How to Review an NDA Before Signing: A Complete Checklist

Non-disclosure agreements (NDAs) are among the most commonly signed legal documents in business — and among the most frequently misunderstood. Whether you're a job candidate, a freelancer, or a founder negotiating a partnership, understanding what you're agreeing to before you sign can save you from serious legal and financial consequences.

This checklist walks through every major component of a non-disclosure agreement, explains what each section means in plain language, and highlights the language that most often causes problems.

Step 1: Identify the Type of NDA

The first question to answer is whether the NDA is mutual (bilateral) or one-way (unilateral).

• Mutual NDA: Both parties agree to protect each other's confidential information. This is standard in partnership discussions, joint ventures, and early-stage business negotiations where both sides are sharing sensitive material.
• One-way NDA: Only one party (usually you) is bound to keep the other party's information confidential. These are common in employment and vendor relationships where one party has significantly more information to protect.

Neither type is inherently unfair, but you should know which you're signing. If you're sharing significant proprietary information and the NDA is one-way, push to make it mutual.

Step 2: Scrutinize the Definition of "Confidential Information"

This is the most important section of any NDA, and the one most likely to cause disputes. Look for how broadly "confidential information" is defined.

Red flags in the definition:

• Language like "any and all information" or "all information disclosed" with no carve-outs
• No requirement that confidential information be marked as such (oral disclosures with no written follow-up)
• Inclusion of information you already knew before the relationship began

What you want to see: A definition that requires confidential information to be marked "Confidential" or "Proprietary" at the time of disclosure, with oral disclosures confirmed in writing within a reasonable time (typically 30 days).

Step 3: Check the Standard Exclusions

Every well-drafted NDA should include exclusions for information that is:

• Already publicly known at the time of disclosure
• Independently developed by the receiving party without reference to the confidential information
• Lawfully received from a third party without restriction
• Required to be disclosed by law or court order

If an NDA is missing these exclusions, be very cautious. It could obligate you to keep secret information that is already public record, or prevent you from using knowledge you independently developed.

Step 4: Understand the Duration

NDAs should have a clear start date and an end date (or a duration). Common terms range from one to five years for commercial NDAs. Employment NDAs sometimes attempt to impose indefinite confidentiality obligations — which courts in many jurisdictions treat skeptically for non-trade-secret information.

Watch for NDAs where the confidentiality obligation is "perpetual" or "indefinite." For genuine trade secrets, this may be reasonable. For general business information, it's often overreaching.

Step 5: Review the Purpose Limitation

A properly drafted NDA restricts the use of confidential information to a specific, defined purpose — for example, "to evaluate a potential business partnership" or "to perform services under the attached Statement of Work." This is called the "permitted purpose" or "purpose limitation."

If the NDA lacks a purpose limitation, the disclosing party could claim you used their information improperly even when you used it for what seemed like an obvious reason. Always ensure the permitted purpose is clearly and specifically defined.

Step 6: Examine the Remedy Clause

Most NDAs include a provision stating that breach of the agreement will cause "irreparable harm" and that the disclosing party is entitled to seek injunctive relief (a court order stopping you from doing something) without posting a bond. This is standard language in most jurisdictions.

What to watch for: liquidated damages clauses that impose very large, fixed penalties per breach. These can be enforceable and create significant financial exposure.

Step 7: Check Governing Law and Jurisdiction

The governing law clause tells you which state or country's law applies to the NDA, and the jurisdiction clause tells you where any disputes must be resolved. If these are unfavorable — for example, requiring you to litigate in a distant jurisdiction — this is worth negotiating.

Quick Checklist Summary

• Is this a mutual or one-way NDA? Is that appropriate?
• Is "confidential information" defined narrowly with marking requirements?
• Are the standard exclusions present?
• Is the duration reasonable (1–5 years)?
• Is there a specific, narrow permitted purpose?
• Are any liquidated damages provisions proportionate?
• Is the governing law and jurisdiction acceptable?