known
The owner takes reasonable measures to keep it secret

NDAs are evidence that you took reasonable measures to protect your trade secrets. Without NDAs, you may lose trade secret protection entirely.

2. Contractual Confidentiality Obligations

Even if information doesn't qualify as a trade secret, NDAs create contractual obligations to keep information confidential. This gives you legal remedies (injunctions, damages) if someone breaches the NDA.

3. Deterrence

Simply having an NDA in place deters employees, contractors, and partners from disclosing your confidential information—they know they'll face legal consequences.

What Information Can NDAs Protect?

NDAs can protect:

Technical information: Source code, algorithms, architecture, technical specifications, formulas, designs
Business information: Customer lists, pricing strategies, financial projections, business plans, marketing strategies
Product information: Unreleased products, product roadmaps, feature specifications
Know-how: Processes, methods, best practices, operational procedures

What NDAs CANNOT protect:

Information that is already publicly available
Information the recipient already knew before the disclosure
Information the recipient independently developed without using your confidential information
Information the recipient received from a third party who had the right to disclose it

Types of NDAs

1. Mutual NDA (Two-Way NDA)

A mutual NDA (also called a bilateral NDA or two-way NDA) protects confidential information disclosed by both parties.

When to use a mutual NDA:

Strategic partnerships: When both companies will share confidential information to explore a partnership
Joint ventures: When both parties contribute IP and business information to a joint venture
M&A due diligence: When both buyer and seller will exchange confidential financial and operational information
Vendor relationships: When you'll share customer data with a vendor, and the vendor will share proprietary technology with you

Example: You're exploring a partnership with another SaaS company. You'll share your customer data and integration APIs; they'll share their product roadmap and technical architecture. You need a mutual NDA.

2. One-Way NDA (Unilateral NDA)

A one-way NDA (also called a unilateral NDA) protects confidential information disclosed by only one party (the "Disclosing Party") to the other party (the "Receiving Party").

When to use a one-way NDA:

Vendor evaluations: When you're sharing confidential information with a vendor to evaluate their services
Contractor engagements: When you're hiring a contractor and need to share confidential information
Investor pitches: When you're pitching to investors and sharing financial projections (though see "When NOT to Use an NDA" below)
Customer negotiations: When a potential customer needs access to your proprietary technology to evaluate your product

Example: You're evaluating a cloud infrastructure vendor. You need to share your technical architecture and data security requirements. The vendor doesn't need to share confidential information with you. You need a one-way NDA.

3. Multilateral NDA (Three-Way NDA)

A multilateral NDA involves three or more parties, where some or all parties will disclose confidential information.

When to use a multilateral NDA:

Complex partnerships: When three or more companies are collaborating on a project
Consortium agreements: When multiple companies are pooling resources for R&D or industry standards
Multi-party M&A: When multiple bidders are conducting due diligence on a target company

Example: You're collaborating with two other startups on an industry standards initiative. All three companies will share technical specifications. You need a multilateral NDA.

Comparison: Mutual vs One-Way NDAs

Factor	Mutual NDA	One-Way NDA
Parties protected	Both parties	Only Disclosing Party
Complexity	More complex (defines obligations for both parties)	Simpler (defines obligations for one party)
Use cases	Partnerships, M&A, joint ventures	Vendor evaluations, contractor engagements, customer pitches
Negotiation	Often heavily negotiated	Less negotiated (take-it-or-leave-it)
Balance of power	Equal footing	Disclosing Party has leverage

When to Use an NDA

1. Before Sharing Confidential Information with Vendors

Always use an NDA before sharing confidential information with vendors during the evaluation or contracting process.

Example scenarios:

Sharing customer data with a CRM vendor to evaluate their platform
Sharing financial information with an accounting firm to evaluate their services
Sharing technical architecture with a cloud hosting vendor to get a pricing quote

Recommendation: Use a one-way NDA where you are the Disclosing Party.

2. With Employees (via Employment Agreement or Standalone NDA)

Always include confidentiality provisions in employment agreements or standalone employee NDAs.

What to include:

Definition of confidential information (broadly defined)
Obligation to keep confidential information secret during AND after employment
Obligation to return confidential information upon termination
Non-solicitation and non-compete provisions (subject to state law restrictions—see "California NDA Restrictions" below)

Example: Your new software engineer will have access to your source code, technical architecture, and customer lists. Your employment agreement must include confidentiality provisions.

Recommendation: Use a comprehensive employment agreement that includes confidentiality, IP assignment, and restrictive covenants (subject to state law).

3. With Contractors and Consultants

Always use an NDA (or include confidentiality provisions in a contractor agreement) before sharing confidential information with contractors or consultants.

What to include:

Definition of confidential information
Obligation to keep confidential information secret
IP assignment provisions (ensure work product is "work for hire" and owned by your startup)
Return of confidential information upon termination

Example: You're hiring a freelance designer to design your product UI. They'll see your product roadmap, feature specifications, and customer feedback. You need an NDA.

Recommendation: Use a comprehensive contractor agreement that includes confidentiality and IP assignment provisions.

4. During M&A Due Diligence

Always use an NDA before allowing potential acquirers to conduct due diligence on your startup.

What to include:

Definition of confidential information (broadly defined)
Standstill provision (prevents acquirer from making hostile bid or soliciting your employees)
Use restrictions (confidential information can only be used for evaluating the transaction)
Non-solicitation (prevents acquirer from poaching your employees during due diligence)
Return or destruction of confidential information if deal doesn't close

Example: You're in acquisition discussions with a strategic acquirer. They'll review your financials, customer contracts, IP portfolio, and employee headcount. You need a mutual NDA with standstill and non-solicitation provisions.

Recommendation: Use a mutual NDA with M&A-specific provisions (standstill, non-solicitation, use restrictions).

5. With Strategic Partners (Exploring Partnerships)

Always use an NDA before exploring strategic partnerships that require sharing confidential information.

Example scenarios:

Exploring API integration partnership with another SaaS company
Exploring co-marketing partnership and sharing customer lists
Exploring joint venture and sharing financial projections

Recommendation: Use a mutual NDA (both parties will likely share confidential information).

6. With Beta Customers or Early Access Users

Consider using an NDA when giving beta customers or early access users access to unreleased products or features.

What to include:

Definition of confidential information (product features, technical specifications, performance data)
Obligation not to disclose product information until public launch
Obligation to provide feedback (if desired)
IP ownership (feedback and suggestions become your property)

Example: You're launching a beta program for your new AI features. Beta users will see features that won't be released for 6 months. You need an NDA.

Recommendation: Use a one-way NDA combined with beta terms of service.

When NOT to Use an NDA

1. When Pitching to Professional Investors (VCs, Angels)

Most professional investors (VCs, angel investors) will refuse to sign NDAs before pitch meetings.

Why investors won't sign NDAs:

Volume: VCs see hundreds of pitches per year. Signing NDAs for every pitch creates administrative burden and legal risk.
Conflict of interest: VCs invest in multiple companies in the same industry. Signing an NDA with one startup could prevent them from investing in competing startups.
Standard practice: Industry norm is that pitch meetings do NOT require NDAs.

What to do instead:

Share only high-level information in initial pitch meetings (no detailed technical specifications, source code, or sensitive financial data)
Focus on the problem, solution, market, traction, and team—not proprietary technology details
Wait until due diligence to share detailed confidential information (at which point investors will sign an NDA)

Exception: If an investor expresses serious interest and requests detailed information for due diligence, you can (and should) request an NDA at that stage.

2. When Networking or Making Cold Introductions

Don't ask for NDAs when networking at conferences, making cold outreach, or requesting introductions.

Why:

No confidential information is being shared during initial networking
Asking for an NDA signals paranoia and makes you seem difficult to work with
Standard practice: NDAs are not used for networking

What to do instead:

Keep initial conversations high-level (don't share sensitive technical or business information)
Request an NDA later if conversations progress to sharing confidential information

3. When Information is Already Public

Don't use an NDA to protect information that is already publicly available.

