Types Of Confidential Information In Employee NDAs In The UK
Created:
Understanding the types of confidential information covered in employee NDAs helps UK employers and staff protect sensitive business data. This guide supports better drafting alongside an AI Generated British Non-disclosure Agreement (NDA).
Information category | Description | Typical confidentiality status | Disclosure impact | Common handlers |
|---|---|---|---|---|
Client or supplier information | ||||
Customer lists | Names, contact details, buying history and account notes for customers. | Usually confidential | High | Sales, account managers, customer success, marketing |
Commercial information, Client or supplier information | ||||
Customer contracts | Negotiated terms, service levels, discounts, renewal dates and liabilities. | Usually confidential | High | Legal, sales, account managers, finance |
Commercial information, Strategic information | ||||
Sales pipeline data | Prospects, deal stages, expected values, close dates and sales notes. | Usually confidential | High | Sales, business development, leadership |
Commercial information, Financial information | ||||
Pricing strategy | Rate cards, discount rules, margins and planned price changes. | Usually confidential | High | Sales, finance, commercial, leadership |
Commercial information, Operational information | ||||
Discounting policies | Internal approval thresholds, promotional limits and negotiation guidance. | Usually confidential | Medium | Sales, finance, commercial operations |
Client or supplier information, Operational information | ||||
Supplier lists | Approved suppliers, contacts, specialisms and relationship history. | May be confidential depending on context | Medium | Procurement, operations, finance, legal |
Client or supplier information, Commercial information | ||||
Supplier contract terms | Prices, rebates, exclusivity, credit terms and performance obligations. | Usually confidential | High | Procurement, legal, finance, operations |
Commercial information, Strategic information | ||||
Tender and bid documents | Bid pricing, solution design, win themes and evaluation assumptions. | Usually confidential | High | Bid teams, sales, legal, finance, technical leads |
Marketing plans | Campaign calendars, target audiences, budgets and launch messaging. | May be confidential depending on context | Medium | Marketing, product, sales, agencies |
Brand launch plans | Unannounced brand assets, launch dates, positioning and media plans. | Usually confidential | Medium | Marketing, leadership, product, external agencies |
Market research | Survey results, competitor analysis, customer insights and demand data. | May be confidential depending on context | Medium | Marketing, strategy, product, leadership |
Competitor intelligence | Lawfully gathered competitor pricing, positioning and sales tactics. | May be confidential depending on context | Medium | Strategy, sales, marketing, leadership |
Strategic information, Financial information | ||||
Business plans | Growth targets, budgets, risks, hiring plans and execution priorities. | Usually confidential | High | Directors, leadership, finance, strategy |
Strategic information, Financial information, Operational information | ||||
Board papers | Board packs, minutes, resolutions, risk papers and management reports. | Usually confidential | High | Directors, company secretariat, leadership, legal |
Strategic information, Financial information | ||||
Merger and acquisition plans | Potential targets, valuation work, due diligence and negotiation status. | Usually confidential | High | Directors, corporate development, finance, legal |
Strategic information, Operational information | ||||
Restructuring plans | Proposed redundancies, reorganisations, site closures and consultation plans. | Usually confidential | High | HR, leadership, legal, finance |
Financial information | ||||
Draft financial statements | Unaudited accounts, adjustments, notes and supporting schedules. | Usually confidential | High | Finance, auditors, directors, company secretariat |
Management accounts | Monthly performance reports, KPIs, variance analysis and cash position. | Usually confidential | High | Finance, leadership, department heads |
Financial information, Strategic information | ||||
Budgets and forecasts | Revenue forecasts, cost plans, headcount budgets and cash projections. | Usually confidential | High | Finance, leadership, department heads |
Financial information, Commercial information | ||||
Profit margins | Gross margins, contribution margins and product or client profitability. | Usually confidential | High | Finance, commercial, sales leadership, directors |
Financial information, Operational information | ||||
Payroll data | Salaries, tax codes, bank details, deductions and pay records. | Usually confidential | High | Payroll, HR, finance |
Operational information | ||||
Employee personal data | Addresses, contact details, HR records, appraisals and absence records. | Usually confidential | High | HR, line managers, payroll, legal |
Special category employee data | Health, disability, ethnicity, biometric, union or similar sensitive data. | Usually confidential | High | HR, occupational health, legal, managers |
Client or supplier information, Operational information | ||||
Customer personal data | Identifiable customer information held in CRM, support or billing systems. | Usually confidential | High | Customer service, sales, marketing, IT, finance |
Technical information | ||||
Source code | Human-readable software code, scripts, libraries and configuration files. | Usually confidential | High | Developers, DevOps, QA, technical leads |
Software architecture | System diagrams, data flows, components, APIs and integration designs. | Usually confidential | High | Engineering, architecture, security, product |
Algorithms and models | Proprietary logic, models, scoring methods and optimisation rules. | Usually confidential | High | Data science, engineering, research, product |
Technical information, Operational information | ||||
AI training data | Datasets, labels, prompts, evaluation sets and model tuning records. | May be confidential depending on context | High | Data science, engineering, product, compliance |
