Menu
Menu
This guide explains the different parts that make up the blocks dealing with confidentiality.
If certain information relating to your business ends up in the wrong hands, it can be devasting for your business. Therefore, to protect against situations where someone discloses confidential information, a confidentiality block needs to be inserted in the Agreement.
There are a couple of approaches when it comes to defining Confidential Information.
–
Blanket approach
You can consider stipulating that all information exchanged between the Parties relating to the Purpose must be regarded as Confidential Information. This approach is often called the “blanket approach” and offers a broad scope of protection. For instance, if two companies are collaborating on a new software project, all code, algorithms, designs, and even meeting notes related to the project could be considered confidential under this approach.
–
Specified information
Another approach may be a more detailed and specific approach where you stipulate the type of information that will be regarded as confidential information. For example:
any information of the Disclosing Party relating to financial structure, accounting methods, cash flows, revenue forecast methodology, and market forecast methodology; such as profit margins, pricing strategies, or investor relations strategies.
any information of the Disclosing Party relating to plans, designs, drawings, functional and technical requirements and specifications; like product roadmaps, system architecture diagrams, or hardware schematics.
any information related to intellectual property, including patents, copyrights, trademarks, and trade secrets; for instance, patent applications, source code, or proprietary algorithms.
any information regarding the Disclosing Party’s customers, suppliers, or partners, including contact details, contractual terms, and specific needs or preferences.
any information related to the Disclosing Party’s employees, including their roles, responsibilities, performance data, and compensation.
any information that the Disclosing Party expressly designates as confidential, either in writing or verbally, at the time of disclosure.
–
Using a more detailed and specific approach to defining Confidential Information can help ensure that both parties understand the scope of the confidentiality obligations and reduce the risk of misunderstandings. However, it requires a thorough understanding of the information being shared and may take longer to draft and negotiate. In some cases, a combination of both approaches can be used, providing a broad catch-all provision and then listing specific categories of information for added clarity.
–
Information disclosed before the Signature Date
Furthermore, remember to stipulate whether information disclosed before the Signature Date will or will not be regarded as Confidential Information.
–
Information of Affiliates
When a Party operates as part of a group structure, indicate that the Disclosing Party’s Affiliates’ information must also be treated as Confidential Information.
–
Information of third-parties
Depending on the specific transaction, and for example, the use of sub-contractors, there may also be a need to provide that the information of certain third parties must also be treated as Confidential Information.
The purpose of the disclosure plays an important role in confidentiality clauses, particularly in tech contracts where the nature of the disclosed information can have a significant impact on the parties involved.
–
Generally, the purpose of the disclosure is linked to the extent to which the Receiving Party can use the confidential information. So, for example, the Confidential Information can only be used to the extent that it is required by the Receiving Party to give effect to the concluded Agreement. If the Receiving Party uses the Confidential Information for any other purpose, the Receiving Party will be in breach of the confidentiality block.
–
In a software development agreement, for instance, if a software development company discloses proprietary code to a client for the purpose of customizing a software solution, the client should only use the code for that specific purpose. If the client uses the disclosed code to create a competing product, it would be a breach of the confidentiality clause.
–
Discloser friendly
If you are acting for a Party that will disclose most of the Confidential Information, make sure to use narrow and specific wording for the purpose. For example, in a software licensing agreement, the purpose of the disclosure might be “solely for the purpose of installing, configuring, and using the licensed software in accordance with the terms of this Agreement.” By using precise language, the Disclosing Party can better protect its Confidential Information and minimize the risk of unauthorized use.
Receiver friendly
If you are mainly receiving Confidential Information, it will help if you require “labelling” of information. This will assist you in knowing which information must be handled with care. In tech contracts, labelling can be used for various types of information, such as design documents, source code, API keys, or access credentials. By clearly marking these materials as “Confidential,” the Receiving Party can more easily identify and manage sensitive information.
–
For example, a company providing IT consulting services may receive technical documentation and system access credentials from its client. By requiring that these materials be labelled as “Confidential,” the IT consulting company can ensure that its employees handle the information appropriately and maintain the client’s trust.
–
Discloser friendly
When you are the Party that will mainly be Disclosing Information, you would likely want to follow a different approach. For example, you can stipulate that any information that the Receiving Party should reasonably have understood (because of legends or other markings, the circumstances of disclosure, or the nature of the information) to be confidential will be regarded as Confidential Information.