Why:

NDAs cannot protect public information (public information is explicitly excluded from NDA coverage)
Unenforceable: Courts will not enforce NDAs that attempt to restrict use of public information

What to do instead:

Only disclose confidential information that is not publicly available
Use NDAs to protect non-public information only

4. When You Don't Have Leverage

Don't demand NDAs when you don't have leverage (e.g., when you're a small startup asking a large enterprise vendor to sign an NDA just to talk to you).

Why:

Large companies often refuse to sign NDAs during initial sales conversations
Demanding an NDA may kill the relationship before it starts

What to do instead:

Share only high-level information during initial sales conversations
Request an NDA later if conversations progress to sharing confidential information (e.g., during proof-of-concept or technical integration)

Key NDA Provisions

1. Parties

Define the parties to the NDA:

Disclosing Party: The party disclosing confidential information
Receiving Party: The party receiving confidential information

Example:

This Non-Disclosure Agreement (this "Agreement") is entered into as of [Date] (the "Effective Date") by and between:

Disclosing Party: [Your Startup Name], a Delaware corporation ("Company")

Receiving Party: [Recipient Name], a [State] [Entity Type] ("Recipient")

Mutual NDA variation:

This Mutual Non-Disclosure Agreement (this "Agreement") is entered into as of [Date] (the "Effective Date") by and between:

Party 1: [Your Startup Name], a Delaware corporation ("Company")

Party 2: [Other Party Name], a [State] [Entity Type] ("Partner")

Each party may be referred to as a "Disclosing Party" when disclosing Confidential Information and a "Receiving Party" when receiving Confidential Information.

2. Definition of Confidential Information

Define what constitutes "Confidential Information." This is the most important provision in the NDA.

Best practice: Use a broad definition that includes:

Information disclosed in any form (written, oral, electronic, visual)
Information marked as "Confidential" or "Proprietary"
Information that should reasonably be understood to be confidential (even if not marked)

Example:

"Confidential Information" means any and all information disclosed by Disclosing Party to Receiving Party, whether disclosed orally, in writing, electronically, or by any other means, and whether or not marked, designated, or otherwise identified as "confidential," that relates to the business, technology, products, services, customers, or other affairs of Disclosing Party, including but not limited to:

(a) Technical information, including source code, object code, algorithms, formulas, designs, architecture, specifications, research, development, processes, procedures, know-how, and trade secrets;

(b) Business information, including customer lists, supplier lists, pricing information, financial information, business plans, marketing plans, sales strategies, and forecasts;

(c) Product information, including product plans, product roadmaps, unreleased products, and product specifications;

(d) Any other information that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.

3. Exclusions from Confidential Information

Define what is NOT "Confidential Information." This protects the Receiving Party from liability for using publicly available information or information they already knew.

Standard exclusions:

Information that is or becomes publicly available (through no breach of the NDA)
Information the Receiving Party already knew before disclosure
Information the Receiving Party independently developed without using Confidential Information
Information the Receiving Party received from a third party who had the right to disclose it
Information the Receiving Party is required by law to disclose (with notice to Disclosing Party)

Example:

Confidential Information does not include information that:

(a) is or becomes publicly available through no breach of this Agreement by Receiving Party;

(b) was rightfully known by Receiving Party prior to disclosure by Disclosing Party, as evidenced by Receiving Party's written records;

(c) is independently developed by Receiving Party without use of or reference to Confidential Information, as evidenced by Receiving Party's written records;

(d) is rightfully received by Receiving Party from a third party without breach of any confidentiality obligation; or

(e) is required to be disclosed by law or court order, provided that Receiving Party provides Disclosing Party with prompt written notice of such requirement and cooperates with Disclosing Party's efforts to seek a protective order.

4. Obligations of Receiving Party

Define the Receiving Party's obligations to protect Confidential Information.

Standard obligations:

Keep confidential: Do not disclose Confidential Information to third parties
Use restrictions: Only use Confidential Information for the stated purpose (e.g., evaluating the business relationship)
Standard of care: Protect Confidential Information with at least the same degree of care as you protect your own confidential information (but no less than reasonable care)
Limit disclosure: Only disclose Confidential Information to employees, contractors, or advisors who need to know and who are bound by confidentiality obligations

Example:

Receiving Party agrees to:

(a) Hold Confidential Information in strict confidence and not disclose Confidential Information to any third party without the prior written consent of Disclosing Party;

(b) Use Confidential Information solely for the purpose of [evaluating a potential business relationship / performing services under the Agreement / conducting due diligence] (the "Permitted Purpose");

(c) Protect Confidential Information using at least the same degree of care that Receiving Party uses to protect its own confidential information of a similar nature, but in no event less than reasonable care;

(d) Limit disclosure of Confidential Information to its employees, contractors, advisors, and agents who have a legitimate need to know the Confidential Information for the Permitted Purpose and who are bound by written confidentiality obligations at least as protective as those set forth in this Agreement.

5. Term and Duration

Define how long the NDA obligations last.

Two key periods:

Term of the Agreement: How long the NDA is in effect (i.e., how long the parties can disclose confidential information)
Obligation Period: How long the Receiving Party must keep information confidential after disclosure

Best practice:

Term: 1-3 years (or indefinite until terminated by either party)
Obligation Period: 2-5 years after disclosure (or indefinite for trade secrets)

Example:

Term: This Agreement will remain in effect for a period of [2] years from the Effective Date, unless earlier terminated by either party upon [30] days' written notice.

Survival: The obligations of Receiving Party under this Agreement will survive for a period of [3] years following the disclosure of Confidential Information, except that obligations with respect to Confidential Information that constitutes a trade secret will continue for as long as such information remains a trade secret under applicable law.

Trade secrets variation:

For trade secrets, consider an indefinite obligation period (since trade secrets remain protected as long as they remain secret):

The obligations of Receiving Party with respect to Confidential Information that constitutes a trade secret will continue indefinitely or until such information ceases to be a trade secret through no fault of Receiving Party.

6. Return or Destruction of Confidential Information

Require the Receiving Party to return or destroy Confidential Information upon termination of the NDA or upon request.

Example:

Upon termination of this Agreement or upon request by Disclosing Party, Receiving Party will promptly:

(a) Return to Disclosing Party all tangible materials containing or reflecting Confidential Information (including all copies); and

(b) Destroy or delete all electronic copies of Confidential Information in Receiving Party's possession or control; and

(c) Certify in writing to Disclosing Party that Receiving Party has complied with the requirements of this Section.

Notwithstanding the foregoing, Receiving Party may retain copies of Confidential Information to the extent required by applicable law or regulation, provided that such retained Confidential Information will remain subject to the confidentiality obligations of this Agreement.

7. No License or Ownership Transfer

Clarify that the NDA does not grant any IP rights to the Receiving Party.

Example:

Nothing in this Agreement grants Receiving Party any license, right, title, or interest in or to the Confidential Information, except for the limited right to use the Confidential Information for the Permitted Purpose as expressly set forth herein. All Confidential Information remains the sole property of Disclosing Party.

8. Remedies and Equitable Relief

Confirm that breach of the NDA may cause irreparable harm and that the Disclosing Party is entitled to injunctive relief (not just monetary damages).

Why this matters: Injunctive relief allows you to get a court order immediately stopping the breach, without having to wait for a trial and prove monetary damages.

Example:

Receiving Party acknowledges that any breach of this Agreement may cause irreparable harm to Disclosing Party for which monetary damages may be an inadequate remedy. Accordingly, Disclosing Party will be entitled to seek equitable relief, including injunction and specific performance, in addition to all other remedies available at law or in equity.

9. Governing Law and Jurisdiction

Specify which state's laws govern the NDA and where disputes will be resolved.

