Common Clauses In UK Employment NDAs
Created:
Understanding common clauses in UK employment NDAs helps employees and employers identify key confidentiality, non-use, and disclosure obligations. This guide supports readers using an AI Generated British Confidentiality Agreement to create clearer, more relevant agreements.
Clause Name | Clause Purpose | Drafting Notes | Primary Party Affected | Practical Example |
|---|---|---|---|---|
Core Clause | ||||
Definition Of Confidential Information | Identifies the information protected by the NDA. | Use clear categories such as trade secrets, business plans, pricing, customers, software, know-how and employee data avoid overbroad wording. | Both Parties | An employee in sales receives unreleased customer pricing and must keep it confidential. |
Permitted Purpose | Restricts use of confidential information to employment duties only. | Tie use to the employee's role, authorised tasks and legitimate business purposes. | Employee | A product manager may use roadmap information for internal planning but not for a side business. |
Non-Disclosure Obligation | Requires the employee not to disclose confidential information without authority. | Specify authorised recipients, internal need-to-know access and written consent requirements. | Employee | An employee must not share a confidential restructuring plan with a friend or competitor. |
Duty To Protect Confidential Information | Requires reasonable security measures to prevent unauthorised access or loss. | Refer to passwords, secure storage, clean desk rules, encryption and employer policies. | Employee | A remote worker must not leave customer files visible in a shared workspace. |
Exclusions From Confidential Information | Carves out information that should not be treated as confidential. | Exclude public information, information already known, independently developed information and information lawfully received from others. | Both Parties | A publicly announced product launch is not confidential after publication. |
Authorised Disclosures | Permits disclosure where legally or professionally appropriate. | Allow disclosures to legal advisers, regulators, courts, police, tax authorities and as required by law. | Both Parties | An employee may show the NDA to a solicitor for advice. |
Whistleblowing And Protected Disclosures | Confirms the NDA does not prevent protected disclosures. | State clearly that the employee may make protected disclosures under the Employment Rights Act 1996. | Employee | An employee can report suspected fraud or safety breaches to an appropriate body. |
Reports To Regulators And Law Enforcement | Makes clear the NDA does not block lawful reports to authorities. | Name likely bodies where relevant, such as police, HMRC, ICO, FCA, HSE or professional regulators. | Both Parties | A finance employee may report suspected money laundering to the appropriate authority. |
Duration Of Confidentiality Obligations | States how long confidentiality duties continue during and after employment. | Use a reasonable fixed period for ordinary information and longer or indefinite protection for trade secrets. | Both Parties | Customer pricing may be protected for two years source code secrets may remain protected indefinitely. |
Return Or Destruction Of Materials | Requires confidential materials to be returned, deleted or destroyed when requested or on termination. | Cover paper files, devices, cloud accounts, email, backups and copies allow legal retention where needed. | Employee | A departing HR manager returns personnel files and deletes local copies from a laptop. |
Optional Clause | ||||
Certificate Of Return Or Deletion | Provides written confirmation that confidential materials have been returned or deleted. | Use for senior employees or data-heavy roles avoid requiring impossible deletion from automatic backups. | Employee | A former CTO signs a certificate confirming deletion of copied engineering files. |
Core Clause | ||||
Ownership Of Confidential Information | Confirms the employer retains ownership of confidential information and materials. | Distinguish confidentiality from intellectual property assignment and device ownership. | Employer | A design employee cannot keep employer pitch decks as personal portfolio material without consent. |
Context-Specific Clause | ||||
Intellectual Property And Inventions | Addresses ownership and confidentiality of work-created IP and inventions. | Coordinate with employment contract IP terms note statutory rules for employee inventions under the Patents Act 1977. | Both Parties | A software engineer must keep a new algorithm confidential before patent filing. |
Trade Secrets | Gives heightened protection to information that derives value from secrecy. | Identify trade secret categories and require reasonable steps to keep them secret. | Employer | A food manufacturer protects a confidential recipe and production method. |