–
This approach can help protect the Disclosing Party’s interests in situations where Confidential Information is inadvertently not labelled or where the nature of the information makes its confidentiality apparent. For instance, in a tech contract involving the development of a new AI algorithm, the Disclosing Party might share unlabelled proprietary information during a meeting or presentation. By including a provision that covers information that the Receiving Party should reasonably understand to be confidential, the Disclosing Party can still safeguard its valuable intellectual property.
–
In summary, when drafting confidentiality clauses in tech contracts, it is essential to consider the needs and interests of both the Disclosing and Receiving Parties. By requiring labelling for Confidential Information and including provisions that account for situations where labelling may not be present, parties can better protect sensitive information and maintain a successful business relationship.
A permitted receiver is usually a person who works for or assists the Receiving Party somehow. For example, the Receiving Party’s lawyers, accountants, subcontractors, or consultants. In tech contracts, it may be necessary for these individuals to access Confidential Information to perform their duties or provide advice effectively.
–
If you are acting for the Disclosing Party, you want to impose various obligations on the Receiving Party regarding permitted receivers to ensure the protection of your Confidential Information. For example, the Receiving Party must require the permitted receivers to sign confidentiality undertakings that are to the satisfaction of the Disclosing Party if the Receiving Party wants to make available the Confidential Information to a permitted receiver.
–
Obligations that can be imposed on the Receiving Party in tech contracts include:
Prior written consent: The Receiving Party must obtain the Disclosing Party’s prior written consent before sharing Confidential Information with any permitted receiver.
Confidentiality agreements: The Receiving Party must ensure that permitted receivers sign a confidentiality agreement or non-disclosure agreement (NDA) that is at least as protective as the confidentiality clause in the main contract.
Need-to-know basis: The Receiving Party should only disclose Confidential Information to permitted receivers who have a legitimate need to access the information to perform their duties or provide services related to the contract.
Responsibility for breaches: The Receiving Party should be responsible for any breaches of confidentiality by permitted receivers and should promptly notify the Disclosing Party of any such breach.
Termination of access: The Receiving Party must terminate a permitted receiver’s access to Confidential Information if the relationship with the permitted receiver ends or if the permitted receiver breaches the confidentiality obligations.
–
By imposing these obligations on the Receiving Party with respect to permitted receivers, the Disclosing Party can better protect its Confidential Information and ensure that it is only shared with individuals who have a legitimate need to access it and are bound by appropriate confidentiality obligations.
The following are examples of information that is generally not regarded as Confidential Information-
–
These exclusions are essential to maintain a balance between protecting the Disclosing Party’s sensitive information and allowing the Receiving Party to operate freely without undue restrictions. In the context of tech contracts, it is crucial to carefully consider the scope of confidentiality obligations and the potential impact on both parties’ ability to conduct business effectively. Including reasonable exclusions in the confidentiality clause can help strike a balance that benefits both parties and promotes a successful partnership.
If you are acting for the Party that will mainly be disclosing confidential information in a tech contract, you must be clear on how Confidential Information must be handled to protect your client’s interests.
–
As a start, you want to impose certain obligations on the Receiving Party, for example:
–
–
Additionally, consider what needs to happen if the Receiving Party becomes aware that there has been unauthorized access to the Confidential Information:
–
On the flip side, if you act for the party that will mainly be Receiving Confidential Information in a tech contract, you want to limit express obligations that may open you up to liability claims. For example:
–
By carefully crafting the confidentiality provisions in a tech contract, both parties can strike a balance between protecting the Disclosing Party’s sensitive information and limiting the Receiving Party’s potential liability.
There may be situations in tech contracts where Confidential Information that is disclosed may be used by the Receiving Party in one of their processes, such as product development, software integration, or research and development.
–
No Transfer of Ownership
Make sure to expressly state that no ownership relating to the Confidential Information will transfer to the Receiving Party. This helps protect the Disclosing Party’s intellectual property rights and ensures that the Receiving Party does not claim ownership over the disclosed information.
–
For example, a software development company may share proprietary algorithms with a consultant to optimize its product performance. By including a provision that states no transfer of ownership, the company can protect its ownership rights to the algorithms.
