Tag: what is a non disclosure agreement

Non-disclosure agreements (NDAs) in India are legally binding contracts enforceable under the Indian Contract Act, 1872. They are the primary instrument businesses use to protect confidential information (trade secrets, financial data, business strategy, client lists, source code) before sharing it with employees, vendors, investors or partners. A well-drafted NDA defines exactly what is confidential, who is bound by the obligation, for how long, and what happens when someone breaches it. A poorly drafted one, or a generic template pulled from the internet, can be rendered unenforceable by an Indian court in less time than it took to sign. Treelife has drafted and reviewed hundreds of NDAs across employment, M&A, fundraising and vendor contexts; the pattern of failure is consistent: vague definitions, unreasonable durations and missing boilerplate clauses.

What is a Non-Disclosure Agreement?

A non-disclosure agreement (NDA), also referred to as a confidentiality agreement (CA), confidentiality disclosure agreement (CDA) or proprietary information agreement (PIA), is a contract under which one or more parties agree not to disclose specified information to anyone outside the agreement. The party sharing the information is the disclosing party. The party receiving it is the receiving party.

NDAs are enforceable in India under the Indian Contract Act, 1872, provided they satisfy the standard requirements for a valid contract: offer and acceptance, lawful consideration, free consent, competent parties and a lawful object. An NDA that imposes obligations contrary to public policy. For example, one that prevents an employee from earning a livelihood entirely, will not survive judicial scrutiny under Section 27 of the Indian Contract Act, 1872, which prohibits restraints on trade.

Key purposes and objectives of an NDA

The central function of an NDA is confidentiality. Beyond that, a well-structured NDA does four things:

• Protects intellectual property: trade secrets, patents, proprietary processes and software remain with the disclosing party.
• Establishes a basis for trust: parties entering a merger, acquisition, joint venture or fundraise can share sensitive data without losing control of it.
• Prevents competitive misuse: employees, contractors and partners cannot take your information to a competitor or use it for personal gain.
• Creates legal recourse: by specifying remedies including injunctions, damages and indemnification, the NDA gives the disclosing party an enforceable claim in the event of a breach.

Real-life examples of NDA use in business

NDAs appear at practically every inflection point in a business relationship:

1. Employment: Employers require NDAs to protect internal processes, client data and proprietary methods from being disclosed during or after the employment relationship.
2. Fundraising and investor discussions: A startup sharing its business model, financial projections and product specifications with a potential investor will execute an NDA before the pitch. Note the important caveat on investor NDAs discussed separately below.
3. Mergers and acquisitions: During due diligence, both sides exchange financial and operational data that would be damaging if disclosed to a competitor. NDAs are standard at the term sheet stage.
4. Technology and software: A tech startup sharing its algorithm or source code with a development partner, QA firm or marketing agency uses a unilateral NDA to prevent replication.
5. Vendor and supplier relationships: Pricing strategy, supply chain data and product designs shared with third-party vendors are covered by NDAs that survive the vendor relationship.
6. Freelance and consulting engagements: Freelancers with access to client data, business plans or creative work-in-progress sign NDAs before work commences.

NDA vs Non-Compete vs Confidentiality Clause: What is the difference?

This is one of the most common points of confusion founders raise. These are three distinct instruments, and conflating them leads to drafting errors and enforceability problems.

Instrument	Core obligation	Who it binds	Typical duration
Non-disclosure agreement (NDA)	Do not disclose specified information	Either or both parties	Fixed period or indefinite for trade secrets
Non-compete clause / agreement	Do not work for, or start, a competing business	Usually the receiving / departing party	Typically 1 to 2 years post-termination
Confidentiality clause	Do not disclose information (embedded within another contract)	Both parties to the parent contract	Duration of the parent contract, plus a tail

NDA vs confidentiality agreement: In practice these terms are used interchangeably, but technically a confidentiality agreement is a standalone document while a confidentiality clause is embedded within a larger contract (an employment agreement, a shareholder agreement or an MSA). A standalone NDA provides stronger protection because it can be enforced independently.

NDA vs non-compete: An NDA protects information. A non-compete restricts activity. Under Section 27 of the Indian Contract Act, 1872, post-employment non-competes are generally treated as void restraints on trade unless they are narrowly scoped in geography, duration and industry. An NDA, by contrast, is not considered a restraint on trade; it does not prevent someone from working, it prevents them from using or disclosing specific information while they do. The Supreme Court recognised this distinction in Niranjan Shankar Golikari v. Century Spinning & Manufacturing Co. Ltd. (1967), upholding the confidentiality component of an employment covenant while scrutinising the non-compete element separately.

An NDA can include a non-compete clause, but the two are legally distinct obligations with different enforceability standards. If you draft a clause that effectively prevents someone from practising their profession under the label of an NDA, Indian courts will look past the label.

Do investors in India sign NDAs?

This is a reality that many founders discover too late: most professional investors (venture capital firms, angel networks and family offices) will not sign an NDA before hearing your pitch.

