Non-Disclosure Agreements (NDAs) & Confidentiality Agreements

Drafting | Reviewing | Enforcing confidentiality for businesses, individuals and investors

Non-disclosure agreements (NDAs) and confidentiality clauses are fundamental tools for protecting commercially sensitive information, intellectual property and business relationships. They help you share what you need to, with the right people, at the right time, without losing control of your ideas or data.

From 2025, the legal landscape for NDAs in England and Wales has changed significantly. New legislation clarifies that NDAs cannot be used to prevent victims of crime from seeking help, advice or reporting criminal conduct, while still allowing businesses to protect genuine confidential information and trade secrets.

At Jonathan Lea Network, our specialist solicitors draft, review, negotiate and enforce NDAs and confidentiality agreements for clients across England and Wales. We work with startups, SMEs, corporates, professionals, universities, charities and individuals, giving clear and commercially focused advice that reflects the latest law and guidance.

Our team, based in Sussex and London, prides itself on being approachable, proactive and transparent on costs, working as an extension of your team rather than a remote legal bolt-on.

Speak to an NDA solicitor today. Call us on 01444 708 640 or email us to arrange a free introductory call.

What is an NDA and why does it matter?

A non-disclosure agreement (NDA), sometimes called a confidentiality agreement, is a legally binding contract that limits how a receiving party can use or share information you provide to them. NDAs can be stand-alone documents, or they can be built into wider agreements such as employment contracts, consultancy agreements, joint venture agreements, settlement agreements or investment documents.

They matter because confidential information is often the most valuable asset a business or individual holds. Without appropriate protections, information can be copied, misused or leaked in ways that damage your competitive advantage, reputation or negotiating position.

An NDA can help protect, for example:

• Business strategy and commercial plans. This includes pricing structures, go-to-market strategies, product roadmaps, pitch decks and internal forecasts. Losing control of this information can hand competitors a ready-made playbook and weaken your bargaining power in negotiations.
  
• Financial information and investor data. NDAs can cover internal financials, funding plans, investor identities and deal terms. This allows you to share what is needed for due diligence or fundraising without exposing sensitive numbers more widely than necessary.
  
• Client lists, supplier terms and commercial relationships. These relationships often take years to develop. An NDA helps stop counterparties or departing staff from misusing that information to divert clients or replicate your supply chain.
  
• Technical know-how and intellectual property. This includes source code, algorithms, formulas, designs, prototypes, R&D results and trade secrets. Protecting these properly is often critical to maintaining your edge in technology, life sciences, engineering or creative industries.
  
• Personal or sensitive information. In some contexts, NDAs can help demonstrate that access to personal data or sensitive information is controlled. However, NDAs should complement, not replace, obligations under UK GDPR and the Data Protection Act 2018, and in many cases a separate data sharing or processing agreement will also be required.
  

Used well, NDAs create a clear framework for sharing information safely, so that deals and collaborations can move forward without unnecessary legal friction.

Important: Recent Changes to UK NDA Law (October 2025)

From 1 October 2025, new rules under Section 17 of the Victims and Prisoners Act 2024 significantly limit how NDAs can be used in England and Wales.

For NDAs signed on or after 1 October 2025:

• An NDA cannot prevent someone who is, or reasonably believes they are, a victim of crime from making certain “permitted disclosures” about the criminal conduct.
  
• Permitted disclosures can be made to specific categories of recipients, including:
  
  • Law enforcement and prosecution bodies
    
  • Regulated legal professionals, for the purpose of obtaining legal advice or representation
    
  • Healthcare and support services, such as counsellors or specialist charities
    
  • Regulatory and oversight bodies, where relevant to their functions
    
  • Close family members, for emotional or practical support in relation to the criminal conduct
    
• These disclosures must be made for specified purposes, including seeking advice, support, investigation, prosecution or regulatory action. If those criteria are met, the NDA is unenforceable so far as it purports to prevent such disclosures.
  

The NDA remains enforceable in other respects. In particular, it can still restrict disclosures made primarily to put information into the public domain (for example via the press or social media), and it can continue to protect trade secrets, commercial confidential information and other legitimate interests.

These changes:

• Do not apply to NDAs entered into before 1 October 2025, which continue to be governed by the previous common law and statutory framework.
  
• Do not stop businesses protecting genuine confidential information, IP or commercial interests, provided NDAs are drafted in a way that respects permitted disclosures for victims of crime.
  

In addition:

• From 1 August 2025, the Higher Education (Freedom of Speech) Act 2023 prohibits English higher education providers from using NDAs to silence staff, students, members or visiting speakers in relation to complaints of sexual abuse, sexual harassment, sexual misconduct or other bullying and harassment.
  