–
Limited License to Use
If you are acting for the Party that will mainly be disclosing Confidential Information, and if the Receiving Party requires any rights to use the Confidential Information, stipulate that any rights granted in respect of the Confidential Information are only granted to the extent required to fulfill the Purpose expressly stated in the confidentiality clause.
–
For instance, a technology company may disclose certain source code to a contractor for the purpose of software customization. In this case, the Disclosing Party can grant the Receiving Party a limited license to use the source code solely for the specific customization project, preventing the Receiving Party from using the code for other purposes or projects.
–
Termination or Expiration of Rights
Additionally, it’s crucial to specify that any granted rights to use the Confidential Information will terminate or expire upon completion of the Purpose or the termination of the contractual relationship between the parties. This ensures that the Receiving Party cannot continue using the Confidential Information after the project or relationship has ended.
A typical warranty you will see within a confidentiality clause in tech contracts is where the Disclosing Party warrants that they can disclose the Confidential Information. As a Receiving Party, you want this warranty. You do not want to get caught up in a situation where you receive confidential information from a Disclosing Party that they were not supposed to disclose.
–
Warranty of Authority to Disclose
For example, a technology company may share confidential customer data with a third-party vendor to provide customer support services. As the Receiving Party, the vendor would want a warranty from the technology company ensuring they have the legal authority to disclose such data, protecting the vendor from potential legal issues.
–
As a Disclosing Party, you want to disclaim all representations and warranties relating to the Confidential Information. In other words, you do not want to make any warranties in respect of the accuracy, completeness, and suitability of the Confidential Information as this may open you up to claims.
–
Disclaimer of Warranties for Confidential Information
For instance, a software provider may disclose proprietary information to a client for integration purposes. The software provider, as the Disclosing Party, may want to include a disclaimer stating that they make no representations or warranties regarding the accuracy or completeness of the disclosed information. This helps protect the software provider from potential claims if the client encounters issues or errors related to the proprietary information.
–
To balance the interests of both parties in a tech contract, the confidentiality clause should include a warranty from the Disclosing Party ensuring their authority to disclose the Confidential Information while also incorporating disclaimers to limit the Disclosing Party’s liability in terms of the accuracy, completeness, and suitability of the disclosed information. This approach helps protect both parties from potential risks and legal issues associated with the disclosure and use of Confidential Information.
Confidentiality clauses should survive termination of the Agreement in tech contracts to ensure the protection of sensitive information even after the contractual relationship ends.
–
Survival of Confidentiality Obligations
For example, if a software development company and a client terminate their contract, it’s essential that the confidentiality obligations concerning the proprietary algorithms, source code, or business strategies continue to protect both parties from potential harm.
–
Duration of Confidentiality Obligations
Another aspect that needs to be addressed in your confidentiality clause is how long the confidentiality provisions will be binding on the Receiving Party.
–
One approach is to provide that the confidentiality provisions will remain binding as long as the Confidential Information is retained. Another approach may be to provide a fixed period for which the confidentiality provisions will apply after the termination of the Agreement.
–
A fixed-period approach may favour the Receiving Party. However, if you disclose any trade secrets, you should definitely look at providing that the confidentiality provisions will apply indefinitely, to the extent allowed by applicable law.
–
For instance, if a tech company discloses a trade secret related to a unique manufacturing process or a novel software algorithm to a partner, it is crucial that the confidentiality provisions protecting this information remain in force indefinitely, ensuring the trade secret remains protected.
–
In summary, when drafting a tech contract, it’s crucial to consider the survival and duration of confidentiality obligations to ensure that the Disclosing Party’s sensitive information remains protected even after the contract terminates. Balancing the interests of both parties in the duration of confidentiality provisions will help create a fair and effective agreement that promotes trust and collaboration.
Sometimes, monetary compensation may not be sufficient to address the harm caused by a breach of confidentiality. In such cases, you may consider including a part which deals with injunctive relief which can be a powerful remedy that requires the breaching party to cease their wrongful actions immediately.
World Commerce and Contracting provides the following principles relating to warranties-
–
If parties intend to share Confidential Information in anticipation of, or during a business relationship, it should be subject to the protections of a separate non-disclosure agreement or of a confidentiality clause within the contract documenting the relationship (perhaps entered into subsequent to the NDA, in which case the NDA is normally superseded by the contract language).
