oneNDA graveyard

  • updated 7 mths ago

The below provisions were excluded from oneNDA following in-depth discussion with the community that co-created oneNDA. We just didn’t feel that they were worth their salt. Perhaps you’ve seen them in another NDA and grew to love them, if so - we’re sorry they didn’t make it.

Note that this document is not intended to be legal advice on the application of these provisions.

Derived information is confidential information

This is a given. If a Receiver simply creates another form of the confidential information, the information doesn’t stop being confidential.

Permitted Receivers must not use CI other than as per NDA

This is already covered in oneNDA as it provides that a Permitted Receiver must “have agreed to keep [the confidential information] confidential and restrict its use to the same extent that the Receiver has”.


The below ‘Notice’ provisions were considered but excluded:

  • All notices must be made in writing and delivered personally

  • All notices must be made in writing and delivered by next day courier

  • All notices must be made in writing and delivered by post

  • All notices must be made in writing and delivered by fax

  • A notice will be effective when the other party receives it

  • A notice will be effective 5 days after it’s been posted

  • A notice will be effective one working day after it’s been emailed or faxed

This is because they are not appropriate in today’s world where most interactions happen via electronic means. It is also not proportionate to the needs of oneNDA.

No warranty

Warranting the accuracy of the information provided is not implied by law or otherwise and therefore, in the context of oneNDA at least, there is no reason to explicitly exclude it. If a proposal is proceeded with, it’s likely that these terms would be included in the implementing documentation. For the purposes for which oneNDA is intended to be used, this may be superfluous.

Note that this provision has been included within the oneNDA M&A module, where the risk implications of information shared being presumed under warranty or relied upon for the purposes of evaluating a transaction are potentially much more significant. It has been included to provide additional comfort in these circumstances.

Proprietary software code is confidential forever

The scope of this NDA is to cover instances where two parties are entering into high level conversations to establish whether they want to enter into a commercial relationship. Exposing your source code would require a different type of NDA so this is out of scope.

Personal data is confidential forever

Any personal data shared under an NDA will be subject to the same confidentiality period as the rest of the confidential information and there’s no reason it should be treated differently. Any additional contractual safeguards for the protection of personal data required by applicable data protection legislation should be dealt with under a separate agreement.

Trade secrets are confidential forever

There is little use in including a provision on trade secrets specifically as they are broadly covered in the definition of confidential information and are inherently afforded protection under IP laws.

Returning CI to the Discloser if requested

This was potentially useful when confidential information was shared in hard copy but in today’s world, most information is shared digitally so this is impractical / obsolete.

Destruction certificate

As above, oneNDA also provides for the parties being able to retain copies in back-up systems or to meet their legal or regulatory obligations.

Consent for disclosure if change of control

Information remains protected even if the Discloser’s acquiring competitor did have access to it because it can only be shared or used in connection with the “Purpose”. Moreover, the purpose of oneNDA is to facilitate general commercial discussions. If extremely sensitive information is being shared then the parties should use a more suitable NDA.


The law around penalty clauses is complex and they can be held to be invalid if not carefully drafted to reflect the specific circumstances. Given this, and the fact that a party which discloses confidential information can sue for any loss it suffers as a result of an unauthorised disclosure, a penalty clause is probably unlikely to be relevant for the situations where oneNDA will be used.


A party which discloses confidential information can sue for any loss it suffers as a result of an unauthorised disclosure. This is probably sufficient in the circumstances in which it is envisaged oneNDA will be used.

Personal data must be excluded

This is unnecessary and inappropriate for an NDA. NDAs are designed to ensure information remains confidential. If that information includes personal data, then that personal data will remain confidential in line with the NDA. As above, obligations relating to the treatment and safeguarding of personal data in line with applicable data protection laws should be dealt with in separate agreement.

Compliance with data protection laws

Any obligations relating to compliance with data protection laws should be addressed in a separate agreement.

Each party retains ownership of their own confidential information

This is a given anyway. Calling it out explicitly adds no value.

No obligation to commit

The NDA doesn't create an obligation on either party to buy from the other and this is a given - calling it out explicitly adds little value and has therefore been excluded from the baseline oneNDA.

Non-preclusion language has been included in the oneNDA M&A module at the community’s request. This is to provide additional comfort in the M&A context where the implications of being obliged to go ahead with a transaction are potentially more significant.

Generating own ideas

Each party can continue to generate their own ideas which might be competitive to the Discloser's confidential information. This is a given anyway. Calling it out explicitly adds no value.


Neither party is precluded from participating in transactions or discussions involving the other party or any other person. This is a given anyway. Calling it out explicitly adds no value.


The Receiver may use ‘residual’ information (e.g. information retained in unaided memory), including to develop competitive products.

Residuals clauses serve to protect the Receiver from the risk that information disclosed by the Discloser prevents them from competing. This won’t be suitable in all circumstances (particularly due to the potential for abuse by the Receiver) and has therefore been excluded from this iteration.


It’s very unlikely that a term of the NDA will be found illegal, unenforceable or invalid but even if it is, the inclusion of the severability clause will not oblige the court to treat it as such.

Non-contractual obligations

Non-contractual obligations: this clause tells us that disputes relating to any non-contractual obligations arising out of the agreement will be heard in a specific jurisdiction.

oneNDA states that “any disputes arising in connection with the Agreement” will be heard in the Jurisdiction, which is broad enough to cover disputes relating to non-contractual obligations. Therefore it’s not necessary to specifically call this out.

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
© 2023 The Law Boutique Limited. The Law Boutique Limited is registered in the United Kingdom under No. 09509112 with a registered business address at Unit 11.3.2 The Leather Market, Weston Street, London, SE1 3ER UK.