Example:

This Agreement will be governed by and construed in accordance with the laws of the State of [Delaware/California/Your State], without regard to its conflicts of law principles. Any dispute arising out of or relating to this Agreement will be resolved exclusively in the state or federal courts located in [County, State], and each party consents to the personal jurisdiction of such courts.

Alternative: Arbitration Clause

Some NDAs include an arbitration clause requiring disputes to be resolved through arbitration (rather than litigation):

Any dispute arising out of or relating to this Agreement will be resolved by binding arbitration in accordance with the Commercial Arbitration Rules of the American Arbitration Association, and judgment on the award rendered by the arbitrator may be entered in any court having jurisdiction.

10. Miscellaneous Provisions

Include standard contract provisions:

Entire Agreement: This NDA is the entire agreement between the parties (supersedes all prior agreements)
Amendments: Amendments must be in writing and signed by both parties
Waiver: Failure to enforce any provision does not waive the right to enforce it later
Severability: If any provision is invalid, the rest of the NDA remains enforceable
Counterparts: The NDA may be signed in counterparts (each party signs a separate copy)
Electronic Signatures: Electronic signatures are valid (under ESIGN Act)

Example:

Entire Agreement. This Agreement constitutes the entire agreement between the parties concerning the subject matter hereof and supersedes all prior agreements and understandings.

Amendments. This Agreement may be amended only by a written instrument signed by both parties.

Waiver. No waiver of any provision of this Agreement will be deemed or will constitute a waiver of any other provision.

Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

Counterparts. This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together will constitute one and the same instrument.

Mutual NDA Template

When to Use This Template

Use this mutual NDA when both parties will be sharing confidential information with each other (e.g., strategic partnerships, joint ventures, M&A due diligence).

Mutual NDA Template

MUTUAL NON-DISCLOSURE AGREEMENT

This Mutual Non-Disclosure Agreement (this "Agreement") is entered into as of [DATE] (the "Effective Date") by and between:

[YOUR COMPANY NAME], a [State] [Entity Type], with its principal place of business at [Address] ("Company"), and

[OTHER PARTY NAME], a [State] [Entity Type], with its principal place of business at [Address] ("Partner").

Each party may be referred to as a "Disclosing Party" when disclosing Confidential Information and a "Receiving Party" when receiving Confidential Information. Company and Partner may be referred to individually as a "Party" and collectively as the "Parties."

WHEREAS, the Parties desire to explore a potential business relationship (the "Purpose"); and

WHEREAS, in connection with the Purpose, each Party may disclose to the other Party certain confidential and proprietary information;

NOW, THEREFORE, in consideration of the mutual covenants and agreements set forth herein, and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties agree as follows:

1. DEFINITION OF CONFIDENTIAL INFORMATION

"Confidential Information" means any and all information disclosed by Disclosing Party to Receiving Party, whether disclosed orally, in writing, electronically, or by any other means, and whether or not marked, designated, or otherwise identified as "confidential," that relates to the business, technology, products, services, customers, or other affairs of Disclosing Party, including but not limited to:

(a) Technical information, including source code, object code, algorithms, formulas, designs, architecture, specifications, research, development, processes, procedures, know-how, and trade secrets;

(b) Business information, including customer lists, supplier lists, pricing information, financial information, business plans, marketing plans, sales strategies, and forecasts;

(c) Product information, including product plans, product roadmaps, unreleased products, and product specifications;

(d) Any other information that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.

2. EXCLUSIONS FROM CONFIDENTIAL INFORMATION

Confidential Information does not include information that:

(a) is or becomes publicly available through no breach of this Agreement by Receiving Party;

(b) was rightfully known by Receiving Party prior to disclosure by Disclosing Party, as evidenced by Receiving Party's written records;

(c) is independently developed by Receiving Party without use of or reference to Confidential Information, as evidenced by Receiving Party's written records;

(d) is rightfully received by Receiving Party from a third party without breach of any confidentiality obligation; or

(e) is required to be disclosed by law or court order, provided that Receiving Party provides Disclosing Party with prompt written notice of such requirement and cooperates with Disclosing Party's efforts to seek a protective order.

3. OBLIGATIONS OF RECEIVING PARTY

Receiving Party agrees to:

(a) Hold Confidential Information in strict confidence and not disclose Confidential Information to any third party without the prior written consent of Disclosing Party;

(b) Use Confidential Information solely for the Purpose;

(c) Protect Confidential Information using at least the same degree of care that Receiving Party uses to protect its own confidential information of a similar nature, but in no event less than reasonable care;

(d) Limit disclosure of Confidential Information to its employees, contractors, advisors, and agents who have a legitimate need to know the Confidential Information for the Purpose and who are bound by written confidentiality obligations at least as protective as those set forth in this Agreement;

(e) Promptly notify Disclosing Party upon discovery of any unauthorized use or disclosure of Confidential Information.

4. TERM AND SURVIVAL

This Agreement will remain in effect for a period of [2] years from the Effective Date, unless earlier terminated by either Party upon [30] days' written notice.

The obligations of Receiving Party under this Agreement will survive for a period of [3] years following the disclosure of Confidential Information, except that obligations with respect to Confidential Information that constitutes a trade secret will continue for as long as such information remains a trade secret under applicable law.

5. RETURN OR DESTRUCTION OF CONFIDENTIAL INFORMATION

Upon termination of this Agreement or upon request by Disclosing Party, Receiving Party will promptly:

(a) Return to Disclosing Party all tangible materials containing or reflecting Confidential Information (including all copies); and

(b) Destroy or delete all electronic copies of Confidential Information in Receiving Party's possession or control; and

(c) Certify in writing to Disclosing Party that Receiving Party has complied with the requirements of this Section.

Notwithstanding the foregoing, Receiving Party may retain copies of Confidential Information to the extent required by applicable law or regulation, provided that such retained Confidential Information will remain subject to the confidentiality obligations of this Agreement.

6. NO LICENSE OR OWNERSHIP TRANSFER

Nothing in this Agreement grants Receiving Party any license, right, title, or interest in or to the Confidential Information, except for the limited right to use the Confidential Information for the Purpose as expressly set forth herein. All Confidential Information remains the sole property of Disclosing Party.

7. NO OBLIGATION TO DISCLOSE OR PROCEED

Nothing in this Agreement obligates either Party to disclose any Confidential Information or to proceed with any business relationship or transaction.

8. REMEDIES AND EQUITABLE RELIEF

Receiving Party acknowledges that any breach of this Agreement may cause irreparable harm to Disclosing Party for which monetary damages may be an inadequate remedy. Accordingly, Disclosing Party will be entitled to seek equitable relief, including injunction and specific performance, in addition to all other remedies available at law or in equity.

9. GOVERNING LAW AND JURISDICTION

This Agreement will be governed by and construed in accordance with the laws of the State of [DELAWARE], without regard to its conflicts of law principles. Any dispute arising out of or relating to this Agreement will be resolved exclusively in the state or federal courts located in [COUNTY, STATE], and each Party consents to the personal jurisdiction of such courts.

10. MISCELLANEOUS

(a) Entire Agreement. This Agreement constitutes the entire agreement between the Parties concerning the subject matter hereof and supersedes all prior agreements and understandings.

(b) Amendments. This Agreement may be amended only by a written instrument signed by both Parties.

(c) Waiver. No waiver of any provision of this Agreement will be deemed or will constitute a waiver of any other provision.

(d) Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

(e) Counterparts. This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together will constitute one and the same instrument.

IN WITNESS WHEREOF, the Parties have executed this Agreement as of the Effective Date.