–
In a typical business relationship, the determination of what information is deemed to be Confidential Information is an issue in the absence of clear markings, particularly when information is conveyed verbally or when the parties do not want impediments to the free flow of information between the parties. Accordingly, the most efficient and practical approach is to define Confidential Information as being all information-
–
Confidential Information should not include information that-
–
The Recipient must be given the right to hand over Confidential Information pursuant to a governmental or court order, provided that the Discloser is notified (if permitted) as soon as reasonably possible to take action to block the order or protect the information.
–
A Discloser’s Confidential Information should only be shared with the Recipient’s employees as required for the Purpose. In the event the parties contemplate that their respective affiliates or third parties (e.g., agents, consultants, subcontractors) will be involved in furtherance of the Purpose, Confidential Information should be shared with those entities only if-
–
In establishing disclosure rules applicable to third parties, the parties should also address any issues if the Recipient may be sharing Confidential Information with any competitors of the Discloser or if there are any anti-trust or collusion concerns.
–
The degree of care given by the Recipient for safeguarding a Discloser’s Confidential Information should be no less than that it gives to its own similar Confidential Information.
–
The Recipient should also promptly notify the Discloser about all unauthorized disclosures and take measures to mitigate the effects of such events.
–
Violating confidentiality obligations can cause irreparable harm that goes beyond mere direct monetary damages and may include both indirect and consequential damages, loss of revenues, profits, or the like.
–
The duration of the confidentiality obligations should be a function of the expected period over which the Confidential Information continues to be of value to the Discloser if kept non-public. Factors to be considered include the pace at which technology is changing, whether the information is a trade secret, whether the information is expected to become stale or will likely become public at some point, and standards for the particular market segment or geography.
–
Parties often do not maintain corporate memory of documents that need to be returned at the end of discussions or an engagement, so a more practical approach to returning Confidential Information to the Discloser is to have the Discloser ask for the return of the information if it is of sufficient importance to take that step.
–
The same principles relating to assignments of obligations to third parties that are typically applied in transactional agreements should also apply in NDAs.
–
Personal data often gets lumped together with Confidential Information but should typically be treated separately and with different standards of care given the laws and regulations that apply (See WorldCC Contracting Principle Data Security and Privacy).
–
Ownership of intellectual property rights in Confidential Information is not transferred as a result of mere disclosure and any license given to the Recipient to use the Confidential Information, including the intellectual property right therein, is limited to activities related to the Purpose.
(a)
Affiliate , for the purposes of Article 1, means,
with respect to a Party, any other person or entity which directly or
indirectly Controls, is Controlled by, or is under common Control with such
Party.
(b)
"Confidential Information means
all information disclosed between the Parties disclosed in connection with the Purpose
of Confidential Disclosure.
(c)
Control , for the purposes of Article 1, means
the person or entity owns, directly or indirectly, more than 50 percent of the
capital of the other entity, or in the absence of such ownership interest,
substantially has the power to direct or cause the direction of the management
and set the policies of such entity.
(d)
Disclosing Party means
a Party that discloses Confidential Information under this Agreement.
(e)
Purpose only for the purposes of Article 1 means
to give effect to the Agreement concluded between the Parties.
(f)
Receiving Party means
a Party that receives or acquires Confidential Information directly or
indirectly under this Agreement.
1.2
Affiliate confidential information: Confidential Information will include any
Confidential Information of any Affiliate of the Receiving Party.
1.3
Third party confidential information: Confidential Information will include any
Confidential Information of any third party.
1.4
Labelling: For Confidential Information to be considered
confidential, the information must be marked as confidential or if disclosed
orally, identified as confidential in writing within [●].
1.5
Time of disclosure: The Confidential Information will include Confidential
Information disclosed before and after the Signature Date.
1.6
Excluded information: The following information is not Confidential
Information:
(a)
information known to the Receiving Party before
disclosure by the Disclosing Party;
(b)
information that is or becomes publicly known, not as
a result of a breach of this Agreement by the Receiving Party;
(c)
information developed independently by the Receiving
Party in circumstances that are not a breach of this Agreement; and
(d)
information which Receiving Party receives from a
third party who can disclose the Confidential Information free of restriction
and without obligation.
