How to Write an NDA: Step-by-Step Guide for Enforceable Agreements

Get a Demo

Subscribe to our Newsletter

How to Write an NDA Header Banner
  • Last Updated: Feb 06, 2026
  • 15 min read
  • Arpita Chakravorty

The $500K Mistake That Changes How You Should Think About NDAs

A tech founder recently shared a story that reveals why most DIY NDAs fail silently. She crafted what seemed like an airtight agreement with a potential investor using a template she found online. Six months later, the investor funded a competitor with strikingly similar technology—information only disclosed during confidential meetings.

When she consulted a lawyer about enforcement, the verdict was devastating: her NDA was technically unenforceable because she’d defined “Confidential Information” so broadly that it included information the investor could reasonably obtain independently.

Courts won’t enforce agreements that are overly restrictive or vague.

This is the paradox of NDA writing: the agreements people think are strongest are often the weakest in court. The real skill isn’t filling blanks in a template—it’s knowing how to structure and draft clauses so an NDA actually holds up when tested.

So how do you actually write an NDA that protects your business instead of creating false comfort?

How to Write an NDA: A Practical Framework

Writing an NDA is not about copying a template—it’s about structuring clauses so the agreement is clear, enforceable, and workable in real business situations.

A strong NDA follows a predictable drafting sequence. Writing clauses in this order ensures clarity and reduces negotiation friction.

Step 1: Identify the Parties and Purpose

Start by clearly naming who is bound by the agreement and why information is being shared.

Specify:

  • Legal names of both entities or individuals
  • Addresses or incorporation details if relevant
  • Who is the Disclosing Party and who is the Receiving Party
  • The purpose of discussions or collaboration

Example purpose language:

“The parties wish to evaluate a potential business relationship and may disclose confidential information in connection with these discussions.”

Clarity here prevents disputes over who is responsible in case of breach.

Understand the Purpose of NDA and how it protects sensitive business information while enabling safe collaboration and negotiations between parties.

Step 2: Define Confidential Information Carefully

This is the most critical drafting step.

Avoid vague definitions such as:

“All information shared during discussions.”

Instead, describe categories of protected information, such as:

  • Technical information
  • Product plans
  • Financial data
  • Customer information
  • Business strategies
  • Proprietary processes

Then explicitly exclude information that cannot legally be protected:

  • Information already public
  • Information already known to the receiving party
  • Independently developed information
  • Information legally obtained from third parties

Without exclusions, NDAs risk becoming unenforceable.

Step 3: Specify Obligations of the Receiving Party

Next, define how confidential information must be protected.

The standard enforceable obligation is:

“Receiving Party shall use commercially reasonable care to protect Confidential Information.”

This means the recipient must protect the information with the same level of care used for its own sensitive information.

Avoid unrealistic standards that courts may reject as excessive.

Step 4: Define Permitted Disclosures

Business operations require limited sharing.

Your NDA should allow disclosure:

  • To employees or contractors on a need-to-know basis
  • To professional advisors such as lawyers and accountants
  • When disclosure is legally required

Requiring confidentiality commitments from internal recipients preserves protection while allowing normal operations.

Step 5: Set Duration of Confidentiality

Confidentiality cannot reasonably last forever for normal business data.

Typical terms:

  • 2–5 years for commercial information
  • Longer protection for trade secrets

State clearly when obligations begin and end.

Example:

“Confidentiality obligations survive for three years from disclosure.”

Step 6: Define Remedies for Breach

Explain what happens if confidentiality is violated.

Rather than relying only on lawsuits, agreements typically allow:

  • Injunctive relief
  • Monetary damages
  • Negotiated remedies
  • Cease-and-desist actions

Balanced enforcement language improves agreement acceptance.

Step 7: Add Standard Legal Clauses

Finally, include standard contract provisions such as:

These clauses prevent technical disputes later.

Step 8: Review for Practicality Before Signing

Before finalizing the NDA, check:

  • Are definitions clear and realistic?
  • Can both sides comply operationally?
  • Are obligations enforceable?
  • Does the term align with business needs?

If an NDA is impractical to follow, it is unlikely to protect you when needed.

Once the core clauses are drafted, the next question is structural: should the agreement protect one party’s information or both?

Unilateral vs. Mutual NDAs: Choosing the Right Structure

Once you’ve drafted the core clauses, the next decision is structural: should the NDA protect only one party’s information or both?

The answer depends not on legal preference but on how information flows between the parties.

A unilateral NDA protects information disclosed by only one party. The receiving party agrees to maintain confidentiality, while the disclosing party carries no equivalent obligation.