Technical information, Strategic information, Commercial information | ||||
Product roadmaps | Planned features, release dates, priorities and product strategy. | Usually confidential | High | Product, engineering, sales, leadership |
Technical information, Strategic information | ||||
Research and development plans | Experimental work, prototypes, test results and future technical concepts. | Usually confidential | High | R&D, engineering, product, leadership |
Inventions and patent plans | Unfiled inventions, patent drafts, claims, prototypes and filing strategy. | Usually confidential | High | R&D, engineering, legal, patent attorneys |
Technical information | ||||
Technical specifications | Design documents, tolerances, materials, performance criteria and schemas. | Usually confidential | High | Engineering, product, manufacturing, QA |
Technical information, Operational information | ||||
Manufacturing processes | Recipes, production steps, tooling settings and quality controls. | Usually confidential | High | Manufacturing, operations, QA, engineering |
Technical information | ||||
Recipes and formulas | Ingredient ratios, chemical formulas, blends and preparation methods. | Usually confidential | High | R&D, production, quality, technical teams |
Operational information, Technical information | ||||
Quality assurance procedures | Testing methods, defect thresholds, audit findings and corrective actions. | May be confidential depending on context | Medium | Quality, operations, engineering, compliance |
Technical information, Operational information | ||||
Security credentials | Passwords, access tokens, API keys, certificates and recovery codes. | Usually confidential | High | IT, security, DevOps, system administrators |
Cybersecurity plans | Security controls, incident plans, vulnerabilities and threat assessments. | Usually confidential | High | Security, IT, legal, leadership |
Network diagrams | Infrastructure maps, IP ranges, firewalls, servers and data routes. | Usually confidential | High | IT, security, DevOps, infrastructure teams |
Operational information, Technical information | ||||
Incident reports | Security, safety or data incidents, root causes and remediation actions. | Usually confidential | High | Security, compliance, legal, HR, operations |
Operational information | ||||
Internal policies | Non-public procedures, approvals, controls and staff guidance. | May be confidential depending on context | Low | HR, compliance, operations, managers |
Standard operating procedures | Step-by-step methods for internal workflows and service delivery. | May be confidential depending on context | Medium | Operations, managers, training, quality teams |
Training materials | Internal manuals, playbooks, scripts, examples and assessment materials. | May be confidential depending on context | Low | HR, learning, managers, operations |
Employee handbooks | Staff rules, benefits, procedures and workplace standards. | Usually not confidential unless specifically protected | Low | HR, managers, all employees |
HR disciplinary records | Investigation notes, allegations, warnings, outcomes and appeal records. | Usually confidential | High | HR, line managers, legal, investigators |
Grievance records | Complaints, witness evidence, findings, outcomes and appeal documents. | Usually confidential | High | HR, managers, legal, investigators |
Operational information, Strategic information | ||||
Recruitment plans | Vacancy pipelines, candidate lists, salaries and hiring priorities. | May be confidential depending on context | Medium | HR, recruiters, managers, leadership |
Financial information, Strategic information, Operational information | ||||
Remuneration strategy | Pay bands, bonus criteria, equity plans and salary review models. | Usually confidential | Medium | HR, payroll, finance, leadership |
Operational information, Strategic information | ||||
Legal advice and privileged material | Solicitor advice, litigation strategy, privileged emails and legal risk analysis. | Usually confidential | High | Legal, directors, HR, compliance, external lawyers |
Strategic information, Operational information | ||||
Litigation strategy | Claims analysis, settlement positions, evidence plans and witness strategy. | Usually confidential | High | Legal, directors, claims teams, external lawyers |
Operational information, Strategic information | ||||
Compliance investigation materials | Internal reports, allegations, evidence, findings and remediation plans. | Usually confidential | High | Compliance, legal, HR, internal audit |
Operational information, Financial information | ||||
Audit reports | Internal or external audit findings, control gaps and recommendations. | Usually confidential | Medium | Internal audit, finance, compliance, leadership |
Operational information, Strategic information | ||||
Risk registers | Key risks, ratings, controls, owners and mitigation plans. | Usually confidential | Medium | Risk, compliance, leadership, internal audit |
Financial information, Operational information | ||||
Insurance information | Policy terms, claim history, limits, premiums and broker advice. | May be confidential depending on context | Medium | Finance, legal, risk, operations |
Commercial information, Financial information, Operational information | ||||
Property and lease terms | Rent, break clauses, incentives, negotiations and site plans. | May be confidential depending on context | Medium | Facilities, finance, legal, leadership |
Operational information, Client or supplier information | ||||
Logistics and supply chain data | Routes, volumes, inventory levels, lead times and warehouse processes. | May be confidential depending on context | Medium | Operations, procurement, logistics, warehouse teams |
Operational information, Financial information | ||||
Inventory data | Stock levels, shortages, reorder points and warehouse locations. | May be confidential depending on context | Medium | Operations, warehouse, finance, procurement |
Operational information, Strategic information | ||||
Business continuity plans | Recovery priorities, contact trees, backup sites and continuity procedures. | Usually confidential | High | Operations, IT, security, leadership, facilities |
