You’ve had some preliminary conversations with a potential business partner. You’re ready to start discussing sensitive product details and pricing, so you send them your standard NDA template. But they respond saying they can only sign their own NDA – “Could you just sign our NDA instead?”  You take a look at the pdf they have attached. Three to four pages of dense, legal mumbo jumbo. Should you sign it or not? What are the potential pitfalls?

This is a pretty common scenario. Both parties in a negotiation have strong incentives to use their own standard form. It means you don’t have to worry about what you’re signing up to – you can trust the terms your lawyer prepared earlier. You also don’t have to pay a lawyer to review the document.

Approaching the review

Eventually someone has to blink though, otherwise you’ll never progress to an actual deal. No matter how good you are at manoeuvring in these early stages, at some point everyone needs to review the other side’s template, as painful as this can be. To get the best answer, you can send it to your lawyer to review. However, getting a response may take some time (if you have an in house team) or be expensive (if you pay for an external lawyer). This guide explains how to approach the review yourself (in the same way your lawyer would) and either avoid or minimise the need to wait for that legal advice.

The first step is to identify the commercial positions the other party has proposed and decide if you agree to them. For example, is it a one-way or a mutual NDA? Does it protect just written information or anything intended to be confidential? You can find out more detail on common commercial positions in section 4. It can be a little hard to identify the positions at first, but if you take your time and read the document carefully it should be possible to work them out.

As well as understanding the positions, you should also check for red flags. That is, unusual or inappropriate terms that could have wider implications. If you spot any of these, the document is not a “standard NDA” and you shouldn’t sign it without legal advice on those provisions. Four red flags you should look out for are described below.


An NDA should be confined to the disclosure of confidential information. That is what makes it a non disclosure agreement. Any document that purports to be an “NDA” but contains substantive obligations about intellectual property (e.g. stating that anything discussed will be jointly owned) should be a red flag.

It is fine to clarify that each party owns their own intellectual property and that nothing is being transferred as part of the NDA. But if you go beyond that into assigning existing intellectual property or prescribing joint ownership of newly created IP etc, then you are talking about a more far-reaching form of agreement. For example, a trial agreement, services agreement, or broader commercial or R&D partnership.

It’s fine to do those sorts of deals, but you probably need to think through some wider considerations before agreeing those terms. It isn’t usually appropriate to set those arrangements up under an NDA.


In a commercial agreement it is reasonably common to include a limitation on liability.  For example, if I am selling you services worth $1m a year, it would be fairly common to limit my liability to you to a percentage of those fees (e.g. $1.5m).

However, it is unusual to limit liability under an NDA. And unusual to limit your liability for a breach of confidentiality in general.  Even in the commercial agreement example, confidentiality is generally excluded from the liability cap. If an NDA template does contain a cap on liability, that is an unusual clause that warrants a more thorough legal review.


The opposite extreme is to specify in the NDA exactly how much a party should pay if they breach the NDA. For example, if you disclose my confidential information, you will have to pay $1m.

Agreeing these types of clauses is a legal tight-rope at the best of times. In the common law tradition it is illegal to agree a “penalty” in a contract (that is, “if you breach this contract, you will pay me $10 million dollars, no matter what”). A penalty is not enforceable - and should not be included in any contract. Courts have a complex process of assessing the damages a party must pay for breaching a contract. This is closely tied to the actual losses suffered as a result of the breach, not arbitrary amounts intended to penalise non-compliance. The exception to this is that it is possible to agree “liquidated damages”, provided these are a genuine pre-estimate of the losses a party will actually suffer in the event of a breach.

Because of this complexity, liquidated damages clauses are fraught with difficult and usually heavily negotiated. Often they are used to manage delay in construction or IT projects, where an amount per day of delay is included, sometimes capped at a total figure which is some percentage of the overall liability cap.

These mechanisms are unusual and not appropriate in an NDA. There is no framework for fleshing out the details of a breach or justifying in advance what actual losses would be in such a simple short form agreement with no associated transaction attached to it (it will usually depend on exactly what gets disclosed and to who etc). Even in larger more complex agreements, liquidated damages seldom apply to breaches of confidentiality. Trying to this in a short NDA is particularly problematic.


An indemnity is a contractual obligation to pay money. Lawyers like them because it can be easier to make a claim under an indemnity than for breaching a standard contractual obligation. You can also vary the normal rules about the types of losses available to claim.

However, that is not good news for the party giving the indemnity. And if you’re reviewing a third party’s standard document, then it is highly likely that you will be the one giving the indemnity. There is not generally a good reason for parties to give an indemnity under an NDA and it is definitely something that warrants more careful consideration and legal advice.

If you spot an unusual or inappropriate clause like those above, you can use that as a good reason to propose starting a different template altogether. That is, you only want to agree to a standard NDA that deals with confidentiality and not the unusual or inappropriate obligation. It is much faster and easier to start from a different template, than to get your lawyer to draft bespoke amendments, which the other side’s lawyer will then have to review (and probably find some issue with).

It may still be hard to talk the other side into a complete U-turn to use your organisation’s template (although by all means try), so a good solution can be to propose a neutral third party template. For example, a standard non-disclosure agreement published by a law firm, a traditional document automation provider's NDA, or from a service like Haggle.

If you can’t persuade them to start from a fresh starting point, then it is probably important to send the document to your lawyer for a full review. They can look at the clause more closely and suggest specific amendments if needed.

Commercial strategy and approach

In most cases, the outcome you are looking to achieve with an NDA is to quickly record the confidentiality obligations so you can get on with your primary goal (the eventual deal). Whether you are preparing an NDA from your own template or reviewing someone else’s NDA, it is usually a mistake to over-optimise for legal terms.

A good NDA is a clear confirmation of confidentiality obligations, with no unexpected or onerous clauses, that can be agreed as quickly as possible. In most cases it is not the best use of time to tailor every clause to your scenario - avoid templates that require this. It just delays the eventual deal and only marginally (if at all) improves your legal position.

Complex situations involving multiple parties, nuanced information categories and different usage rights may require bespoke drafting and substantive legal advice. But these situations are the exception, and in most cases getting in place a few key variables into an otherwise standard agreement is all that is required.

This is not to say that you should agree to every NDA put in front of you. Unless you know where an NDA came from, you won’t know whether it was prepared with the above rationale in mind or has been more carefully tailored to achieve some other purpose. It is important to read a third party NDA closely to make sure it reflects commercial positions you agree with (see section 4) and that there are no unusual or inappropriate terms (see section 4).

If inappropriate commercial positions or onerous clauses are included though, it can often be faster to address that issue by using an alternative template, rather than making bespoke changes to the NDA.  For example, turning a one way NDA into a mutual NDA is quite fiddly and involves a fair bit of legal drafting.  Much faster to just start from an alternative template.  Same reasoning applies to NDAs with onerous clauses, or that contain other positions you don’t agree with.  Starting from a different template (particularly one your lawyers are already happy with) can be done without any delay and purely by commercial managers, without having to wait for legal advice at all.

Only as a last resort should you look to go down the bespoke drafting route, as this potentially traps you in a mutual legal review scenario - where both parties’ lawyers need to review and get comfortable with bespoke language.

Learn more about NDAs and how to draft, review and negotiate them in practice in our free online course:

Start free training!