The reasons are practical. An investor sees hundreds of pitches per year across overlapping sectors. Signing an NDA before each conversation creates two problems. First, it creates legal exposure even after the investor declines, and they cannot engage with a similar company without risking a claim. Second, it makes the investor legally responsible for proving, in every future investment decision in a related space, that they did not rely on your information. For a fund that sees ten drone-tech deals a year, that exposure is unacceptable.

What this means for founders:

• Before the pitch: Do not make an NDA a condition of the initial conversation. You will lose the meeting.
• At the due diligence stage: Once an investor has issued a term sheet or letter of intent and is conducting formal due diligence, an NDA (or a specific data room confidentiality undertaking) is standard and appropriate.
• Information you share in a pitch deck: Do not include trade secrets, patentable inventions or specific algorithms in a pitch deck that you share without an NDA. The deck should be compelling, not a complete technical specification.
• For strategic investors and corporates: Unlike financial VCs, corporate investors often agree to NDAs before exploratory conversations because they face greater reputational risk if seen to misuse a founder’s information.

The practical approach Treelife recommends: use a lightweight mutual NDA at the due diligence stage, not the pitch stage, and limit it to the specific categories of information you will share during that phase rather than a blanket all-information clause.

Types of non-disclosure agreements in India

Indian practice recognises three types of NDAs, each suited to a different relationship structure.

1. Unilateral NDA

A unilateral NDA is a one-way agreement where only one party discloses confidential information and only the other party carries the confidentiality obligation. This is the most common type in employment and vendor contexts.

When to use it:

• When a business shares proprietary information with an employee, contractor, freelancer or vendor who is not expected to share confidential information in return.
• When a startup shares its technology or business plan with a potential marketing or development partner.
• When sharing financial data or projections with a specific third party during fundraising due diligence.

Example: A SaaS startup shares its source code repository access with an offshore QA vendor under a unilateral NDA. The vendor receives the information; the startup does not.

2. Bilateral / Mutual NDA

A bilateral NDA, also called a mutual NDA or two-way NDA, binds both parties to confidentiality obligations because both parties share information with each other.

When to use it:

• Mergers, acquisitions and joint venture discussions where both parties conduct reciprocal due diligence.
• Strategic partnerships where both sides disclose business plans, financials or technology to assess fit.
• Pharmaceutical or research collaborations where both institutions share proprietary data.

Example: Two pharmaceutical companies co-developing a new therapeutic compound use a mutual NDA to protect each other’s research data and manufacturing processes throughout the collaboration.

3. Multilateral NDA

A multilateral NDA involves three or more parties and allows at least one party to disclose information that the remaining parties are bound to protect. It replaces multiple bilateral NDAs with a single document, reducing administrative overhead and the risk of inconsistent obligations.

When to use it:

• Consortiums or alliances in large infrastructure or government technology projects.
• Joint ventures with multiple institutional investors or promoters.
• Collaborative research between private companies and academic institutions.

Example: Four IT companies forming a consortium to bid for a government digital infrastructure contract execute a single multilateral NDA covering the technical specifications each company contributes to the joint proposal.

Essential clauses in an NDA

A well-drafted NDA is only as effective as the precision of its clauses. Indian courts evaluate NDAs on the reasonableness of their terms and the clarity of their definitions. Vague or overbroad clauses are a primary reason NDAs fail at the enforcement stage.

1. Confidentiality clause

The confidentiality clause is the operative heart of the NDA. It must do three things precisely: define what information is confidential, specify how it may be used, and prohibit all other uses and disclosures.

What to include:

• A specific definition of confidential information covering the categories relevant to your relationship (financial data, technical specifications, client information, business strategy, source code, and so on). The more detailed the definition, the harder it is for a receiving party to argue that a particular piece of information fell outside the scope.
• The permitted purpose: the exact reason the disclosing party is sharing the information. The receiving party may only use the information for this purpose.
• An explicit prohibition on disclosure to third parties without prior written consent.
• An obligation to take reasonable security measures to protect the information, equivalent to the measures the receiving party uses to protect its own confidential information, but not less than reasonable care.

Common drafting error: Defining confidential information as “all information shared between the parties” without category limitation. Indian courts have refused to enforce such blanket definitions on the ground that they impose disproportionate burdens and lack the certainty required by the Indian Contract Act, 1872.

How to mark and identify confidential information

The confidentiality clause should specify the mechanism by which information is identified as confidential. Oral disclosures create particular problems because they are difficult to prove. Best practice is to require:

• Written information to be marked “Confidential” or “Proprietary” at the time of disclosure.
• Oral disclosures to be summarised in writing and delivered to the receiving party within a specified period (typically 7 to 14 days) after the conversation, with a notation that the summary contains confidential information.
• Electronic disclosures (emails, shared drives, data rooms) to carry a confidentiality notice in the message or at the point of access.

These labelling requirements protect the disclosing party at the enforcement stage. Without them, a receiving party can argue credibly that they did not know a particular piece of information was meant to be confidential.