Personal Data And Data Protection | Protects personal data handled during employment. | Align with UK GDPR, Data Protection Act 2018 and internal privacy and security policies. | Both Parties | A payroll employee must not disclose salary, sickness or bank details. |
Special Category Data | Adds safeguards for sensitive personal data such as health, race, religion or biometric data. | Use where HR, health, biometric, safeguarding or diversity data is accessed. | Both Parties | An occupational health administrator must protect employee medical reports. |
Customer And Supplier Information | Protects commercially sensitive information about customers, suppliers and prospects. | Define protected information without creating an unenforceable non-compete by implication. | Employer | A sales executive must not copy a customer list before joining a competitor. |
Financial And Pricing Information | Protects margins, forecasts, budgets, salaries, bids and pricing models. | Specify whether employee pay information is included and avoid restricting lawful pay discussions where inappropriate. | Employer | A procurement employee must not reveal confidential supplier discount structures. |
Business Plans And Strategy | Protects strategic, expansion, merger, acquisition and restructuring plans. | Include board papers, forecasts, transaction materials and unreleased announcements. | Employer | A senior manager must not disclose a planned office closure before staff consultation. |
Software, Source Code And Technical Materials | Protects technical assets such as code, architecture, APIs, models and documentation. | Cover repositories, credentials, open-source boundaries and development environments. | Employer | A developer cannot copy private Git repositories to a personal account. |
Passwords, Credentials And Access Keys | Protects login details, API keys, tokens and system credentials. | Ban sharing credentials and require prompt return, revocation or reporting of compromised access. | Employee | An IT employee must not keep admin passwords after leaving employment. |
Compliance With IT And Security Policies | Connects NDA obligations to employer security policies and procedures. | Refer to policies as updated from time to time, but avoid hidden contractual changes to pay or role. | Employee | An employee must follow MFA, device encryption and secure file-sharing rules. |
Remote And Hybrid Working Confidentiality | Protects confidential information outside the employer's premises. | Cover home Wi-Fi, shared accommodation, screens, printing, calls and disposal of papers. | Employee | A hybrid worker must not discuss redundancies on a train call. |
Personal Devices And BYOD | Controls confidential information stored or accessed on personal devices. | Address employer approval, mobile device management, deletion, backups and privacy expectations. | Both Parties | An employee using a personal phone must delete work files on termination. |
Social Media And Public Statements | Prevents unauthorised public disclosure of confidential employer information. | Balance confidentiality with lawful whistleblowing, employee rights and protected discussions. | Employee | An employee must not post an unreleased product screenshot on LinkedIn. |
Optional Clause | ||||
Media Enquiries | Routes press enquiries to authorised representatives. | Useful for senior, public-facing or crisis-sensitive roles preserve legal disclosure rights. | Employee | A manager refers a journalist's question about redundancies to the communications team. |
Context-Specific Clause | ||||
Third-Party Confidential Information | Protects confidential information received from clients, suppliers, partners or group companies. | State whether duties apply to affiliates and third parties whose information the employer must protect. | Both Parties | A consultant employee must protect a client's acquisition target list. |
Group Company Confidentiality | Extends protection to confidential information of associated companies. | Define group companies clearly and consider Contracts (Rights of Third Parties) Act wording. | Employer | A UK employee must protect confidential financial data from the employer's parent company. |
Optional Clause | ||||
Third Party Rights | States whether non-parties may enforce NDA terms. | Either exclude the Act or expressly allow named group companies or clients to enforce confidentiality terms. | Both Parties | A client may enforce confidentiality if the NDA expressly gives it that right. |
No Licence Or Transfer Of Rights | Confirms access to information does not grant ownership or use rights beyond employment. | Use where employees access valuable IP, software, data or technical materials. | Employer | A designer may use brand assets for work but not for private freelance projects. |
Core Clause | ||||
No Unauthorised Copying | Prevents unnecessary duplication of confidential materials. | Allow copies needed for work duties, backups and legal compliance. | Employee | A departing employee must not download the CRM database to a USB drive. |