• The Employment Rights Bill, currently before Parliament, proposes to ban NDAs that prevent workers from speaking about workplace harassment or discrimination. If passed, this will further restrict the use of confidentiality clauses in employment and settlement agreements, while still allowing protection of commercial information.
  

All NDA templates now need explicit permitted disclosure carve-outs that reflect Section 17 and, where relevant, higher education or employment-related reforms. We ensure every NDA we draft or update complies with this evolving legal framework while still robustly protecting your legitimate business interests.

Further changes affecting employment-related NDAs are expected in late 2025 and 2026. We monitor developments closely and update our drafting and advice in line with new legislation and guidance.

Are NDAs enforceable in the UK?

Yes, NDAs are generally enforceable under English law if they are properly drafted, reasonable in scope and compliant with current legislation. In practice, courts and regulators look at a number of factors, including:

• Whether the information genuinely has the quality of confidence. Information that is already public, trivial or widely known cannot suddenly become confidential simply because an NDA says so. The content must be inherently confidential.
  
• Whether it was shared in circumstances importing an obligation of confidence. This can arise from express contract terms or implied obligations where it is clear from the circumstances that confidentiality was expected.
  
• How clearly the NDA defines the confidential information and obligations. Agreements that are vague about what is protected, or use confusing language, are harder to enforce and more likely to be challenged.
  
• Whether the NDA is reasonable and not oppressive. For example, an NDA that tries to stop someone from ever speaking to anyone about any aspect of a matter, regardless of context or need, may be considered overbroad and problematic.
  
• Whether the NDA complies with statutory restrictions. From 1 October 2025, NDAs cannot prevent victims of crime from making permitted disclosures about relevant criminal conduct, and from 1 August 2025 certain NDAs in higher education contexts are outright banned for harassment or abuse cases. Further statutory limits are expected for workplace harassment and discrimination NDAs once the Employment Rights Bill is enacted.
  

Poorly drafted NDAs, or those that attempt to override statutory protections, may be unenforceable in whole or in part. Our job is to help you stay firmly on the right side of the law while still protecting what matters.

Common problems with NDAs and confidentiality clauses

We frequently encounter NDAs that look reassuring on paper but are weak or risky in practice, for example:

• Vague or catch-all definitions of “Confidential Information”. If everything is confidential, nothing is clear. Overly broad definitions can cause confusion, invite disputes and sometimes undermine enforceability because the recipient cannot realistically understand what is covered.
  
• Unrealistic or indefinite time periods. True trade secrets can justify very long or even indefinite protection, but ordinary commercial information usually cannot. NDAs that impose perpetual secrecy on all information, regardless of its nature, are likely to face challenge and may be difficult to enforce.
  
• Inadequate obligations on handling and security. A generic obligation to “keep the information confidential” may not be enough. NDAs should specify practical duties, such as limiting access on a need-to-know basis, using appropriate security measures and promptly returning or destroying information when no longer needed.
  
• No clear permitted disclosures. Most commercial arrangements require some disclosure to advisers, internal teams or regulators. NDAs that do not allow legitimate, controlled disclosures can be unworkable and may be ignored in practice.
  
• Weak or missing remedies provisions. If an NDA does not clearly allow for injunctions, return or destruction of information and recovery of losses, it may be harder to act quickly and decisively in the event of a breach.
  
• Failure to address data protection. Where personal data is involved, an NDA alone is not enough. The agreement should sit alongside, and be consistent with, obligations under UK data protection law, including clear roles and responsibilities for controllers and processors.
  
• Use of outdated templates. Many organisations still rely on pre-2025 templates which do not reflect Section 17 of the Victims and Prisoners Act or the higher education restrictions. These may contain clauses that are unenforceable for victims of crime or in certain university contexts and could expose the organisation to regulatory or reputational risk.
  

We review your existing NDAs, highlight any issues, and update them so they remain compliant and genuinely protective.

Types of NDAs we advise on

We draft, review and enforce NDAs across many sectors and situations, including:

• Mutual and one-way NDAs for commercial projects, used for collaborations, supply arrangements, licensing, outsourcing and joint ventures where one or both parties share sensitive information.
  
• Investment, fundraising and due diligence NDAs, tailored for startups, growth companies and investors to allow useful discussion while protecting business plans, IP and financial information.
  
• Employment and consultancy confidentiality clauses in contracts and settlement agreements, ensuring they are compliant with current law and compatible with whistleblowing and forthcoming harassment protections.
  
• Technology, IP and R&D NDAs, protecting technical detail, source code or inventions and properly covering trade secrets and future patentability considerations.
  
• NDAs in mergers, acquisitions and disposals, designed to work effectively with data rooms, due diligence processes and corporate transaction timetables.
  