1.7
Notification and disclosures required in terms of law: If the
Receiving Party is required to disclose Confidential Information to satisfy a
court order or to comply with any applicable law the Receiving Party will
notify the Disclosing Party in writing before such disclosure to enable the
Disclosing Party to protect their interest; and
1.8
Obligations and disclosures required in terms of law: If the
Receiving Party is required to disclose Confidential Information to satisfy a
court order or to comply with any applicable law the Receiving Party will only
disclose the legally required portion of the information and use reasonable endeavours
to protect the confidentiality of such information (the onus is on the Receiving
Party to demonstrate that they have complied with this provision).
1.9
Handling of Confidential Information: A Receiving
Party must not disclose the Confidential Information to any third party without
first obtaining written consent from the Disclosing Party.
1.10
Standard of care: A Receiving
Party must protect the Confidential Information of a Disclosing Party by using
the same standard of care to safeguard their confidential information.
1.11
Steps required to protect Confidential Information: A Receiving
Party must take reasonable steps to prevent any unauthorised disclosure of the
Confidential Information.
1.12
Unauthorised access: A Receiving
Party will immediately notify the Disclosing Party if the Receiving Party becomes
aware of any loss or any unauthorised access to, or use or disclosure of, any
Confidential Information in the control of the Receiving Party or their authorised
recipient.
1.13
Cooperation: The Receiving
Party must cooperate with the Disclosing Party to investigate and mitigate any
adverse effects of unauthorised access to, or use or disclosure of, any
Confidential Information.
1.14
Rights of the Disclosing Party: A Disclosing
Party can at any time require:
(a)
the Receiving Party to return any Confidential Information;
(b)
the Receiving Party to expunge any Confidential
Information from any device;
(c)
the Receiving Party to destroy any material relating
to the Confidential Information;
(d)
the Receiving Party to cause the return or destruction
of any Confidential Information which the Receiving Party disclosed to any
third party; or
(e)
a written statement under oath that the Receiving
Party has not retained any such Confidential Information and that no third
party has retained any such Confidential Information.
1.15
Authorised Recipients: A Receiving
Party can disclose the Confidential Information to their representatives, employees,
consultants, or professional advisors, if necessary and to the extent required
to fulfil the Purpose.
1.16
Confidentiality undertakings: If a Receiving
Party intends to disclose the Confidential Information to their representatives
or employees, such representatives or employees must sign a confidentiality
undertaking that is to the satisfaction of the Disclosing Party.
1.17
Acknowledgment: A Receiving
Party acknowledges that unauthorised or unlawful use or disclosure of the
Confidential Information can cause irreparable damage to the Disclosing Party.
1.18
Indemnity: The Receiving Party indemnifies the Disclosing
Party against any, and all loss suffered where the Receiving Party, or their representative
or employee, discloses or uses the Confidential Information unlawfully or
without the Disclosing Party s consent.
1.19
Injunctive relief: The Receiving
Party acknowledges that monetary damages may not be a sufficient remedy for
unauthorised or unlawful use or disclosure of the Confidential Information and a
Disclosing Party can ask a court for injunctive relief without waiving any
other rights or remedies.
1.20
No limitation:
Notwithstanding anything agreed to between the Parties, a claim for
breach of the confidentiality provisions , or a claim
under 1.18, will not be limited or excluded under any limitation
of liability or exclusion of liability provision.
1.21
Ownership and rights: The Disclosing
Party will remain the owner of all rights relating to the Confidential
Information. Where rights must be granted in respect of the Confidential
Information, such rights are only granted to the extent required to fulfil the Purpose.
1.22
Termination and survival: The
confidentiality provisions in this Agreement will survive the termination of
this Agreement.
1.23
Period: The confidentiality provisions in this
Agreement will bind the Receiving Party for an indefinite period.
1.24
Warranties: The Disclosing
Party warrants that they have the right to disclose the Confidential
Information to the Receiving Party.
1.25
No further warranties: The Disclosing
Party makes no other express, implied, or statutory warranties in respect of
the Confidential Information.
1.26
Disclaimer: The Disclosing
Party disclaims all other representations, warranties, or assurances for the
Confidential Information, including for accuracy, performance, completeness,
suitability, or third-party rights.
Try for free. No credit card required.
Master Contracts, elevate your career. Join the global movement of shaping the standard of contracts.
South Africa
194 Bancor Avenue Menlyn, Colab Building, Waterkloof Glen, Pretoria, 0181
United States
Form part of the spearhead movement of shaping the global standard for tech contracts.