Loss, Breach Or Unauthorised Disclosure Reporting | Requires prompt reporting of suspected loss, breach or unauthorised disclosure. | Set internal reporting channels and urgent timescales, especially for personal data breaches. | Both Parties | An employee immediately reports sending a client spreadsheet to the wrong recipient. |
Optional Clause | ||||
Cooperation After Breach | Requires assistance to investigate, contain or remedy confidentiality breaches. | Limit to reasonable cooperation and consider pay or expenses after employment ends. | Both Parties | A former employee helps identify which files were emailed externally by mistake. |
Core Clause | ||||
Injunctive Relief And Remedies | Recognises that damages may be inadequate and urgent court relief may be needed. | Avoid guaranteeing an injunction state that equitable relief may be sought where appropriate. | Both Parties | An employer seeks an injunction to stop disclosure of a confidential tender bid. |
Optional Clause | ||||
Losses, Damages And Indemnity | Allocates responsibility for losses caused by confidentiality breaches. | Ensure any indemnity is proportionate and consistent with employment law, policy and insurance. | Both Parties | The employer claims losses caused by an employee leaking confidential bid pricing. |
Core Clause | ||||
Disciplinary Consequences | Warns that breach may lead to disciplinary action, including dismissal. | Align with the employer's disciplinary procedure and the ACAS Code principles. | Employee | An employee who deliberately leaks HR records may face gross misconduct proceedings. |
Post-Termination Confidentiality | Confirms confidentiality continues after employment ends. | State which obligations survive termination and for how long. | Employee | A former employee must not reveal confidential product plans to a new employer. |
Context-Specific Clause | ||||
Exit Handover And Access Removal | Manages return of information and removal of access on departure. | List systems, keys, devices, documents and cloud accounts to be transferred or disabled. | Both Parties | HR disables CRM, Slack and file-share access on the employee's final day. |
Garden Leave Confidentiality | Preserves confidentiality while an employee is paid but kept away from work. | Coordinate with employment contract garden leave wording and access restrictions. | Both Parties | A sales director on garden leave loses access to live customer strategy documents. |
Relationship With Restrictive Covenants | Clarifies that confidentiality obligations are separate from non-compete or non-solicit restrictions. | Do not use confidentiality wording to create hidden restraints of trade. | Both Parties | A former employee may work for a competitor but cannot use confidential customer pricing. |
Core Clause | ||||
Independent Legal Advice | Allows the employee to obtain confidential legal advice about the NDA. | State that the employee may disclose the NDA and relevant facts to legal advisers. | Employee | An employee shares the NDA with a solicitor before signing. |
Context-Specific Clause | ||||
Medical, Counselling And Support Disclosures | Allows appropriate confidential disclosures to healthcare or support professionals. | Useful where the NDA relates to workplace complaints, stress, discrimination or settlement discussions. | Employee | An employee may discuss workplace events with a GP or counsellor. |
Optional Clause | ||||
Disclosures To Close Family Or Advisers | Permits limited confidential discussion with specified support persons. | Name permitted recipients and require them to keep the information confidential where appropriate. | Employee | An employee may discuss the NDA with a spouse for support, subject to confidentiality. |
Core Clause | ||||
No Waiver Of Statutory Employment Rights | Clarifies the NDA does not remove statutory employment rights unless lawfully settled. | Do not imply that ordinary NDA wording settles tribunal claims settlement agreements need specific legal requirements. | Employee | Signing a workplace NDA does not by itself waive an unfair dismissal claim. |
Discrimination And Harassment Reporting Carve-Out | Avoids using confidentiality to suppress discrimination or harassment reports. | Preserve rights to raise grievances, tribunal claims, regulatory reports and protected disclosures. | Both Parties | An employee can raise a sexual harassment complaint despite confidentiality wording. |
Context-Specific Clause | ||||
Settlement Agreement Interaction | Distinguishes an employment NDA from a statutory settlement agreement. | If settling employment claims, use a compliant settlement agreement with independent advice requirements. | Both Parties | A confidentiality clause in an NDA does not automatically settle discrimination claims. |
Without Prejudice And Protected Conversations | Manages confidentiality around settlement negotiations and pre-termination discussions. | Do not overstate protection exceptions can apply, including improper behaviour or claims outside section 111A. | Both Parties | A redundancy exit offer may be discussed confidentially but not used to hide discrimination. |