• Higher education and research NDAs, ensuring compliance with the ban on NDAs for certain harassment and sexual misconduct complaints, while still protecting research collaborations, industry partnerships and data sharing.
  
• Creative, media and entertainment NDAs, used by writers, designers, agencies and production companies to protect concepts, scripts, pitches and early-stage IP.
  

Every NDA is tailored to fit its context rather than being a generic, one-size-fits-all document.

Step 1: Initial assessment – what needs protecting and what law applies?

Before drafting or negotiating an NDA, we work with you to understand both your information and your regulatory environment.

Identifying your confidential information. We clarify what is genuinely confidential and valuable, and what can safely remain outside the NDA. This helps avoid both under- and over-protection and reduces disputes later.

Understanding the disclosure context. We look at who will receive the information, what they will use it for, and whether it may later be shared onward. We also consider whether any specific statutory regimes apply, for example Section 17 of the Victims and Prisoners Act (for victims of crime), higher-education-specific restrictions, whistleblowing protections, or pending employment reforms.

Assessing risk and commercial priorities. Different situations justify different levels of protection. We help you weigh the sensitivity of the information against the need to move quickly and maintain good relationships with counterparties.

This assessment ensures the NDA is realistic, enforceable and aligned with how you actually work.

Step 2: Drafting or reviewing your NDA

We then draft or refine your NDA so that it is clear, effective and compliant.

Precise, balanced definitions of “Confidential Information”. We make sure definitions are wide enough to protect what matters, but not so vague that they become meaningless or invite challenge.

Plain English obligations. We use accessible language so both parties understand exactly what they must and must not do. This is increasingly important for regulators and courts, and it also reduces the risk of accidental breaches or disputes.

Strong but proportionate use, disclosure and security obligations. We set out how information may be used, who may see it, what security measures should be applied and how breaches should be handled. Clear, practical obligations are easier to comply with and enforce.

Return and destruction provisions. We include clear mechanisms for returning or securely deleting information at the end of discussions or relationships, with specific processes for electronic data and backups where relevant.

Carve-outs for legal and regulatory obligations. We ensure the NDA allows disclosures required by law, regulation or court order, and is compatible with whistleblowing protections and data protection law where those apply.

Explicit permitted disclosures under Section 17 Victims and Prisoners Act 2024. For NDAs signed on or after 1 October 2025, we include clear wording confirming that nothing in the NDA prevents a victim of crime (or someone who reasonably believes they are a victim) from making permitted disclosures to law enforcement, legal advisors, healthcare and support services, regulators or close family, for the purposes specified in the Act.

Sector-specific carve-outs (e.g. higher education and employment). For universities, we make sure NDAs do not attempt to restrict disclosures relating to sexual misconduct, bullying or harassment where this is prohibited. For employment-related NDAs, we build in wording that will still make sense as new harassment and discrimination provisions under the Employment Rights Bill come into force.

Robust remedies clauses. We include express rights to seek injunctions, damages and other relief, making it easier to act quickly if a breach occurs.

If you already have an NDA or suite of templates, we can review and update them so they are fit for purpose under the 2025 regime and beyond.

Step 3: Negotiation, commercial alignment and signing

Many NDAs are signed quickly, but where terms are heavily negotiated, it is important to ensure your position is still properly protected.

Clarifying obligations on both sides. We explain proposed wording in practical terms, so you can confidently agree or push back on particular provisions. This reduces the risk of misunderstandings later.

Adjusting scope and duration proportionately. We recommend narrowing or conditioning obligations that are too wide, which both increases enforceability and demonstrates that you are acting reasonably.

Negotiating practical carve-outs and internal processes. For example, clarifying how information may be shared internally, with advisers or within group companies, and how data will be stored and managed.

Ensuring compliance with data protection and statutory restrictions. We align NDAs with your existing privacy, whistleblowing and HR frameworks, and we make sure they respect the new rules for victims of crime, higher-education complaints and forthcoming employment reforms.

Our aim is to get you to a signed NDA that protects what you need to protect, without derailing the relationship or transaction.

Step 4: Enforcing an NDA or responding to breach allegations

If you suspect an NDA has been breached, or you are accused of breaching one, early legal advice is crucial.

For businesses seeking enforcement

We can help you:

• Investigate and gather evidence about what was disclosed, by whom and how, sometimes with input from IT or forensic specialists.
  
• Send targeted cease-and-desist letters demanding that misuse stops, information is returned or deleted, and assurances are given about future conduct.
  
• Seek undertakings or negotiate settlements that stop the behaviour and, where appropriate, provide compensation without the cost of full litigation.
  
• Apply for urgent injunctions where necessary to prevent immediate or ongoing harm, particularly in high-value or highly sensitive cases.
  