2. Non-compete clause

A non-compete clause in an NDA prevents the receiving party from using the confidential information to set up a competing business or to join a competitor. As noted above, this clause carries significant enforceability risk under Section 27 of the Indian Contract Act, 1872.

What to include:

• A clearly defined restricted activity (not a blanket prohibition on working in an industry).
• A specific geographic scope proportionate to where the disclosing party actually operates.
• A time-limited duration. Indian courts are more likely to uphold restrictions of 12 to 24 months than open-ended or indefinite restrictions.
• A nexus to the confidential information: the restriction should be tied to the use of the specific information disclosed, not to general competition.

A non-compete clause that prevents an employee from working in an entire industry will likely be struck down. A clause that prevents the receiving party from using your specific customer database to solicit your clients for a defined period is far more defensible.

3. Duration and scope of confidentiality

The duration clause specifies how long the confidentiality obligation lasts. Indian courts scrutinise unreasonably long durations as disproportionate restrictions.

Practical guidance on duration:

Information type	Recommended duration
General business strategy and plans	2 to 5 years from date of disclosure
Financial data and projections	2 to 3 years
Trade secrets (formulas, algorithms)	Indefinite
Personal data of clients or employees	Duration of relationship plus applicable statutory period
Pitch deck and due diligence materials	2 to 3 years

The scope should match the relationship. A vendor NDA covering a 6-month engagement should not carry a 10-year tail. A trade secret NDA covering a proprietary manufacturing process can legitimately be indefinite, because the trade secret itself has no natural expiry.

4. Exclusions from confidentiality

This clause defines the categories of information that fall outside the confidentiality obligation, protecting the receiving party from being bound by obligations that cannot be enforced.

Standard exclusions include:

• Information already in the public domain at the time of disclosure (or that enters the public domain after disclosure through no fault of the receiving party).
• Information the receiving party already knew before the disclosure, provable by written records.
• Information independently developed by the receiving party without reference to the disclosed information.
• Information lawfully received from a third party with no confidentiality restriction.
• Information required to be disclosed by law, court order or regulatory directive, subject to the receiving party giving the disclosing party notice as early as legally permissible so the disclosing party can seek a protective order.

5. Return and destruction of confidential information

This clause requires the receiving party to return or destroy all confidential information (including copies, notes and electronic records) when the NDA terminates or when the disclosing party requests it.

What to include:

• A specific timeframe for return or destruction (typically 7 to 30 days from the triggering event).
• A certification requirement: the receiving party must confirm in writing that all confidential information has been returned or destroyed.
• An exception for information required to be retained by law (some jurisdictions and regulatory frameworks require records to be kept for specified periods).
• Clarification that destruction of information does not release the receiving party from the confidentiality obligations that arose during the term.

This clause is often omitted from template NDAs. Its absence means that confidential information can remain in the receiving party’s possession indefinitely after the relationship ends, creating an ongoing risk of misuse or inadvertent disclosure.

6. Dispute resolution clause

The dispute resolution clause specifies how conflicts under the NDA will be resolved. For most commercial NDAs in India, arbitration is preferable to litigation for three reasons: it is faster, it can be kept confidential, and the parties can choose an arbitrator with relevant domain knowledge.

What to include:

• The method of dispute resolution: arbitration (preferred), mediation followed by arbitration, or court proceedings.
• If arbitration: the number of arbitrators, the appointing authority, the seat and venue, the governing procedural rules (typically the Arbitration and Conciliation Act, 1996 as amended), and the language of proceedings.
• The governing substantive law: Indian law for India-based parties. For cross-border NDAs, this requires careful thought (discussed separately below).
• The jurisdiction for any interim relief: even where arbitration is the primary mechanism, courts retain jurisdiction to grant interim injunctions under Section 9 of the Arbitration and Conciliation Act, 1996. Specify which court has this jurisdiction.

One important limitation: claims for specific performance of a contract cannot be heard by an arbitrator under Section 14 of the Specific Relief Act, 1963. If you anticipate needing a court order for specific performance, the dispute resolution clause must account for this by keeping that remedy available in civil court.

7. Indemnification clause

The indemnification clause requires the breaching party to compensate the disclosing party for losses arising from a breach. This includes direct losses (cost of replacing a client relationship, legal fees) and consequential losses (lost profits, lost opportunities).

What to include:

• The scope of indemnification: all losses, costs and damages including legal fees and court costs.
• Whether liquidated damages apply: a pre-agreed sum for certain categories of breach where actual damage is difficult to quantify. Indian courts will enforce liquidated damages clauses under Section 74 of the Indian Contract Act, 1872, provided the sum is a genuine pre-estimate and not a penalty. Excessive liquidated damages will be reduced by the court.
• The procedure for making an indemnification claim: notice requirements, time limits and documentation.

Boilerplate clauses every NDA must include

Most template NDAs omit the boilerplate provisions, the miscellaneous clauses at the back of the agreement that govern the contract’s overall integrity. Indian courts look at these clauses when an NDA is challenged, and their absence can make a technically sound confidentiality clause unenforceable.