Core Clause | ||||
Compelled Disclosure By Law Or Court Order | Allows disclosure where legally required. | Require notice to the employer where lawful and practical, without obstructing legal duties. | Both Parties | An employee complies with a court order requiring disclosure of documents. |
Context-Specific Clause | ||||
HMRC And Tax Disclosures | Preserves lawful disclosures to HMRC or tax advisers. | Useful where compensation, bonuses, share schemes or payroll confidentiality are involved. | Both Parties | An employee may disclose relevant payment details to HMRC or a tax adviser. |
Legal Professional Privilege | Protects privileged legal advice and litigation communications. | Identify privileged materials and avoid accidental waiver through broad sharing. | Employer | An HR director must not circulate external counsel advice beyond authorised recipients. |
Monitoring And Audit Of Information Use | Allows lawful checks on access, copying or transmission of confidential information. | Ensure monitoring is transparent, proportionate and consistent with UK GDPR and employment privacy guidance. | Both Parties | The employer reviews download logs after suspicious CRM exports. |
Audit Trails And Access Logs | Supports detection and investigation of unauthorised access or disclosure. | Disclose logging practices in privacy notices and acceptable use policies. | Both Parties | Access logs show whether a leaving employee downloaded payroll files. |
Optional Clause | ||||
Confidentiality Training And Acknowledgement | Requires employees to understand and acknowledge confidentiality duties. | Use for regulated, data-heavy or high-risk roles keep records of training completion. | Both Parties | A new HR assistant completes confidentiality and data protection training. |
Context-Specific Clause | ||||
Secondments, Contractors And Agency Workers | Extends or coordinates confidentiality duties for non-standard workplace arrangements. | Check who is the contracting party and whether separate NDAs or client terms are needed. | Both Parties | An agency worker accessing payroll data signs compatible confidentiality terms. |
Regulated Role Disclosures | Preserves disclosures required or expected in regulated sectors. | Adapt for FCA, PRA, SRA, CQC, GMC, Ofsted or sector-specific reporting obligations. | Both Parties | A financial services employee may report misconduct through FCA whistleblowing channels. |
Core Clause | ||||
Health And Safety Disclosure Carve-Out | Confirms confidentiality does not prevent reporting health and safety risks. | Align with protected disclosure wording and sector reporting channels such as HSE. | Both Parties | A warehouse worker may report unsafe equipment to HSE or management. |
Context-Specific Clause | ||||
Safeguarding Disclosure Carve-Out | Ensures confidentiality does not block safeguarding reports. | Use in education, care, health, charities and roles involving children or vulnerable adults. | Both Parties | A care worker can report suspected abuse to the appropriate safeguarding authority. |
Pay Secrecy And Equality Discussions | Avoids invalid restrictions on relevant pay discussions for equality purposes. | Do not prohibit protected pay discussions intended to find out whether discrimination exists. | Both Parties | An employee may discuss pay to investigate possible sex discrimination. |
Optional Clause | ||||
Non-Disparagement Interaction | Separates confidentiality from limits on derogatory public comments. | Avoid wording that prevents protected disclosures, truthful evidence or regulatory complaints. | Both Parties | A former employee may be barred from hostile social posts but not from reporting wrongdoing. |
Entire Agreement | States that the NDA contains the full agreement on confidentiality. | Ensure it does not unintentionally override employment contract, handbook or IP provisions. | Both Parties | The NDA is read alongside, not instead of, the employment contract confidentiality clause. |
Context-Specific Clause | ||||
Priority Over Other Policies Or Agreements | Resolves inconsistencies between the NDA, employment contract and policies. | State which document prevails and preserve statutory carve-outs. | Both Parties | If a handbook permits wider disclosure than the NDA, the priority clause explains which applies. |
Optional Clause | ||||
Variation In Writing | Requires changes to the NDA to be made formally in writing. | Specify who may approve changes for the employer. | Both Parties | A manager's casual email does not waive confidentiality unless authorised. |
Core Clause | ||||
Severance | Keeps valid parts of the NDA effective if one part is unenforceable. | Draft narrowly severance may not rescue fundamentally unreasonable restrictions. | Both Parties | An excessive wording is removed while the core non-disclosure obligation remains. |
Optional Clause | ||||