[YOUR COMPANY NAME]

By: _____________________________
Name: [Name]
Title: [Title]
Date: ___________________________

[OTHER PARTY NAME]

By: _____________________________
Name: [Name]
Title: [Title]
Date: ___________________________

Customization Tips

Purpose: Replace "explore a potential business relationship" with the specific purpose (e.g., "evaluate a strategic partnership," "conduct due diligence for a potential acquisition")
Term: Adjust the term (2 years) and survival period (3 years) based on your needs
Governing Law: Use your startup's state of incorporation (typically Delaware)
Jurisdiction: Specify the county and state where disputes will be resolved (typically your headquarters location)

One-Way NDA Template

When to Use This Template

Use this one-way NDA when you will be disclosing confidential information to a third party (vendor, contractor, potential customer) but they will not be disclosing confidential information to you.

One-Way NDA Template

NON-DISCLOSURE AGREEMENT

This Non-Disclosure Agreement (this "Agreement") is entered into as of [DATE] (the "Effective Date") by and between:

[YOUR COMPANY NAME], a [State] [Entity Type], with its principal place of business at [Address] ("Company"), and

[RECIPIENT NAME], a [State] [Entity Type], with its principal place of business at [Address] ("Recipient").

WHEREAS, Company desires to disclose certain confidential and proprietary information to Recipient for the purpose of [evaluating a potential business relationship / performing services] (the "Purpose"); and

WHEREAS, Recipient agrees to keep such information confidential in accordance with the terms and conditions set forth herein;

NOW, THEREFORE, in consideration of the mutual covenants and agreements set forth herein, and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:

1. DEFINITION OF CONFIDENTIAL INFORMATION

"Confidential Information" means any and all information disclosed by Company to Recipient, whether disclosed orally, in writing, electronically, or by any other means, and whether or not marked, designated, or otherwise identified as "confidential," that relates to the business, technology, products, services, customers, or other affairs of Company, including but not limited to:

(a) Technical information, including source code, object code, algorithms, formulas, designs, architecture, specifications, research, development, processes, procedures, know-how, and trade secrets;

(b) Business information, including customer lists, supplier lists, pricing information, financial information, business plans, marketing plans, sales strategies, and forecasts;

(c) Product information, including product plans, product roadmaps, unreleased products, and product specifications;

(d) Any other information that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.

2. EXCLUSIONS FROM CONFIDENTIAL INFORMATION

Confidential Information does not include information that:

(a) is or becomes publicly available through no breach of this Agreement by Recipient;

(b) was rightfully known by Recipient prior to disclosure by Company, as evidenced by Recipient's written records;

(c) is independently developed by Recipient without use of or reference to Confidential Information, as evidenced by Recipient's written records;

(d) is rightfully received by Recipient from a third party without breach of any confidentiality obligation; or

(e) is required to be disclosed by law or court order, provided that Recipient provides Company with prompt written notice of such requirement and cooperates with Company's efforts to seek a protective order.

3. OBLIGATIONS OF RECIPIENT

Recipient agrees to:

(a) Hold Confidential Information in strict confidence and not disclose Confidential Information to any third party without the prior written consent of Company;

(b) Use Confidential Information solely for the Purpose;

(c) Protect Confidential Information using at least the same degree of care that Recipient uses to protect its own confidential information of a similar nature, but in no event less than reasonable care;

(d) Limit disclosure of Confidential Information to its employees, contractors, advisors, and agents who have a legitimate need to know the Confidential Information for the Purpose and who are bound by written confidentiality obligations at least as protective as those set forth in this Agreement;

(e) Promptly notify Company upon discovery of any unauthorized use or disclosure of Confidential Information.

4. TERM AND SURVIVAL

This Agreement will remain in effect for a period of [2] years from the Effective Date, unless earlier terminated by either party upon [30] days' written notice.

The obligations of Recipient under this Agreement will survive for a period of [3] years following the disclosure of Confidential Information, except that obligations with respect to Confidential Information that constitutes a trade secret will continue for as long as such information remains a trade secret under applicable law.

5. RETURN OR DESTRUCTION OF CONFIDENTIAL INFORMATION

Upon termination of this Agreement or upon request by Company, Recipient will promptly:

(a) Return to Company all tangible materials containing or reflecting Confidential Information (including all copies); and

(b) Destroy or delete all electronic copies of Confidential Information in Recipient's possession or control; and

(c) Certify in writing to Company that Recipient has complied with the requirements of this Section.

Notwithstanding the foregoing, Recipient may retain copies of Confidential Information to the extent required by applicable law or regulation, provided that such retained Confidential Information will remain subject to the confidentiality obligations of this Agreement.

6. NO LICENSE OR OWNERSHIP TRANSFER

Nothing in this Agreement grants Recipient any license, right, title, or interest in or to the Confidential Information, except for the limited right to use the Confidential Information for the Purpose as expressly set forth herein. All Confidential Information remains the sole property of Company.

7. NO OBLIGATION TO DISCLOSE

Nothing in this Agreement obligates Company to disclose any Confidential Information to Recipient.

8. REMEDIES AND EQUITABLE RELIEF

Recipient acknowledges that any breach of this Agreement may cause irreparable harm to Company for which monetary damages may be an inadequate remedy. Accordingly, Company will be entitled to seek equitable relief, including injunction and specific performance, in addition to all other remedies available at law or in equity.

9. GOVERNING LAW AND JURISDICTION

This Agreement will be governed by and construed in accordance with the laws of the State of [DELAWARE], without regard to its conflicts of law principles. Any dispute arising out of or relating to this Agreement will be resolved exclusively in the state or federal courts located in [COUNTY, STATE], and each party consents to the personal jurisdiction of such courts.

10. MISCELLANEOUS

(a) Entire Agreement. This Agreement constitutes the entire agreement between the parties concerning the subject matter hereof and supersedes all prior agreements and understandings.

(b) Amendments. This Agreement may be amended only by a written instrument signed by both parties.

(c) Waiver. No waiver of any provision of this Agreement will be deemed or will constitute a waiver of any other provision.

(d) Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

(e) Counterparts. This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together will constitute one and the same instrument.

IN WITNESS WHEREOF, the parties have executed this Agreement as of the Effective Date.

[YOUR COMPANY NAME]

By: _____________________________
Name: [Name]
Title: [Title]
Date: ___________________________

[RECIPIENT NAME]

By: _____________________________
Name: [Name]
Title: [Title]
Date: ___________________________

Employee NDA Template

When to Use This Template

Use this employee NDA when hiring employees who will have access to confidential information. This template is a standalone NDA—you can also include these provisions in your employment agreement.

Note: Employee NDAs are subject to state-specific restrictions (see "California NDA Restrictions" below).

Employee NDA Template

EMPLOYEE NON-DISCLOSURE AND CONFIDENTIALITY AGREEMENT

This Employee Non-Disclosure and Confidentiality Agreement (this "Agreement") is entered into as of [DATE] (the "Effective Date") by and between:

[YOUR COMPANY NAME], a [State] [Entity Type], with its principal place of business at [Address] ("Company"), and

[EMPLOYEE NAME], an individual residing at [Address] ("Employee").

WHEREAS, Employee will be employed by Company in the position of [POSITION]; and

WHEREAS, in connection with Employee's employment, Employee will have access to confidential and proprietary information of Company;

NOW, THEREFORE, in consideration of Employee's employment with Company and the compensation to be paid to Employee, and for other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties agree as follows:

1. DEFINITION OF CONFIDENTIAL INFORMATION

"Confidential Information" means any and all information relating to the business, technology, products, services, customers, or other affairs of Company, whether disclosed orally, in writing, electronically, or by any other means, and whether or not marked, designated, or otherwise identified as "confidential," including but not limited to:

(a) Technical information, including source code, object code, algorithms, formulas, designs, architecture, specifications, research, development, processes, procedures, know-how, and trade secrets;

(b) Business information, including customer lists, supplier lists, pricing information, financial information, business plans, marketing plans, sales strategies, and forecasts;

(c) Product information, including product plans, product roadmaps, unreleased products, and product specifications;

(d) Personnel information, including employee compensation, performance reviews, and organizational structure;

(e) Any other information that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.