Severability clause

A severability clause provides that if any provision of the NDA is found invalid or unenforceable by a court, the remainder of the agreement continues to be valid and enforceable. Without it, a court finding that a single overly broad clause is unenforceable could potentially void the entire agreement.

Waiver and reservation of rights

This clause states that a party’s decision not to enforce a particular breach at a particular time does not constitute a waiver of its right to enforce the same or similar breaches in the future. This matters in employment contexts where an employer may initially overlook a minor disclosure incident; the clause prevents the employee from arguing later that the employer has given up its rights.

Assignment clause

An assignment clause restricts either party from transferring its rights and obligations under the NDA to a third party without the other party’s written consent. This is particularly important in M&A transactions: if the company that signed the NDA is acquired, does the buyer inherit the NDA obligations? Without a clear assignment clause, this becomes a disputed question.

Entire agreement clause

The entire agreement clause (also called an integration clause) establishes that the NDA supersedes all prior discussions, representations and understandings between the parties on the subject of confidentiality. It prevents either party from relying on oral assurances made before the NDA was signed. This is standard protection against claims of misrepresentation based on pre-contract conversations.

Amendment clause

Specifies that the NDA can only be modified by a written instrument signed by both parties. This prevents informal email exchanges or verbal agreements from altering the NDA’s terms.

Legal validity of NDAs in India

Enforceability under the Indian Contract Act, 1872

For an NDA to be enforceable in India, it must satisfy the requirements of Section 10 of the Indian Contract Act, 1872:

• Lawful consideration: The NDA must not conflict with existing law or public policy.
• Free consent: All parties must agree without coercion, undue influence, fraud, misrepresentation or mistake.
• Competent parties: All parties must be of legal age (18 years) and of sound mind.
• Definite and certain terms: The NDA must clearly define confidential information, obligations and consequences of breach.

NDAs with clauses that are overly broad, indefinite in scope, or that effectively prevent a person from earning a livelihood will be challenged under Section 27 of the Indian Contract Act, 1872 (restraint of trade) or struck down for uncertainty.

NDA registration and stamp duty in India

NDAs are not required to be registered under the Registration Act, 1908; registration is optional. However, a registered NDA carries greater evidentiary weight in court proceedings because its execution and date are conclusively proven by the registration record.

Stamp duty applies to NDAs under the applicable State Stamp Act. Rates vary by state. In Maharashtra, for example, an NDA may attract stamp duty as an agreement under Article 5 of the Maharashtra Stamp Act, 1958, typically at Rs 500 to Rs 1,000 depending on the agreement’s structure. In Delhi, the equivalent article of the Indian Stamp Act, 1899 applies. An NDA that is inadequately stamped is inadmissible as evidence in court proceedings under Section 35 of the Indian Stamp Act, 1899, though it can be admitted after payment of the deficit stamp duty plus a penalty.

Practical point: For high-value or high-risk relationships, such as a critical technology partnership, an M&A transaction or an employment arrangement involving senior leadership: stamp and register your NDA. The cost is negligible relative to the enforceability risk.

Relevant case laws on NDA enforceability in India

Indian courts have developed a body of case law on NDA enforceability over the past five decades. Key rulings that inform current drafting practice:

Case	Court	Key principle
Niranjan Shankar Golikari v. Century Spinning & Manufacturing Co. Ltd. (1967)	Supreme Court	Confidentiality clauses in employment contracts are valid if reasonable and protective of legitimate business interests
Superintendence Company of India v. Krishan Murgai (1980)	Supreme Court	NDAs must balance business protection against an individual’s right to work
American Express Bank Ltd. v. Priya Puri (2006)	Delhi High Court	NDAs signed by employees are enforceable where information constitutes trade secrets or proprietary knowledge
Gujarat Bottling Co. Ltd. v. Coca-Cola Co. (1995)	Supreme Court	Courts can grant injunctions to prevent further disclosure of confidential information upon breach

The unifying principle across these decisions is reasonableness. The restriction must be proportionate to the legitimate interest being protected.

The Trade Secrets Bill, 2024: what it means for NDAs in India

In March 2024, the 22nd Law Commission of India released the Trade Secrets and Economic Espionage Report (Law Commission Report No. 289, 2024), along with a draft Protection of Trade Secrets Bill, 2024. This is the most significant development in Indian confidentiality law in decades, and it directly affects how NDAs should be drafted.

What the Bill proposes

The Protection of Trade Secrets Bill, 2024 proposes a standalone statutory framework for trade secret protection in India, something that does not currently exist. Until this Bill becomes law, trade secrets in India are protected only through contract (the NDA) and through general equitable principles. There is no dedicated trade secrets statute.

The Bill proposes that information qualifies as a protectable trade secret if it meets all four of the following criteria:

1. It is not generally known or readily accessible to persons in the relevant industry or business.
2. It has commercial value by reason of its secrecy.
3. The holder has taken reasonable steps to keep it secret.
4. Disclosure is likely to cause damage to the holder.

