Understanding the Basics of Startup NDA Agreements: A Guide for Founders and Entrepreneurs

Startup NDA Defined

A Non-Disclosure Agreement (NDA) is a legally binding contract that ensures all parties involved maintain the confidentiality of information shared between them. By definition, a startup NDA is the same as a general NDA. However, in practice, it’s a specific type of NDA tailored to the particular needs and challenges of startups and entrepreneurs. In general, NDAs are commonly used throughout all industries to protect valuable ideas, designs, processes, and other sensitive information. For startups, keeping the specific details of their business under wraps is often absolutely vital to their success. Since up to 50 percent of new businesses go bust within their first five years of operation, it’s essential to have a startup NDA in place to protect all related information and help ensure the future growth of the company. Signing a startup NDA can be important for: Whether you’re a startup investor, consultant or employee, keeping confidential information safe is critical. A startup NDA will include all intellectual property (IP) in the agreement. IP can be defined as any type of business method or innovation that is unique to the company. They can include anything from business strategies to company logos. If anything is connected with your business methods and is unique, it’s likely considered IP. For example, businesses should look to protect their branding information such as: However, this may not cover everything. It’s worth looking to protect everything else you have to offer. As they move towards their goals, startups will typically create other IP like: All of the above examples must be covered by the NDA . It’s essential that the necessary steps are taken to safeguard whatever it is that will set you apart from your competitors. Startup NDAs will often contain provisions which set out what happens should the terms of the agreement be broken. In most cases, individuals will need to pay for damages. However, the exact procedure will depend on the seriousness of the breach. There may also be specific remedies stipulated in the NDA, so it’s important to get this right. An NDA is one of the most important contracts for any business. It’s not wise to compromise on these terms, just to get a deal done. As we’ve seen with many startups, once you lose your competitive edge, it can be very difficult to get it back. Ask yourself the following questions and make sure you cover these aspects in your startup NDA: No startup should enter into an agreement without a legally sound NDA in place. Whether you’re a startup employee, investor, vendor or client, proper measures should be taken to protect the information you work with. It doesn’t matter if you’re sharing information with an individual or company, the risk is still the same. Remember that if you don’t legally protect your IP, your startup may be too vulnerable in the eyes of investors, lenders, vendors, and suppliers. If your startup were to become known for creating excellent products, but didn’t have an NDA in place, it wouldn’t be long before competitors started to steal ideas. In the worst-case scenario, other companies could take them directly to market. You could risk your startup’s credibility, leaving you with no choice but to close down operations.

Key Components of Startup NDA

The NDA that you are drafting must include the following elements:

An explicit list of confidential information, and a narrowed definition of that information, which is typically outlined in an appendix;
Specifics surrounding the obligation of the parties (the disclosing party and the receiving party), signifying what each owes to the other when it comes to handling confidential information;
Exclusions, which may include information that is already publicly known, or information that is disclosed to a third party (so long as that party isn’t under the same obligation to keep that information confidential); and
The duration of the NDA, with a clear beginning and end date for the agreement.

For example, a vague and poorly written NDA will explicitly state that information is confidential because it is identified as such within the NDA, without going into any detail as to what information is actually included. A more clearly written document will instead list specific examples of information covered under the NDA, and will then explicitly note that any future exchange "of similar information" falls under this same NDA. Others will include an extensive list of information that is excluded from the scope of the NDA, as found through the use of a series of bullet points.

Why Do Startups Use NDAs

At a startup, secrecy is paramount. The company’s founders are working hard behind the scenes to develop a great product or service. They should keep their plans and priorities close to the vest—even from employees—to maintain a competitive advantage. A startup’s "secret sauce" is their secret for a good reason. One slip and that "sauce," and others’ plans for stealing it, can be all over a portion of the internet overnight. This is where an NDA for employees and contractors comes in. An NDA is particularly important for keeping shareholder, investor, customer, and critical vendor information confidential. Investors and customers may want access to NDAs even in early stage startups. A startup with its trade secrets well protected will find it easier to secure investment, and to make sure it does not become a victim of theft.