No Waiver | Prevents delay or inaction from automatically giving up rights. | Use standard wording but avoid suggesting tolerance of repeated breaches is risk-free. | Both Parties | The employer can act on a later breach even if it overlooked a minor earlier breach. |
Context-Specific Clause | ||||
Assignment And Business Transfers | Allows confidentiality rights to transfer with the business where appropriate. | Coordinate with TUPE, corporate transactions and employee consultation where relevant. | Both Parties | Confidentiality obligations continue after a business sale to a new employer. |
Optional Clause | ||||
Notices | Sets how formal notices under the NDA must be given. | Include email, postal addresses and who receives breach notices after employment ends. | Both Parties | The employer sends a formal demand to return confidential documents by recorded post and email. |
Core Clause | ||||
Governing Law | States which country's law governs the NDA. | For UK use, specify England and Wales, Scotland or Northern Ireland as appropriate. | Both Parties | A London employer chooses the law of England and Wales for the NDA. |
Jurisdiction | Identifies which courts may hear disputes under the NDA. | Coordinate with governing law and cross-border employment arrangements. | Both Parties | The parties agree English courts can hear a claim for misuse of confidential information. |
Optional Clause | ||||
Dispute Resolution Escalation | Encourages internal escalation or mediation before litigation where suitable. | Preserve the right to seek urgent injunctive relief without delay. | Both Parties | A dispute about retained files is escalated to HR and legal before court action. |
Electronic Signature And Counterparts | Allows the NDA to be signed electronically or in separate copies. | Use clear execution blocks and confirm authority to sign for the employer. | Both Parties | A remote employee signs the NDA using an electronic signature platform. |
Context-Specific Clause | ||||
Consideration For Standalone NDA | Records what the employee receives in exchange for new confidentiality promises. | Important where the NDA is signed after employment starts consider deed execution or fresh consideration. | Both Parties | An existing employee signs a new NDA when promoted and given access to trade secrets. |
Execution As A Deed | Supports enforceability where consideration may be uncertain. | Use proper deed wording, witnessing and delivery requirements for individuals. | Both Parties | A senior hire signs the NDA as a deed before receiving sensitive acquisition documents. |
Optional Clause | ||||
Employee Acknowledgement Of Sensitivity | Records that the employee understands the information is commercially sensitive. | Do not use exaggerated acknowledgements for routine information tailor to the role. | Employee | A finance director acknowledges access to unpublished results and investor materials. |
Context-Specific Clause | ||||
Need-To-Know Access | Limits access and sharing to those who need the information for work. | Use with access controls and internal classification rules. | Both Parties | Only HR and payroll staff may access redundancy selection scores. |
Optional Clause | ||||
Confidentiality Markings And Classification | Uses labels or categories to help employees identify protected information. | Do not make protection depend only on labels some unmarked information may still be confidential. | Both Parties | Board papers marked "Confidential" must be stored in restricted folders. |
Context-Specific Clause | ||||
Oral Confidential Information | Protects sensitive information disclosed verbally in meetings or calls. | State whether oral disclosures must be confirmed in writing or are protected if obviously confidential. | Employee | A CEO tells a manager about a confidential acquisition during a private call. |
Optional Clause | ||||
Residual Knowledge | Addresses whether general skills and memory can still be used after employment. | Avoid allowing use of trade secrets distinguish general know-how from specific confidential information. | Both Parties | A former engineer may use general coding skills but not memorised secret algorithms. |
Employee Personal Information And Property | Clarifies that the NDA does not claim ownership of the employee's personal materials. | Useful where personal devices, portfolios or pre-existing materials are involved. | Employee | A designer keeps pre-existing portfolio work but not confidential client concepts. |
Context-Specific Clause | ||||
Prior Knowledge And Pre-Existing Materials | Separates employer confidential information from materials known or owned before employment. | Ask employees to identify pre-existing IP or confidential obligations at the start. | Both Parties | A new developer lists an open-source library created before joining. |
No Misuse Of Former Employer Information | Prevents the employee bringing or using a previous employer's confidential information. | Useful for competitor hires avoid encouraging breach of previous obligations. | Both Parties | A new salesperson must not upload a former employer's customer list. |