Why this matters for your NDA right now

Even though the Bill has not yet been enacted (as of May 2026, it remains under consultation), its criteria represent the standard Indian courts are already applying informally. An NDA that does not support these four criteria will struggle in enforcement.

Concretely, this means:

• Your NDA must contain language showing that you treated the information as secret and took active steps to protect it. A confidentiality clause that simply labels everything as “confidential” without specifying protective measures is insufficient.
• The “reasonable steps” requirement is best met by the combination of a well-drafted NDA, physical and electronic access controls, and the marking/labelling procedures described above.
• The “commercial value” requirement supports having a specific recitals clause in the NDA that acknowledges the information’s commercial value and the potential harm from disclosure.

Note on legislative status: The Protection of Trade Secrets Bill, 2024 is still under consultation. Monitor updates from the Ministry of Commerce and Industry and verify the current status with a legal adviser before structuring your protection strategy around its specific provisions.

Breach of NDAs: Consequences and remedies

Common types of breaches

NDAs are legally binding contracts that ensure the confidentiality of sensitive information. NDA breaches fall into two broad categories:

Intentional breach: The receiving party deliberately discloses or uses confidential information for an unauthorised purpose. Common examples include an employee sharing a client list with a competitor employer, a vendor replicating a proprietary product design, or a partner disclosing deal terms to the press before a transaction is public.

Accidental breach: A breach caused by negligence rather than intent. Sending confidential information to the wrong email address, leaving a laptop with an unlocked data room session in a public space, or failing to revoke access credentials when a contractor’s engagement ends. Courts treat accidental breaches more leniently when assessing damages but still find liability where reasonable precautions were not taken.

What information does the court require to establish a breach?

The burden of proof lies with the disclosing party claiming breach. To succeed, the claimant must establish:

• The information was confidential and fell within the NDA’s definition.
• The receiving party was aware of the confidentiality obligation.
• The information was disclosed or used in a manner prohibited by the NDA.
• The breach caused or is likely to cause damage to the disclosing party.

Evidentiary difficulties are one of the most common reasons NDA claims fail. If you cannot trace the information back to the specific disclosure made under your NDA (because the definition was too broad, because you did not mark the information as confidential, or because you cannot show the receiving party actually had access), the case weakens substantially.

Legal remedies for breach of an NDA in India

1. Injunctions

An injunction is an order from a court directing the breaching party to stop the unauthorised disclosure or use of confidential information. It is the most time-sensitive remedy because it prevents ongoing and future harm.

• Interim injunction: available under Order XXXIX Rules 1 and 2 of the Code of Civil Procedure, 1908, and Section 9 of the Arbitration and Conciliation Act, 1996. Granted on an urgent basis where the court is satisfied that (a) there is a prima facie case, (b) the balance of convenience favours the applicant, and (c) irreparable harm will result if the injunction is not granted.
• Perpetual injunction: granted at the conclusion of a full hearing under Section 38 of the Specific Relief Act, 1963. Permanently restrains the defendant from disclosing or using the confidential information.

The NDA itself should include a clause explicitly acknowledging that a breach will cause irreparable harm and that the disclosing party is entitled to seek injunctive relief without proof of monetary damage. Courts rely on this acknowledgment when deciding whether to grant an interim injunction.

2. Damages and indemnification

• Compensatory damages: calculated on the actual financial loss suffered. If a client relationship was lost because of the breach, the revenue from that relationship is the measure.
• Consequential damages: losses that flow indirectly from the breach: lost business opportunities, cost of rebuilding a competitive position, reputational damage quantified through lost contracts.
• Liquidated damages: where the NDA specifies a pre-agreed amount for breach, enforceable under Section 74 of the Indian Contract Act, 1872. The court retains discretion to reduce the amount if it is disproportionate to the actual harm.

3. Criminal remedies under the IT Act, 2000

Where confidential information is obtained through or stored in a computer resource, criminal liability may arise under Section 72A of the Information Technology Act, 2000. Section 72A provides for imprisonment of up to 3 years or a fine of up to Rs 5 lakhs, or both, for the unlawful disclosure of information obtained in the course of providing services under a contract. This provision is directly relevant to technology companies where confidential data is exchanged through digital platforms, data rooms or cloud systems.

4. Specific performance

Where a party is required by the NDA to perform a specific obligation, for example returning all confidential documents; a court can order specific performance under Section 10 of the Specific Relief Act, 1963. Note that, as mentioned above, this remedy must be pursued through civil court rather than arbitration.

Step-by-step process to enforce an NDA in India

When a breach occurs or is suspected, the following sequence protects your position and maximises the chance of a successful outcome.

Step 1: Identify and document the breach

Gather all evidence of the breach before taking any external action. This includes internal access logs, email records, communication timestamps, third-party reports of disclosure, and any products or materials that appear to incorporate your confidential information. Document the chain of access: who had access to the information, when, and through what mechanism.