2. EXCLUSIONS FROM CONFIDENTIAL INFORMATION

Confidential Information does not include information that:

(a) is or becomes publicly available through no breach of this Agreement by Employee;

(b) was rightfully known by Employee prior to employment with Company, as evidenced by Employee's written records;

(c) is independently developed by Employee after termination of employment without use of or reference to Confidential Information;

(d) is required to be disclosed by law or court order, provided that Employee provides Company with prompt written notice of such requirement and cooperates with Company's efforts to seek a protective order.

3. OBLIGATIONS OF EMPLOYEE

Employee agrees to:

(a) Hold Confidential Information in strict confidence and not disclose Confidential Information to any third party without the prior written consent of Company;

(b) Use Confidential Information solely for the purpose of performing Employee's duties for Company;

(c) Protect Confidential Information using reasonable care;

(d) Not use Confidential Information for Employee's own benefit or for the benefit of any third party;

(e) Promptly notify Company upon discovery of any unauthorized use or disclosure of Confidential Information;

(f) Comply with all Company policies and procedures regarding the protection of Confidential Information.

4. OBLIGATIONS DURING AND AFTER EMPLOYMENT

The obligations of Employee under this Agreement apply **during** Employee's employment with Company and will continue **after** the termination of Employee's employment for any reason.

The obligations of Employee under this Agreement will survive for a period of [3] years following the termination of Employee's employment, except that obligations with respect to Confidential Information that constitutes a trade secret will continue for as long as such information remains a trade secret under applicable law.

5. RETURN OF CONFIDENTIAL INFORMATION UPON TERMINATION

Upon termination of Employee's employment with Company for any reason, Employee will immediately:

(a) Return to Company all tangible materials containing or reflecting Confidential Information (including all copies), including but not limited to documents, laptops, mobile devices, USB drives, and other electronic media;

(b) Delete or destroy all electronic copies of Confidential Information in Employee's possession or control (including on personal devices);

(c) Certify in writing to Company that Employee has complied with the requirements of this Section.

6. NO SOLICITATION OF EMPLOYEES

[OPTIONAL: Include if permitted under state law]

During Employee's employment with Company and for a period of [12] months following the termination of Employee's employment for any reason, Employee will not, directly or indirectly, solicit, recruit, or hire any employee of Company to leave their employment with Company or to accept employment with any other person or entity.

7. NO SOLICITATION OF CUSTOMERS

[OPTIONAL: Include if permitted under state law]

During Employee's employment with Company and for a period of [12] months following the termination of Employee's employment for any reason, Employee will not, directly or indirectly, solicit or provide services to any customer or client of Company with whom Employee had contact or about whom Employee obtained Confidential Information during the [12] months prior to Employee's termination of employment.

8. DEFEND TRADE SECRETS ACT NOTICE

[REQUIRED FOR U.S. EMPLOYERS]

Pursuant to the Defend Trade Secrets Act of 2016, Employee is hereby notified that:

(a) **Immunity from Liability.** An individual will not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that:

    (i) is made (A) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney; and (B) solely for the purpose of reporting or investigating a suspected violation of law; or

    (ii) is made in a complaint or other document that is filed under seal in a lawsuit or other proceeding.

(b) **Use of Trade Secret Information in Anti-Retaliation Lawsuit.** An individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose the employer's trade secrets to the attorney and use the trade secret information in the court proceeding if the individual:

    (i) files any document containing the trade secret under seal; and

    (ii) does not disclose the trade secret, except pursuant to court order.

9. NO LICENSE OR OWNERSHIP TRANSFER

Nothing in this Agreement grants Employee any license, right, title, or interest in or to the Confidential Information. All Confidential Information remains the sole property of Company.

10. REMEDIES AND EQUITABLE RELIEF

Employee acknowledges that any breach of this Agreement may cause irreparable harm to Company for which monetary damages may be an inadequate remedy. Accordingly, Company will be entitled to seek equitable relief, including injunction and specific performance, in addition to all other remedies available at law or in equity.

11. GOVERNING LAW AND JURISDICTION

This Agreement will be governed by and construed in accordance with the laws of the State of [STATE WHERE EMPLOYEE WORKS], without regard to its conflicts of law principles. Any dispute arising out of or relating to this Agreement will be resolved exclusively in the state or federal courts located in [COUNTY, STATE], and each party consents to the personal jurisdiction of such courts.

12. MISCELLANEOUS

(a) Entire Agreement. This Agreement constitutes the entire agreement between the parties concerning the subject matter hereof and supersedes all prior agreements and understandings, except that this Agreement does not supersede any employment agreement, proprietary information agreement, or other agreement between Employee and Company.

(b) Amendments. This Agreement may be amended only by a written instrument signed by both parties.

(c) Waiver. No waiver of any provision of this Agreement will be deemed or will constitute a waiver of any other provision.

(d) Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

(e) Counterparts. This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together will constitute one and the same instrument.

EMPLOYEE ACKNOWLEDGES THAT EMPLOYEE HAS READ THIS AGREEMENT, UNDERSTANDS IT, AND AGREES TO BE BOUND BY ITS TERMS.

[YOUR COMPANY NAME]

By: _____________________________
Name: [Name]
Title: [Title]
Date: ___________________________

EMPLOYEE

_________________________________
[Employee Name]
Date: ___________________________

Important Notes for Employee NDAs

1. DTSA Notice Required (Federal Law)

The Defend Trade Secrets Act (DTSA) notice (Section 8 above) is required for all employee NDAs in the United States. Failure to include this notice means you cannot recover exemplary damages or attorney's fees in a trade secret misappropriation lawsuit under the DTSA.

2. State-Specific Restrictions Apply

Employee NDAs are subject to state-specific restrictions:

California: Extremely limited (see "California NDA Restrictions" below)
Other states: May have restrictions on non-solicitation, non-compete, or confidentiality provisions

Consult with a local employment attorney to ensure compliance.

California NDA Restrictions

California has some of the most restrictive laws in the U.S. regarding employee NDAs and restrictive covenants. If you have employees in California, you must comply with California law.

1. Non-Compete Agreements are Unenforceable

California Business and Professions Code § 16600 makes non-compete agreements void and unenforceable (with very limited exceptions).

What this means:

You cannot prohibit employees from working for competitors after they leave
You cannot prohibit employees from starting competing businesses after they leave

Exception: Non-competes are enforceable in connection with the sale of a business or dissolution of a partnership.

2. Non-Solicitation Agreements are Limited

California generally disfavors non-solicitation agreements, but they may be enforceable in limited circumstances:

Customer non-solicitation: Generally unenforceable (courts treat them as de facto non-competes)
Employee non-solicitation: May be enforceable if narrowly tailored and supported by consideration

Best practice: Avoid non-solicitation provisions in California employee agreements (or consult with a California employment attorney).

3. Confidentiality Agreements Must Be Narrowly Tailored

California law allows confidentiality agreements, but they must be narrowly tailored to protect legitimate trade secrets and confidential information.

What you CAN protect:

Trade secrets (as defined by California Uniform Trade Secrets Act)
Confidential and proprietary information that is not publicly available

What you CANNOT protect:

General skills, knowledge, and experience gained during employment
Information that is generally known in the industry
Information that would make it impossible for the employee to work in their field

Example of overbroad NDA (unenforceable in California):

Employee agrees not to disclose or use any information relating to the software industry, including general software development practices, customer relationship management strategies, or any other information learned during employment.

Why this is overbroad: It prohibits Employee from using general skills and knowledge, effectively preventing them from working in the software industry.

Example of narrow NDA (enforceable in California):

Employee agrees not to disclose or use Company's proprietary source code, algorithms, customer lists, pricing information, and business strategies that are not publicly available.

4. California Labor Code § 2870: No Assignment of Employee Inventions

California Labor Code § 2870 limits what employee inventions can be assigned to the employer.