Core Clause | ||||
Public Domain Exception | Removes protection once information becomes public through no breach by the employee. | Make clear the exception does not apply if the employee caused the public disclosure unlawfully. | Both Parties | Published annual accounts are not confidential, but leaked draft accounts remain confidential. |
Optional Clause | ||||
Anonymised Or Aggregated Information | Explains whether anonymised or aggregated information remains restricted. | Ensure anonymisation is effective and does not permit re-identification or commercial misuse. | Both Parties | An analyst may share aggregated survey trends but not identifiable employee responses. |
Context-Specific Clause | ||||
Use Of AI Tools And External Platforms | Prevents unauthorised uploading of confidential information to AI or external tools. | Specify approved tools, input restrictions, personal data rules and output handling. | Employee | An employee must not paste unreleased contract terms into a public AI chatbot. |
Cloud Storage And File Sharing | Controls storage and transfer of confidential information using cloud services. | Name approved platforms and prohibit personal cloud accounts unless authorised. | Employee | An employee must use the company SharePoint, not a personal Dropbox folder. |
International Transfers Of Information | Controls sharing confidential or personal data outside the UK. | Address UK GDPR transfer rules, overseas group access and client location requirements. | Both Parties | An employee must not send HR data to an overseas affiliate unless approved. |
Retention Of Confidential Records | Sets how long confidential records may be kept and when they must be deleted. | Align with legal retention duties, limitation periods and data minimisation principles. | Both Parties | HR keeps disciplinary records only for the retention period in its policy. |
Workplace Investigation Confidentiality | Protects sensitive information during grievance, disciplinary or misconduct investigations. | Do not prevent witnesses from seeking advice, reporting wrongdoing or using statutory rights. | Both Parties | Witnesses are asked not to discuss an ongoing bullying investigation except with advisers. |
Optional Clause | ||||
Disciplinary And Grievance Outcome Confidentiality | Protects sensitive outcomes and personal data in workplace processes. | Balance transparency, appeal rights, legal advice and data protection duties. | Both Parties | HR limits disclosure of a grievance outcome to those who need to know. |
What Clauses Matter Most In A UK Employment NDA?
Core clauses should clearly define confidential information, permitted use, exclusions, return or deletion of materials, duration, remedies and governing law. These provisions make the NDA easier to understand, easier to administer and more likely to be useful if a dispute arises.
How Should UK Employment NDAs Deal With Whistleblowing?
A UK employment NDA should not suggest that an employee is prevented from making a protected disclosure. Clauses dealing with whistleblowing, regulators, criminal conduct, legal advice and statutory rights are important because confidentiality wording that is too broad can be misleading and risky.
When Are Extra Clauses Needed?
Context-specific clauses are most useful where the employee has access to sensitive assets such as trade secrets, source code, customer lists, pricing models, personal data, invention records or strategic plans. Extra clauses may also be needed for remote working, BYOD, garden leave, settlement discussions, international group companies or regulated roles.
What Should Employers Avoid When Drafting An Employment NDA?
- Avoid vague definitions such as all information about the business without practical limits or exclusions.
- Avoid durations that are longer than necessary for ordinary confidential information, while preserving indefinite protection for genuine trade secrets where appropriate.
- Avoid clauses that appear to stop reporting to regulators, law enforcement, HMRC, the FCA, the ICO or making protected disclosures.
- Avoid using an NDA as a substitute for properly drafted intellectual property, data protection, restrictive covenant or disciplinary provisions.
Want to Generate Your own Employment Non-Disclosure Agreement?
Docaro AI can help you write your own Employment Non-Disclosure Agreement for use in the United Kingdom in minutes.
FAQs
Common clauses in a UK employment NDA include confidentiality obligations, definition of confidential information, permitted disclosures, exclusions, return of company property, duration, remedies, and governing law.
Show All FAQs
You Might Also Be Interested In
Explore United Kingdom employment NDA use cases for protecting workplace secrets, staff data, and confidential business information.
Explore key categories of confidential information in United Kingdom employment NDAs and why they matter for workplace protection.