Common Startup NDA Pitfalls

Often, however, startups make mistakes in drafting NDAs. A few of these mistakes are:
• Using form agreements that are inappropriate for the situation
• Not properly defining confidential information
• Not including a non-solicitation provision
• Not including a non-circumvention provision
• Not having a term provision
These mistakes can lead to either under-protection of your assets or litigation. These mistakes are explained further below.
Using form agreements that are inappropriate for the situation
Some people believe that NDAs are standardized. Form agreements do not take into account industry peculiarities. Rather, they are intended to be "one size fits all". However, the a "one size fits all" approach doesn’t always fit because your circumstances often do not fit those of the group of people for which the form NDA was created. Often, the form NDAs are created for a particular situation or industry. NDAs should be tailored to your particular situation. If you want to send out NDAs for nondisclosure, non-use, non-circumvention, or other agreements, you should have a commercial attorney draft the NDAs or at least your own specific NDA, not a form NDA. By using an NDA tailored to your situation, a commercial attorney can better protect your interests and draft a more robust NDA.
Not properly defining confidential information
In order for NDAs to be effective, the definition of confidential information cannot be overly broad. Yet other times, startups define confidential information too narrowly, thus defeating the purpose of the NDA. Moreover, some startups think that if they cross-reference their manual or other documents that contain a more comprehensive or current definition of confidential information, they do not need to define confidential information in the NDA. Often, this is not true because it is not enforceable as the manual must be given to the other party or the other party must already have a copy of the manual/more current document.
Not including a non-solicitation provision
Although not every company needs a non-solicitation provision, some do not think they need non-solicitation provisions at all, even if they have employees. Or they think that non-solicitation is the same as non-competition and do not include non-solicitation provisions as much as they should, leading to under-protection. But non-solicitation is different from non-competition. Sometimes businesses have contractors, teams, other workers, and other individuals with whom they work. Not including non-solicitation provisions for the business relationships and for confidential information may not protect your business and assets as much as it could. Thus, non-solicitation provisions are important for your business relationships and confidential information and for adequately protecting your assets.
Not including a non-circumvention provision
Circumvention provisions in NDAs are used to prevent other parties from acting so as to circumvent your agreements with third parties or to circumvent you. Circumvention provisions provide adequate protection against third parties working around your agreements with those third parties. Thus, at your earliest convenience, use non-circumvention provisions in NDAs to promote your business, trade secrets, and other things you are trying to protect.
Not having a term provision
While you should no longer have a boilerplate provision stating that your NDA is perpetual, i.e., you did not replace it with an improved provision stating that confidential information will remain confidential until the confidential information no longer qualifies as confidential information and without having an improvement in mind, you should also replace indefinite provisions with definite term provisions, i.e., provisions stating that the NDA will remain in effect for a term of thirty (30), sixty (60), or one hundred twenty (120) months, etc. NDAs do not need to be eternal, and indefinite provisions cause confusion as to whether the NDAs are eternal. Also, if the NDA does not have a term provision, then it may be too late to sue at the time you determine that the other party has violated the NDA. If you do not have an adequate provision, you may not be able to sue for violation of a provision if more than two (2) years elapse between the time you knew or should have known that a violation occurred and the time you sue.
NDAs are useful tools for protecting your business, assets, third-party relationships, and other competitive interests. You should have NDAs drafted by a commercial attorney when appropriate, either you or the commercial attorney should draft NDAs for you and others with whom you have protected assets or other business interests.

Enforcing a Startup NDA

Enforcement of an NDA for Startups
In practical application, an NDA or NCA can be difficult to enforce due to the delays that can take place after the obligor has already used the disclosed information. Delays can happen for various reasons; primarily, they are a result of clarifying the information known to the disclosing party, or even further investigation. If a breach of an NDA or NCA is suspected, it is often in the best interest of the aggrieved party to act quickly and consult with legal counsel, taking immediate steps to address the situation. For a startup, this has many positive benefits including showing that the company is serious about enforcing rules and obligations. Having and enforcing NDAs or NCAs also sends a message that employees and other similar parties cannot go and use the company’s ideas or innovations freely, without consequence .
Similar to a brief explanation in the previous section, the disclosing party should avoid infringement and notify the offending party of the breach. If the disclosing party cannot negotiate a resolution with the offending party, then often the best option will be to file a civil lawsuit. When filing a lawsuit, the harmed party can take several approaches in the complaint. An example of some of the options can include the following forms of relief: punitive damages, lost profits, attorney’s fees, injunction against further disclosure or use of the information, and attorneys’ fees.
If the breach is egregious enough, and the dishonest party has violated the law, the disclosing party could also file a criminal lawsuit. Additionally, the civil liability can become a criminal liability if the offending action is discovered to be fraudulent and the affected party would then make the choice to file a criminal lawsuit, and similarly seek relief.

Tailoring Startup NDAs

Additionally, startups can customize their NDAs to fit their unique circumstances by considering what information they actually have to protect. It’s not always the case that a broad definition of confidential information will ensure protection over all materials they want to safeguard. Customization, however, will maximize protection.
First and foremost, confidentiality obligations should be defined in a way that is relevant to the information the startup will be sharing with the signer.
NDAs and API’s should also clearly define the scope and duration of these obligations. For example, if a startup only needs to share information with the signer related to its recent market-entry into a new service offering, it may only need to impose confidentiality obligations on the signer for the particular business area. A shorter duration of obligations would apply depending on relevance of the information and time frame of the startup’s business.
Note that these obligations can apply after the termination of the NDA if it is determined that certain confidential information continues to exist outside of the NDA. For example, although a startup should own any fact of the recruitment of candidates or executives (and confirmation of employment by those individuals), such information does not erase the proprietary nature of the inside story behind the hiring decision. That decision will be based on the company’s assessment of the skills, experience and personal background of the individual in question. This information is proprietary to the startup and should be protected from disclosure. Most agreements include a clause requiring the signer to hold such information in confidence for a set period of time.
In addition, defining the parties’ respective rights in the confidential information the startup receives can help the startup customize the clause to fit the type of confidential information involved in the transaction. Some confidential information may be readily available to the company as a matter of law or can be reverse-engineered. In some instances, the startup may decide it needs to define its rights over such information. However, the startup should keep in mind that such rights are generally non-exclusive and the more detailed the definition is, the more insight the signer will get about the startup’s business, including its confidential or trade secret information. Accordingly, it may be advisable to use more general terminology.
Some parties may push for additional provisions to address indemnification in the case of the disclosing party’s breach. Such indemnification is over-broad and unnecessary. In the event that a party breaches the terms of the agreement, it will be responsible for any damages caused by its breach. Therefore, offering the indemnitee indemnification is impractical because it doesn’t alter the other party’s liability for any such breach.

Startup Best Practices for NDA Management

Once your startup has secured the necessary non-disclosure agreements, it is important to establish a system for storing, accessing and updating these agreements. Too often NDAs are thrown into a box or left in a folder on a hard drive and ignored until a potential dispute arises. Having a clear and easily navigable system for storing NDAs will ensure you always have a complete and updated set of contracts when called upon . Key tips for managing non-disclosure agreements: The critical takeaway for startups is that NDAs need to be managed like all other important documents. By creating an organization system and following certain key practices, startups can easily find their NDAs, and gain extra points in credibility and reliability along the way.