What you CANNOT require:

You cannot require employees to assign inventions that were:

Developed entirely on the employee's own time
Without using the employer's equipment, supplies, facilities, or trade secrets
That do not relate to the employer's business or actual/demonstrably anticipated research

What you MUST include in employment agreements:

California law requires you to include a notice in employment agreements informing employees of their rights under California Labor Code § 2870.

Required Notice:

NOTICE TO EMPLOYEE REGARDING CALIFORNIA LABOR CODE § 2870

California Labor Code § 2870 provides that an employer may not require an employee to assign to the employer any invention that the employee developed entirely on the employee's own time without using the employer's equipment, supplies, facilities, or trade secret information, except for inventions that:

(a) Relate at the time of conception or reduction to practice to the employer's business or actual or demonstrably anticipated research or development; or

(b) Result from any work performed by the employee for the employer.

5. California SB 331: Restrictions on Settlement Agreement NDAs

California Senate Bill 331 (effective January 1, 2022) restricts the use of NDAs in settlement agreements involving harassment, discrimination, or retaliation claims.

What you CANNOT do:

You cannot include provisions in settlement agreements that prohibit disclosure of information about:

Sexual assault
Sexual harassment
Harassment or discrimination based on protected characteristics (race, religion, gender, etc.)
Retaliation for reporting harassment or discrimination

Exception: You can include confidentiality provisions if the complainant requests confidentiality.

What this means for startups:

Review settlement agreements with a California employment attorney
Ensure settlement NDAs comply with SB 331

DTSA Compliance (Defend Trade Secrets Act)

The Defend Trade Secrets Act (DTSA), enacted in 2016, is a federal law that provides a federal civil cause of action for trade secret misappropriation.

What the DTSA Requires

1. Immunity Notice (Required)

The DTSA requires employers to include a notice in all employee NDAs and contractor agreements informing employees/contractors that they have immunity from liability for certain trade secret disclosures.

Required Notice:

Pursuant to the Defend Trade Secrets Act of 2016:

(a) Immunity from Liability. An individual will not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that:
(i) is made (A) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney; and (B) solely for the purpose of reporting or investigating a suspected violation of law; or

(ii) is made in a complaint or other document that is filed under seal in a lawsuit or other proceeding.
(b) Use of Trade Secret Information in Anti-Retaliation Lawsuit. An individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose the employer's trade secrets to the attorney and use the trade secret information in the court proceeding if the individual:
(i) files any document containing the trade secret under seal; and

(ii) does not disclose the trade secret, except pursuant to court order.

Penalty for Non-Compliance:

If you fail to include this notice in employee NDAs or contractor agreements, you cannot recover exemplary damages or attorney's fees in a trade secret misappropriation lawsuit under the DTSA.

2. Cross-Reference the Notice in Your Policies

Include the DTSA immunity notice in:

Employment agreements
Offer letters
Employee handbooks
Proprietary information and inventions agreements (PIIAs)
Contractor agreements

DTSA Statute of Limitations

3 years from the date the misappropriation is discovered (or should have been discovered with reasonable diligence).

International Considerations

If your startup operates internationally or shares confidential information with parties outside the U.S., be aware of international considerations:

1. GDPR (European Union)

The General Data Protection Regulation (GDPR) imposes strict requirements on the processing of personal data of EU residents.

What this means for NDAs:

If your Confidential Information includes personal data of EU residents, you must comply with GDPR
You may need to include data processing provisions in your NDA (or sign a separate Data Processing Agreement)
You must ensure that the Receiving Party has appropriate data security measures in place

Example GDPR provision for NDAs:

To the extent that Confidential Information includes personal data of individuals located in the European Union, Receiving Party agrees to process such personal data only in accordance with Disclosing Party's instructions and to comply with the requirements of the General Data Protection Regulation (Regulation (EU) 2016/679) (the "GDPR"). Receiving Party will implement appropriate technical and organizational measures to protect such personal data in accordance with GDPR Article 32.

2. Data Localization Laws

Some countries have data localization laws that require personal data to be stored within the country's borders.

Countries with data localization laws:

China: Personal data of Chinese citizens must be stored in China
Russia: Personal data of Russian citizens must be stored in Russia
India: Draft data protection law requires personal data to be stored in India

What this means for NDAs:

If you're sharing personal data with parties in these countries, you may need to include provisions requiring data to be stored locally
Consult with a local attorney in the relevant jurisdiction

3. Enforceability of NDAs Across Borders

NDAs may not be enforceable in all countries. Enforceability depends on:

Whether the foreign jurisdiction recognizes NDAs as legally binding contracts
Whether the foreign jurisdiction will enforce judgments from U.S. courts
Whether you have a valid arbitration agreement (which may be more easily enforceable internationally)

Best practices for international NDAs:

Include an arbitration clause (arbitration awards are generally more easily enforced internationally under the New York Convention)
Specify governing law and jurisdiction clearly
Consult with local attorneys in the relevant jurisdictions

Common NDA Mistakes

Mistake #1: Using an NDA That's Too Broad

The problem: Your NDA defines "Confidential Information" so broadly that it covers information that is publicly available, general skills and knowledge, or information the Receiving Party already knew.

Why it's wrong:

Unenforceable: Courts will not enforce overbroad NDAs
California: Overbroad employee NDAs violate California law and may be void

Example of overbroad NDA:

"Confidential Information" means any and all information relating to Company's business, including all information disclosed during Employee's employment.

Why this is overbroad: It includes publicly available information, general skills, and information Employee already knew.

The fix:

Use a narrow definition of Confidential Information that:

Excludes publicly available information
Excludes information the Receiving Party already knew
Excludes general skills and knowledge

Example of narrow definition:

"Confidential Information" means information disclosed by Company to Recipient that is marked as "Confidential" or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, excluding information that: (a) is publicly available; (b) was known to Recipient before disclosure; (c) is independently developed by Recipient; or (d) is received from a third party without breach of confidentiality.

Mistake #2: Not Including Exclusions from Confidential Information

The problem: Your NDA does not include exclusions for publicly available information, information the Receiving Party already knew, or information the Receiving Party independently developed.

Why it's wrong:

Unenforceable: Courts will not enforce NDAs that attempt to protect public information
Unfair to Receiving Party: The Receiving Party should not be liable for using publicly available information or information they already knew

The fix:

Always include standard exclusions from Confidential Information (see "Key NDA Provisions" above).

Mistake #3: NDA Term is Too Short (or Missing)

The problem: Your NDA has a 1-year obligation period, but your trade secrets will remain valuable for 5+ years.

Why it's wrong:

After the NDA expires, the Receiving Party is free to disclose or use your Confidential Information
You lose trade secret protection once the NDA obligation period expires

The fix:

Use a longer obligation period (3-5 years minimum)
Use an indefinite obligation period for trade secrets (obligations continue as long as information remains a trade secret)

Example:

The obligations of Receiving Party will survive for a period of 5 years following the disclosure of Confidential Information, except that obligations with respect to Confidential Information that constitutes a trade secret will continue indefinitely or until such information ceases to be a trade secret.

Mistake #4: Not Including Return or Destruction Requirement

The problem: Your NDA does not require the Receiving Party to return or destroy Confidential Information upon termination.

Why it's wrong:

The Receiving Party may continue to possess your Confidential Information indefinitely
Increases risk of unauthorized disclosure or use

The fix:

Include a provision requiring return or destruction of Confidential Information upon termination (see "Key NDA Provisions" above).

Mistake #5: Not Including Equitable Relief Provision

The problem: Your NDA does not include a provision confirming that breach may cause irreparable harm and that you're entitled to equitable relief (injunctions).

Why it's wrong:

Without an equitable relief provision, you may have to prove monetary damages in court before you can stop the breach
By the time you prove damages, your trade secrets may already be publicly disclosed

The fix:

Include an equitable relief provision (see "Key NDA Provisions" above) confirming that you're entitled to injunctions and specific performance in addition to monetary damages.