For individuals accused of breach

We can help you:

• Understand the NDA and your rights, including which clauses are realistically enforceable and which may be vulnerable to challenge.
  
• Check whether your disclosure was protected, for example as a permitted disclosure under Section 17 of the Victims and Prisoners Act (for NDAs signed on or after 1 October 2025), by whistleblowing protections, or by the higher-education NDA bans.
  
• Respond safely and strategically to allegations, managing risk and avoiding unnecessary admissions while remaining constructive where settlement is possible.
  
• Negotiate exit or settlement terms, which might include clarifying scope, agreeing non-disparagement language or documenting agreed boundaries on future disclosures.
  

Our goal is always to protect your interests, minimise disruption and avoid unnecessary escalation wherever possible.

Who uses NDAs and confidentiality agreements?

We work with a wide range of clients who rely on NDAs and confidentiality clauses, including:

Businesses and SMEs. Companies of all sizes use NDAs to protect pricing, client lists, supplier terms, internal processes and strategic information. For SMEs without in-house legal teams, we often act as a trusted adviser for ongoing NDA and contract work.

Startups and high-growth companies. Early-stage and scaling businesses regularly need NDAs for investor discussions, hiring key staff, outsourcing development or exploring partnerships. Getting the NDA right at these stages can prevent serious problems later.

Founders, directors and entrepreneurs. Individuals sharing high-value concepts or negotiating exits from existing ventures need carefully balanced NDAs that protect their interests without unduly tying their hands for the future.

Employees, contractors and consultants. Many people are asked to sign confidentiality clauses as part of employment or consultancy contracts. We help them understand and, where appropriate, negotiate terms, which is particularly important given recent changes protecting certain disclosures about criminal conduct and workplace misconduct.

Universities, colleges and research bodies. Higher education providers must now navigate specific bans on NDAs in harassment and sexual misconduct cases, while still needing robust NDAs for research collaborations, industry partnerships and data sharing.

Whatever your sector, we adapt our advice to your risk profile, regulatory environment and commercial objectives.

Common challenges with NDAs and how we resolve them

“Our NDA template is old and may not comply with 2025 changes.” Many organisations are still using pre-2025 templates. We audit your existing NDAs, explain where they conflict with new legislation (for example, by failing to allow permitted disclosures by victims of crime), and update them to be compliant, clear and fit for purpose.

“The other party wants to water down our confidentiality protections.” We help you understand which protections are essential and where there is room to compromise. This lets you negotiate confidently, preserving key safeguards while keeping the deal on track.

“Someone has already leaked our information – what now?” We support you in containing the damage, identifying the source, and taking appropriate legal steps, whether that is negotiation, injunctions or issuing proceedings. Acting quickly is often critical to protecting your position.

“The NDA feels one-sided and I’m worried about my future options.” We review the NDA from your perspective, highlight practical risks, and propose amendments or side letters that give you more balanced protection. In many cases, prospects are prepared to adjust terms once issues are highlighted clearly.

“We are in higher education or the public sector and are unsure what NDAs we can still use.” We explain the specific restrictions that apply (for example, the ban on certain NDAs in higher education relating to harassment and bullying) and help you implement compliant frameworks that still protect research, collaborations and commercial partnerships.

Why choose Jonathan Lea Network for NDA and confidentiality advice?

Up-to-date, specialist expertise. We stay on top of the rapidly evolving law on NDAs, including Section 17 of the Victims and Prisoners Act, the higher-education NDA ban and proposed Employment Rights Bill reforms, so your agreements are genuinely current and enforceable.

Joined-up commercial, employment and disputes experience. NDAs cut across corporate, commercial, employment and litigation issues. Our team works collaboratively across these areas, so you get rounded, practical advice rather than siloed views.

Balanced perspective. Because we act for both organisations and individuals, we understand how each side thinks and negotiates. This helps us anticipate arguments, shape realistic positions and reach workable solutions.

Clear, approachable communication. We explain the law in plain English, demystify legal jargon and focus on what you should do next. You stay informed and in control throughout.

Value for money and transparency. We offer fixed-fee options for drafting or reviewing many standard NDAs, and provide clear estimates for more complex work, so you can budget with confidence.

Contact Us

If you need help drafting, reviewing, updating or enforcing an NDA or confidentiality clause—especially in light of the 2025 legal changes—early advice is the safest and most cost-effective step.

All enquiries are confidential. Once we are instructed, our legal advice is generally protected by legal professional privilege, meaning it cannot be disclosed to third parties without your consent.

If you are considering entering into an agency relationship or need advice on an existing agreement, our team is here to help. Contact us today on +44 (0)1444 708 640 to schedule a consultation or email wewillhelp@jonathanlea.net and learn how we can protect your interests and support your business growth.

Photo by Sue Winston on Unsplash