Step 2: Preserve evidence

Take steps to ensure that evidence is not deleted or altered. This may include preserving digital records, taking screenshots of relevant communications, and formally notifying your IT team to maintain server logs. If the breach involves electronic records, consider engaging a digital forensics professional early.

Step 3: Send a cease and desist notice

A formal cease and desist letter from a lawyer puts the breaching party on notice and serves as the first step in most enforcement procedures. The letter should:

• Identify the specific NDA and the clause breached.
• Describe the breach with particulars.
• Demand cessation of all further disclosures within a specific deadline (typically 7 to 14 days).
• Demand return or destruction of all confidential information.
• Reserve all legal rights and remedies.

A well-drafted cease and desist often resolves the matter without litigation, particularly where the breaching party’s action was accidental or where they understand the legal exposure they face.

Step 4: Apply for an interim injunction

If the breach is ongoing or imminent and the cease and desist has not produced compliance, apply immediately to the appropriate civil court or, if arbitration is the agreed mechanism, apply to the arbitral tribunal or to a civil court under Section 9 of the Arbitration and Conciliation Act, 1996 for urgent interim relief. Speed is critical: delay in seeking an injunction can be interpreted by the court as evidence that the harm is not truly irreparable.

Step 5: Initiate formal dispute resolution

File for arbitration (or commence litigation) as specified in the NDA’s dispute resolution clause. At this stage, pursue both injunctive relief and damages. Engage a lawyer with experience in confidentiality and commercial contract disputes.

Step 6: Quantify and claim damages

Once interim relief is secured, build the damages case. This requires documentary evidence of the financial loss caused by the breach: lost contracts, cost of business interruption, expert valuation of the compromised information, and so on. Consequential and reputational damages are harder to quantify but can be included in the claim.

Cross-border NDA enforcement: what happens with international parties?

As Indian businesses increasingly work with foreign investors, technology partners and vendors, cross-border NDA enforcement has become a practical concern that most template agreements do not address.

Key issues in cross-border NDAs

Conflict of laws: When parties are in different countries, a dispute immediately raises the question of which country’s law governs and which court has jurisdiction. Without a clear governing law clause and jurisdiction clause, the parties may spend as long arguing about where to fight the case as they do fighting the case itself.

Enforcing Indian judgments abroad: India is not a party to a general multilateral treaty on the mutual enforcement of civil judgments. An Indian court judgment is enforceable in another country only if that country’s domestic law recognises Indian court judgments, which many jurisdictions do not automatically. This makes arbitration significantly more practical than litigation for cross-border NDAs: an arbitral award made in India under the Arbitration and Conciliation Act, 1996 is enforceable in all countries that are signatories to the New York Convention on the Recognition and Enforcement of Foreign Arbitral Awards, 1958 (India acceded to the New York Convention in 1960).

Varying standards of NDA enforcement: What constitutes a trade secret, what level of reasonable protection is expected, and what remedies are available vary significantly across jurisdictions. A clause that would be enforceable in India may be unenforceable in the United States, the European Union or Singapore, and vice versa.

Best practices for cross-border NDAs

• Specify a neutral governing law if one party’s home jurisdiction would be perceived as advantageous. Singapore law, English law and Indian law are all commonly used for India-linked cross-border transactions.
• Choose arbitration with a seat in a New York Convention signatory country (Singapore, London and Mumbai are common for India-connected deals).
• Specify the currency in which damages will be calculated, to avoid disputes about exchange rate movements.
• For NDAs involving personal data of EU residents, ensure the agreement complies with the General Data Protection Regulation (GDPR) obligations in addition to India’s Digital Personal Data Protection Act, 2023 requirements.
• If FEMA, 1999 is relevant (for example, where the disclosing party is sharing financial information as part of a proposed foreign direct investment), consult on whether any information-sharing obligations interact with RBI reporting requirements.

Common mistakes that cost businesses their NDA protection

Mistake 1: Using a generic template without customisation

A template NDA found online defines confidential information as “all information shared between the parties.” An Indian court reviewing a breach claim under this definition will likely find it unenforceable for vagueness. Every NDA must be customised to the specific relationship, the specific categories of information, and the specific risks involved.

Mistake 2: Setting an unreasonable duration

An NDA with a 10-year confidentiality period for routine business strategy information will be challenged as disproportionate. Duration must be calibrated to the sensitivity and commercial shelf life of the information. Trade secrets can be indefinite. Business plans shared during a failed acquisition discussion should carry a 2 to 3 year tail, not a perpetual obligation.

Mistake 3: Failing to mark information as confidential

The NDA says information must be marked as confidential at disclosure, but the disclosing party sends emails and shares documents without any confidentiality notice. At the enforcement stage, the receiving party argues that the particular documents were never marked and therefore fell outside the NDA. The court has to determine this on the facts; an entirely preventable dispute.