Mistake #6: Using NDAs When You Don't Have Leverage

The problem: You ask a potential customer or investor to sign an NDA before initial conversations, and they refuse—killing the relationship before it starts.

Why it's wrong:

Professional investors and large enterprises often refuse to sign NDAs for initial conversations
Demanding an NDA signals paranoia and may damage the relationship

The fix:

Don't use NDAs for initial conversations (keep conversations high-level)
Request an NDA later if conversations progress to sharing confidential information

Mistake #7: Not Including DTSA Immunity Notice (Employee NDAs)

The problem: Your employee NDA does not include the DTSA immunity notice required by federal law.

Why it's wrong:

Penalty: You cannot recover exemplary damages or attorney's fees in a DTSA trade secret lawsuit

The fix:

Always include the DTSA immunity notice in employee NDAs (see "Employee NDA Template" and "DTSA Compliance" above).

Mistake #8: Using a California-Noncompliant NDA for California Employees

The problem: Your employee NDA includes non-compete or overbroad non-solicitation provisions, and your employee works in California.

Why it's wrong:

Unenforceable: Non-compete agreements are void in California (Business and Professions Code § 16600)
Liability: Using unenforceable restrictive covenants may expose you to lawsuits by employees

The fix:

Remove non-compete provisions for California employees
Limit non-solicitation provisions (or consult with a California employment attorney)
Narrow confidentiality provisions to protect only legitimate trade secrets and confidential information

Mistake #9: Not Tracking Which NDAs Have Been Signed

The problem: You don't have a system for tracking which vendors, contractors, and employees have signed NDAs.

Why it's wrong:

You may inadvertently disclose confidential information to parties who haven't signed NDAs (losing trade secret protection)
You can't enforce NDAs if you don't know who signed them

The fix:

Maintain a log of all executed NDAs (use a spreadsheet or contract management system)
Track expiration dates and renew NDAs as needed
Require NDAs before disclosure (make it a policy that no confidential information is disclosed without a signed NDA)

Mistake #10: Not Updating NDAs for Changes in Law

The problem: Your NDA template is 5 years old and doesn't reflect recent changes in law (e.g., DTSA notice requirement, California SB 331).

Why it's wrong:

Non-compliance: Your NDAs may not comply with current law
Unenforceable: Outdated NDAs may be unenforceable

The fix:

Review NDA templates annually with your attorney
Update templates to reflect changes in federal and state law
Re-execute NDAs with key parties (employees, contractors, vendors) if necessary

NDA Enforcement

How to Enforce an NDA

If a party breaches an NDA, you have several legal remedies:

1. Injunctive Relief

An injunction is a court order requiring the breaching party to stop disclosing or using your Confidential Information.

How to get an injunction:

File a lawsuit seeking a temporary restraining order (TRO) or preliminary injunction
Prove that:
- You're likely to succeed on the merits (the NDA is enforceable and was breached)
- You'll suffer irreparable harm without an injunction
- Monetary damages are inadequate
- The balance of equities favors an injunction

Timeline: TROs can be obtained in a matter of days; preliminary injunctions typically take 2-4 weeks.

2. Monetary Damages

You can sue for monetary damages caused by the breach, including:

Actual damages: Lost profits, lost business opportunities, diminished value of trade secrets
Unjust enrichment: Profits the breaching party gained by using your Confidential Information
Exemplary (punitive) damages: Available under the DTSA if the breach was willful and malicious (up to 2x actual damages)

3. Attorney's Fees

Under the DTSA, you may recover attorney's fees if:

The breach was willful and malicious, OR
The breaching party's claim of non-breach was made in bad faith

4. Criminal Prosecution (Rare)

In extreme cases, trade secret theft may be prosecuted criminally under:

Economic Espionage Act (18 U.S.C. § 1831): Theft of trade secrets to benefit foreign governments (up to 15 years in prison)
18 U.S.C. § 1832: Theft of trade secrets for commercial advantage (up to 10 years in prison)

Note: Criminal prosecution is rare and typically reserved for cases involving theft by employees, competitors, or foreign actors.

Defenses to NDA Enforcement

If you sue to enforce an NDA, the breaching party may raise these defenses:

1. Information Was Not Confidential

The breaching party may argue that the information disclosed was:

Publicly available
Already known to the breaching party before disclosure
Independently developed by the breaching party
Received from a third party without breach of confidentiality

How to counter this defense:

Provide evidence that the information was not publicly available (e.g., not in public product documentation, not in patents)
Prove that you took reasonable measures to keep the information secret (e.g., NDAs, access controls, confidentiality notices)

2. NDA is Overbroad or Unenforceable

The breaching party may argue that the NDA is overbroad (covers non-confidential information) or violates public policy (e.g., California non-compete ban).

How to counter this defense:

Use narrowly-tailored NDAs that comply with state law
Include severability provisions (if one provision is invalid, the rest of the NDA remains enforceable)

3. No Breach Occurred

The breaching party may argue that they did not breach the NDA (e.g., did not disclose or use Confidential Information).

How to counter this defense:

Provide evidence of the breach (e.g., leaked documents, communications showing disclosure, evidence of use of your technology by competitors)

4. Breaching Party Was Required by Law to Disclose

The breaching party may argue that they were required by law to disclose the information (e.g., in response to a subpoena or court order).

How to counter this defense:

Ensure your NDA includes a provision requiring the breaching party to notify you of legal disclosure requirements (so you can seek a protective order)
If the breaching party did not provide notice, they may have breached the NDA

FAQs

1. Do I need an NDA before pitching to investors?

No, most professional investors (VCs, angels) will refuse to sign NDAs before pitch meetings.

Why:

VCs see hundreds of pitches per year and cannot sign NDAs for every pitch (administrative burden and legal risk)
VCs invest in multiple companies in the same industry—signing an NDA with one startup could prevent them from investing in competing startups
Industry norm: Pitch meetings do NOT require NDAs

What to do instead:

Share only high-level information in initial pitch meetings (problem, solution, market, traction, team)
Do NOT share detailed technical specifications, source code, or sensitive financial data
Request an NDA later during due diligence if the investor expresses serious interest

2. How long should NDA obligations last?

Best practice:

Term of the Agreement: 1-3 years (or indefinite until terminated)
Obligation Period: 3-5 years after disclosure (or indefinite for trade secrets)

Why:

Trade secrets may remain valuable for many years (or indefinitely)
A 1-year obligation period is too short for most startups

Example:

The obligations of Receiving Party will survive for a period of 3 years following the disclosure of Confidential Information, except that obligations with respect to Confidential Information that constitutes a trade secret will continue indefinitely or until such information ceases to be a trade secret.

3. Can I use an NDA to prevent employees from competing after they leave?

Depends on the state.

California: No. Non-compete agreements are void and unenforceable (with very limited exceptions).
Other states: Maybe. Some states enforce non-competes if they are reasonable in scope and duration. Check your state's law.

What you CAN do:

Confidentiality agreements: Prevent employees from disclosing or using your trade secrets and confidential information
Non-solicitation agreements: Prevent employees from soliciting your customers or employees (if permitted under state law)
IP assignment agreements: Ensure that work product created during employment belongs to your company

4. What if a vendor refuses to sign my NDA?

Options:

1. Negotiate the NDA terms

Offer to use a mutual NDA (instead of a one-way NDA)
Narrow the definition of Confidential Information
Shorten the obligation period

2. Use the vendor's NDA template

Some large vendors (e.g., AWS, Google Cloud, Salesforce) have their own standard NDA templates
Review the vendor's NDA with your attorney to ensure it provides adequate protection

3. Don't share confidential information

If the vendor refuses to sign an NDA, don't share confidential information
Limit your evaluation to publicly available information

4. Find a different vendor

If you must share confidential information and the vendor refuses to sign an NDA, find a different vendor who will

5. Should I use a mutual NDA or a one-way NDA?

Use a mutual NDA when:

Both parties will be sharing confidential information (e.g., strategic partnerships, M&A, joint ventures)
You're negotiating with a party of equal leverage

Use a one-way NDA when:

Only you will be sharing confidential information (e.g., vendor evaluations, contractor engagements, customer pitches)
You have leverage over the other party

Best practice: Start with a one-way NDA (simpler and more favorable to you). If the other party requests a mutual NDA, negotiate.