This structure works well when disclosure flows primarily in one direction, such as:

  • Employee or contractor onboarding
  • Vendor engagements
  • Investor pitches using standard investor NDAs
  • Situations where only one side shares sensitive data

A mutual NDA, by contrast, protects both parties. Each side agrees to safeguard the other’s confidential information.

This format is common in:

  • Partnership or collaboration discussions
  • Joint ventures
  • Technology or product integrations
  • Commercial negotiations where both sides share proprietary information

However, mutual NDAs introduce complexity. Both parties must align on definitions, care standards, and disclosure rights. Negotiations often slow down when each side tries to adjust protections to its advantage.

A Practical Decision Rule

  • Use a unilateral NDA when only one party is meaningfully disclosing sensitive information.
  • Use a mutual NDA when both sides are likely to exchange proprietary or strategic information.
  • If the situation is unclear, starting with a mutual NDA often signals cooperation and avoids renegotiating structure later.

In practice, the best NDA structure is simply the one that reflects how information will actually flow between the parties.

But even a perfectly structured NDA can miss modern risks if clauses don’t evolve with how information is used today.

But even a perfectly structured NDA can miss modern risks if clauses don’t evolve with how information is used today.

Learn when to use a Mutual vs Unilateral NDA to ensure confidentiality obligations match how sensitive information flows between parties.

The Modern Risk: AI and Data Protection

Traditional NDA templates were written for a world where confidential information was shared between people—not absorbed into AI systems.

Today, that assumption no longer holds.

A vendor, partner, or service provider may receive your customer data, pricing models, or product roadmap under an NDA. That same information could then be used—intentionally or unintentionally—to train internal AI tools or machine learning models.

At that point, your confidential information may become embedded in systems that generate outputs across multiple users or clients. Whether this constitutes an NDA breach remains legally unsettled, as courts are still catching up to AI-driven data usage.

The Practical Fix

Modern NDAs increasingly include language restricting AI training use, such as:

“Receiving Party shall not use Confidential Information to train, fine-tune, or otherwise develop machine learning models or artificial intelligence systems without Disclosing Party’s prior written consent.”

This clause does not block legitimate collaboration—it simply ensures sensitive data is not reused in ways never contemplated when traditional NDA templates were created.

Before sending an NDA for signature, it’s worth running one final quality check.

Before You Send: The Pre-Flight Checklist

  1. Rewrite the definition of Confidential Information in 25 words. If you can’t summarize it plainly, it’s too vague.
  2. List the four exclusions explicitly. Don’t assume courts will read them in.
  3. Choose your care standard: commercially reasonable or best efforts? Pick one and stick with it.
  4. State the term clearly. “This obligation survives for 3 years from disclosure” removes ambiguity.
  5. Identify permitted disclosures. Lawyers, regulators, and employees—be specific.
  6. Add the AI clause if data security matters to your business.

Once your NDA is properly drafted, the next challenge is making sure it actually gets followed.

Your Next Step

Writing an effective NDA requires understanding that templates are starting points, not finished products. The strategic decisions—what to protect, for how long, and under what standard—must reflect your organization’s actual risk profile.

But once NDAs begin to scale across departments and partners, the real challenge shifts from “How do I write one?” to “How do I track obligations and ensure compliance across all of them?”

This is where structured contract compliance frameworks—and modern Contract Lifecycle Management platforms such as Sirion—become critical. These systems help organizations centralize agreements, track confidentiality obligations, monitor expiration dates, and maintain visibility across thousands of contracts.

Discover why teams rely on the Most efficient CLM software for Managing NDAs and Vendor Agreements to centralize contracts, track obligations, and maintain compliance at scale.

A practical starting point is documenting your current NDAs: who signed them, what information is protected, when obligations expire, and what disclosures are permitted.

The difference between an NDA that sits forgotten in a folder and one that actually protects your business often comes down to the difference between simply writing contracts and actively managing them.

FAQs: Common Questions About Writing NDAs

About the author
How to Write an NDA Header Banner

Arpita Chakravorty

SEO Content Strategist and Growth Marketing for Sirion

Arpita has spent close to a decade creating content in the B2B tech space, with the past few years focused on contract lifecycle management. She’s interested in simplifying complex tech and business topics through clear, thoughtful writing.

Additional Resources

MOU vs NDA Header Banner
Contracts

MOU vs NDA: Key Differences, Legal Implications, and When to Use Each

NDA vs Confidentiality Agreement_Header Banner
Contracts

NDA vs Confidentiality Agreement: Understanding the Key Differences and When to Use Which

Contracts

3 Types of Non-Disclosure Agreements