Mistake 4: Ignoring stamp duty

A founder presents an unsigned NDA at a court hearing and the court asks for the stamped original. The NDA was signed on plain paper. The document is inadmissible until deficit stamp duty and penalty are paid under Section 35 of the Indian Stamp Act, 1899, causing delay in urgent injunction proceedings. For any material NDA, stamp it appropriately under the relevant State Stamp Act before or at the time of signing.

Mistake 5: Forgetting the return-of-information clause

The NDA expires after three years. The receiving party still has access to a shared Google Drive folder containing financial models, client data and product specifications. Because the NDA had no return-or-destroy clause, the disclosing party has no contractual basis to demand the information back. This is a gap that leaves confidential information permanently exposed.

Importance of customised NDAs for businesses

A generic NDA creates a false sense of protection. It signals that confidentiality matters without actually creating an enforceable obligation tailored to the specific risk. Customised NDAs do five things a template cannot:

• They define confidential information precisely enough to survive a definitional challenge in court.
• They calibrate the duration to the actual commercial lifespan of the information being protected.
• They include the specific exclusions and carve-outs relevant to the relationship, reducing the risk of overclaiming and thereby weakening the enforceability of the core obligation.
• They specify the right dispute resolution mechanism for the relationship: arbitration for commercial disputes, court proceedings where specific performance or injunctions are the primary remedy sought.
• They address the operational mechanics: labelling, return of information, access controls and audit rights, which are the provisions that actually prevent breaches rather than just providing recourse after one.

Context-specific NDA types Treelife recommends

Relationship type	Key tailoring requirements
Employee NDA	Post-employment confidentiality tail, non-compete scope, return of company devices and data
Investor / fundraising NDA	Limited to due diligence phase, specific data room categories, acknowledgment of investor’s cross-portfolio obligations
Vendor / supplier NDA	Data security standards, audit rights, sub-contractor restrictions, return or destruction on contract end
Technology partner NDA	Source code handling, IP ownership, permitted use of outputs, restriction on reverse engineering
M&A due diligence NDA	Standstill provisions, permitted disclosure to advisers, handling of publicly available information, governing law for cross-border

NDA template format for India

Overview of an NDA template

An NDA template provides the structural framework for a confidentiality agreement. Every NDA in India must include the elements listed below at minimum. The template is a starting point, not a substitute for legal advice tailored to your specific relationship.

Download the Treelife NDA template here

Key elements to include in an NDA

Parties to the agreement Full legal name, registered address, and designation (disclosing party / receiving party / both) for each signatory. For multilateral NDAs, list all parties.

Recitals A brief preamble explaining the background and purpose of the agreement: why the parties are entering into it and what relationship the NDA supports.

Definition of confidential information Specific categories of information covered. The more detailed, the more enforceable.

Permitted purpose The exact reason the disclosing party is sharing the information. The receiving party may only use the information for this purpose.

Obligations of the receiving party Prohibition on disclosure, obligation to protect with reasonable care, obligation to limit internal access to those who need to know.

Exclusions from confidentiality Public domain, prior knowledge, independent development, lawful third-party disclosure, legal compulsion.

Duration The confidentiality period, differentiated by information type where relevant.

Return or destruction of information Timeframe, certification requirement, exception for legally required retention.

Remedies Injunctive relief entitlement, liquidated damages, indemnification scope.

Dispute resolution and governing law Method, seat, governing law, language, and court jurisdiction for interim relief.

Boilerplate Severability, waiver, assignment, entire agreement, amendment.

Execution Signatures, dates, witness or notarisation where required by the context.

FAQs on non-disclosure agreements in India

Q: What is a non-disclosure agreement and why does a business need one?
A: An NDA is a legally binding contract under the Indian Contract Act, 1872 that obliges one or more parties to keep specified information confidential. A business needs one any time it shares information that has commercial value and is not public, such as before a pitch, during due diligence, at the start of an employment relationship or when engaging a vendor with access to internal systems or data.

Q: Are NDAs legally enforceable in India?
A: Yes, NDAs are enforceable in India under the Indian Contract Act, 1872, the Specific Relief Act, 1963, and related statutes. Courts uphold them provided the terms are reasonable, the definition of confidential information is sufficiently precise, and the duration is proportionate to the information’s sensitivity. Overly broad or indefinite clauses are at risk of being struck down.

Q: What is the difference between a unilateral and a mutual NDA?
A: A unilateral NDA binds only the receiving party to confidentiality obligations. A mutual NDA binds both parties because both are sharing confidential information with each other. Use a mutual NDA for M&A discussions, joint ventures and strategic partnerships. Use a unilateral NDA for employee, vendor and consultant relationships where information flows in one direction.

Q: Can an NDA prevent an employee from joining a competitor in India?
A: Not through the NDA alone. An NDA prevents the employee from using or disclosing your confidential information, but it does not restrict them from working for a competitor. A separate non-compete clause may restrict competitive activity, but post-employment non-competes face significant enforceability challenges under Section 27 of the Indian Contract Act, 1872, and must be narrowly scoped in duration, geography and restricted activity to have any chance of being upheld.