6. Do I need a lawyer to draft an NDA?

Recommendation: Yes, especially for:

Employee NDAs (must comply with state-specific employment laws)
M&A NDAs (should include standstill, non-solicitation, and use restrictions)
International NDAs (must comply with foreign laws)

Why:

NDAs are legally binding contracts—poorly drafted NDAs may be unenforceable
State-specific laws (California, New York, Washington, etc.) impose restrictions on NDAs
Federal laws (DTSA) impose notice requirements

Cost: Expect to pay $500-$2,000 for a startup attorney to draft or review an NDA template.

DIY option: You can use the NDA templates in this guide as a starting point, but have a startup attorney review them to ensure compliance with your state's laws.

7. Can I enforce an NDA if the other party is in a foreign country?

Maybe. Enforceability depends on:

Whether the foreign jurisdiction recognizes NDAs as legally binding contracts
Whether the foreign jurisdiction will enforce judgments from U.S. courts
Whether you have a valid arbitration agreement

Best practices for international NDAs:

Include an arbitration clause (arbitration awards are generally more easily enforced internationally under the New York Convention)
Specify governing law and jurisdiction clearly
Consult with local attorneys in the relevant jurisdiction

8. What happens if I disclose confidential information without an NDA?

Risk: You may lose trade secret protection.

Why:

Under the Defend Trade Secrets Act (DTSA) and state trade secret laws, information qualifies as a trade secret only if the owner takes reasonable measures to keep it secret
Disclosing confidential information without an NDA is evidence that you did NOT take reasonable measures to keep it secret
If you lose trade secret protection, you cannot sue for trade secret misappropriation

Best practice: Always use an NDA before disclosing confidential information.

9. Can I use the same NDA template for employees, contractors, and vendors?

No. Different relationships require different NDA provisions:

Employees: Include DTSA immunity notice, non-solicitation (if permitted), return of property upon termination
Contractors: Include IP assignment provisions (ensure work product is "work for hire")
Vendors: Include data security requirements, vendor management provisions

Best practice: Use separate NDA templates for employees, contractors, and vendors (or consult with an attorney to customize).

10. How do I know if my NDA is enforceable?

Factors that affect enforceability:

State law compliance: Does your NDA comply with state-specific restrictions (e.g., California non-compete ban)?
Federal law compliance: Does your employee NDA include the DTSA immunity notice?
Narrow scope: Is the definition of Confidential Information narrowly tailored (not overbroad)?
Reasonable duration: Is the obligation period reasonable (not indefinite for non-trade secrets)?
Consideration: Was the NDA supported by consideration (e.g., employment, payment, access to confidential information)?

Best practice: Have a startup attorney review your NDA to ensure enforceability.

Additional Resources

Legal Resources

Defend Trade Secrets Act (DTSA) (18 U.S.C. § 1836 et seq.)
Uniform Trade Secrets Act (adopted by most states)
California Business and Professions Code § 16600 (non-compete ban)
California Labor Code § 2870 (employee inventions)
California Senate Bill 331 (settlement agreement NDA restrictions)

NDA Tools and Templates

Orrick NDA Templates (one-way and mutual NDA templates for startups)
Cooley GO (free startup legal documents, including NDAs)
Clerky (automated NDA generation for startups)
DocuSign (electronic signature platform for NDAs)

Related Guides

Need Help with NDAs?

NDAs are legally binding contracts that require careful drafting and state-specific compliance. Using a poorly drafted or non-compliant NDA can leave your startup exposed to trade secret theft, employee lawsuits, or unenforceable contracts.

At Promise Legal, we help startups:

Draft enforceable NDAs for employees, contractors, vendors, and partners
Review and negotiate NDAs proposed by third parties
Ensure compliance with state-specific laws (California, New York, Washington, etc.)
Enforce NDAs when breaches occur

Schedule a consultation today to protect your startup's confidential information with properly drafted NDAs.

Disclaimer: This guide provides general legal information and is not legal advice. NDAs are legally binding contracts subject to federal and state law. Consult with an experienced startup attorney before drafting, signing, or enforcing an NDA.

NDA Templates for Startups: Mutual, One-Way & Employee Non-Disclosure Agreements (2025)

Introduction: Why NDAs Matter for Startups

Table of Contents

What is an NDA?

How NDAs Protect Your Startup

What Information Can NDAs Protect?

Types of NDAs

1. Mutual NDA (Two-Way NDA)

2. One-Way NDA (Unilateral NDA)

3. Multilateral NDA (Three-Way NDA)

Comparison: Mutual vs One-Way NDAs

When to Use an NDA

1. Before Sharing Confidential Information with Vendors

2. With Employees (via Employment Agreement or Standalone NDA)

3. With Contractors and Consultants

4. During M&A Due Diligence

5. With Strategic Partners (Exploring Partnerships)

6. With Beta Customers or Early Access Users

When NOT to Use an NDA

1. When Pitching to Professional Investors (VCs, Angels)

2. When Networking or Making Cold Introductions

3. When Information is Already Public

4. When You Don't Have Leverage

Key NDA Provisions

1. Parties

2. Definition of Confidential Information

3. Exclusions from Confidential Information

4. Obligations of Receiving Party

5. Term and Duration

6. Return or Destruction of Confidential Information

7. No License or Ownership Transfer

8. Remedies and Equitable Relief

9. Governing Law and Jurisdiction

10. Miscellaneous Provisions

Mutual NDA Template

When to Use This Template

Mutual NDA Template

Customization Tips

One-Way NDA Template

When to Use This Template

One-Way NDA Template

Employee NDA Template

When to Use This Template

Employee NDA Template

Important Notes for Employee NDAs

California NDA Restrictions

1. Non-Compete Agreements are Unenforceable

2. Non-Solicitation Agreements are Limited

3. Confidentiality Agreements Must Be Narrowly Tailored

4. California Labor Code § 2870: No Assignment of Employee Inventions

5. California SB 331: Restrictions on Settlement Agreement NDAs

DTSA Compliance (Defend Trade Secrets Act)

What the DTSA Requires

DTSA Statute of Limitations

International Considerations

1. GDPR (European Union)

2. Data Localization Laws

3. Enforceability of NDAs Across Borders

Common NDA Mistakes

Mistake #1: Using an NDA That's Too Broad

Mistake #2: Not Including Exclusions from Confidential Information

Mistake #3: NDA Term is Too Short (or Missing)

Mistake #4: Not Including Return or Destruction Requirement

Mistake #5: Not Including Equitable Relief Provision

Mistake #6: Using NDAs When You Don't Have Leverage

Mistake #7: Not Including DTSA Immunity Notice (Employee NDAs)

Mistake #8: Using a California-Noncompliant NDA for California Employees

Mistake #9: Not Tracking Which NDAs Have Been Signed

Mistake #10: Not Updating NDAs for Changes in Law

NDA Enforcement

How to Enforce an NDA

Defenses to NDA Enforcement

FAQs

1. Do I need an NDA before pitching to investors?

2. How long should NDA obligations last?

3. Can I use an NDA to prevent employees from competing after they leave?

4. What if a vendor refuses to sign my NDA?

5. Should I use a mutual NDA or a one-way NDA?

6. Do I need a lawyer to draft an NDA?

7. Can I enforce an NDA if the other party is in a foreign country?