Q: How long can an NDA last in India?
A: There is no statutory maximum. Duration should match the commercial lifespan of the information. Business strategy and financial data: 2 to 5 years. Trade secrets (algorithms, formulas, manufacturing processes): indefinite. Indian courts have shown willingness to scrutinise and reduce perpetual obligations for non-trade secret information.

Q: Does an NDA need to be registered or stamped?
A: Registration under the Registration Act, 1908 is optional but strengthens evidentiary value. Stamp duty under the applicable State Stamp Act is required for admissibility in court under Section 35 of the Indian Stamp Act, 1899. An unstamped NDA can still be admitted after paying deficit duty plus penalty, but this causes delay in urgent proceedings. For material relationships, stamp the NDA before signing.

Q: What happens if someone breaches an NDA in India?
A: The remedies available include: (a) injunctions under Order XXXIX of the Code of Civil Procedure, 1908 and Section 38 of the Specific Relief Act, 1963; (b) damages including compensatory and consequential losses; (c) liquidated damages if specified in the NDA under Section 74 of the Indian Contract Act, 1872; (d) criminal penalties under Section 72A of the Information Technology Act, 2000 where digital information is involved (imprisonment up to 3 years or fine up to Rs 5 lakhs); and (e) specific performance under Section 10 of the Specific Relief Act, 1963.

Q: What is the Trade Secrets Bill, 2024 and how does it affect NDAs?
A: The Protection of Trade Secrets Bill, 2024, included in the 22nd Law Commission’s Report No. 289 (March 2024), proposes a standalone statutory framework for trade secret protection in India. It sets out four criteria for information to qualify as a protectable trade secret: it must not be publicly known, it must have commercial value by reason of its secrecy, the holder must have taken reasonable steps to protect it, and its disclosure must be likely to cause harm. While the Bill is not yet enacted, courts are already applying these criteria informally. NDAs should be drafted to support all four requirements.

Q: Will an Indian investor sign an NDA before a pitch?
A: In most cases, no. Professional investors see this as creating unacceptable legal exposure across their deal pipeline. Use the pitch stage to share your vision and market thesis, not your proprietary technology or formulas. Reserve the NDA for the formal due diligence stage when the investor has expressed serious interest and you are sharing specific financial data, technical architecture or client information.

Q: How do NDAs work in cross-border transactions?
A: For cross-border NDAs, the governing law and dispute resolution clauses are critical. An Indian court judgment may not be enforceable abroad, so arbitration under the New York Convention framework (Arbitration and Conciliation Act, 1996) is strongly preferred. Choose a neutral governing law and arbitration seat that both parties recognise. For NDAs involving EU personal data, GDPR compliance requirements layer on top of the Indian law framework.

Q: What is the difference between an NDA and a confidentiality clause?
A: An NDA is a standalone contract. A confidentiality clause is a provision embedded within a larger agreement (an employment contract, shareholder agreement or service agreement). A standalone NDA can be enforced independently of any other relationship. An embedded confidentiality clause is enforced as part of the parent agreement and its survival after termination of the parent contract depends on whether the agreement includes a survival clause covering the confidentiality provision.

Q: How much does it cost to get an NDA drafted in India?
A: Template-based NDAs are available for Rs 0 to Rs 8,000 from online platforms but are not suited for complex or high-value relationships. Lawyer-drafted NDAs from a specialised firm cost between Rs 8,000 and Rs 1,00,000 depending on complexity, the nature of the relationship and the information being protected. Review of a counterparty’s NDA before signing typically costs Rs 10,000 to Rs 50,000.

Q: What is the first step if I suspect my NDA has been breached?
A: Document and preserve all evidence of the breach before taking any external action. Once your evidence is secure, have your lawyer send a formal cease and desist notice to the breaching party identifying the specific breach and demanding cessation and return of information within a defined deadline. If the breach is ongoing, apply immediately for an interim injunction. Do not wait: delay in seeking injunctive relief is held against the applicant on the basis that the harm cannot have been truly irreparable.

Regulatory references

• Indian Contract Act, 1872: Sections 10, 27, 74
• Specific Relief Act, 1963: Sections 10, 14, 38
• Arbitration and Conciliation Act, 1996 (as amended): Sections 9, 34, 36
• Code of Civil Procedure, 1908: Order XXXIX Rules 1 and 2
• Information Technology Act, 2000: Section 72A
• Indian Stamp Act, 1899: Section 35
• Registration Act, 1908
• Digital Personal Data Protection Act, 2023
• Law Commission of India, Trade Secrets and Economic Espionage, Report No. 289 (March 2024)
• Protection of Trade Secrets Bill, 2024 (draft, under consultation)

External sources

• Ministry of Law and Justice: lawmin.gov.in
• Law Commission of India: lawcommissionofindia.nic.in
• Ministry of Commerce and Industry: commerce.gov.in
• Ministry of Corporate Affairs: mca.gov.in