Technical information, Operational information | ||||
Disaster recovery information | Backup schedules, recovery procedures, RTOs, RPOs and failover details. | Usually confidential | High | IT, DevOps, security, operations |
Operational information, Strategic information | ||||
Environmental compliance data | Emissions data, audits, permits, incident logs and remediation plans. | May be confidential depending on context | Medium | Compliance, operations, facilities, legal |
Strategic information, Operational information | ||||
ESG strategy | Sustainability targets, governance plans, reporting drafts and supplier actions. | May be confidential depending on context | Medium | ESG, compliance, leadership, procurement |
Financial information, Strategic information | ||||
Unannounced financial results | Pre-release revenue, profit, trading updates and market-sensitive figures. | Usually confidential | High | Finance, directors, investor relations, legal |
Inside information | Precise non-public information likely to significantly affect securities prices. | Usually confidential | High | Directors, finance, investor relations, legal |
Commercial information, Technical information, Strategic information | ||||
Trade secrets | Secret commercially valuable information protected by reasonable secrecy steps. | Usually confidential | High | R&D, leadership, engineering, commercial teams |
Operational information | ||||
Whistleblowing reports | Protected disclosures about wrongdoing, regulatory breaches or public interest risks. | May be confidential depending on context | High | HR, compliance, legal, senior managers |
Operational information, Technical information | ||||
Data protection breach data | Breach facts, affected data, risk assessment and notification decisions. | Usually confidential | High | DPO, legal, IT, security, compliance |
CCTV and monitoring data | Workplace recordings, access logs, monitoring alerts and audit trails. | Usually confidential | Medium | Security, HR, facilities, IT, managers |
Technical information, Operational information | ||||
Access logs | System, building or application logs showing user access and activity. | Usually confidential | Medium | IT, security, facilities, compliance |
Technical information | ||||
API documentation | Endpoints, parameters, schemas, authentication details and usage limits. | May be confidential depending on context | Medium | Developers, product, support, partners |
Databases and schemas | Database structures, tables, fields, relationships and stored procedures. | Usually confidential | High | Data engineers, developers, DBAs, analysts |
Commercial information, Operational information, Strategic information | ||||
Analytics reports | Usage trends, conversion data, customer segments and performance dashboards. | May be confidential depending on context | Medium | Data, marketing, product, leadership |
Client or supplier information, Operational information | ||||
Customer support records | Tickets, complaints, call notes, chat logs and resolution history. | Usually confidential | Medium | Customer support, account managers, QA, product |
Complaints data | Customer complaints, investigation notes, outcomes and compensation decisions. | Usually confidential | Medium | Customer service, compliance, legal, managers |
Commercial information, Client or supplier information | ||||
Partner information | Channel partner terms, joint plans, lead sharing and performance data. | Usually confidential | Medium | Partnerships, sales, legal, finance |
Commercial information, Operational information | ||||
Franchise information | Franchise manuals, performance data, territory plans and operational standards. | Usually confidential | High | Franchise managers, operations, legal, finance |
Client or supplier information, Financial information | ||||
Donor data | Donor identities, giving history, contact preferences and campaign notes. | Usually confidential | High | Fundraising, finance, CRM administrators, marketing |
Client or supplier information, Operational information | ||||
Patient or service-user information | Health, care, treatment, safeguarding or case management information. | Usually confidential | High | Healthcare staff, care teams, case workers, administrators |
Operational information | ||||
Safeguarding records | Concerns, referrals, risk assessments and protective action records. | Usually confidential | High | Designated safeguarding leads, HR, managers, legal |
Operational information, Client or supplier information | ||||
Pupil or student records | Education records, attendance, assessments, wellbeing and contact details. | Usually confidential | High | Teachers, administrators, safeguarding leads, IT |
Commercial information, Technical information | ||||
Designs and creative assets | Unreleased artwork, CAD files, packaging, copy and campaign assets. | May be confidential depending on context | Medium | Design, marketing, product, agencies |
Commercial information, Strategic information | ||||
Unpublished manuscripts or media | Draft books, scripts, recordings, edits and release schedules. | Usually confidential | High | Publishing, production, marketing, legal |
Client or supplier information, Operational information | ||||
Client-provided source materials | Documents, datasets, credentials or assets supplied by clients for work. | Usually confidential | High | Project teams, account managers, consultants, legal |
Client or supplier information, Commercial information | ||||
Draft consultancy deliverables | Draft reports, findings, models, recommendations and client presentations. | Usually confidential | Medium | Consultants, analysts, project managers, partners |
Strategic information, Operational information | ||||
PR crisis plans | Holding statements, media lines, escalation lists and response strategy. | Usually confidential | Medium | PR, communications, legal, leadership |
Commercial information, Strategic information | ||||
Press embargo information | Unpublished announcements, embargo dates, media briefings and quotes. | Usually confidential | Medium | Communications, PR agencies, leadership, legal |
Financial information, Strategic information | ||||
Investor relations materials | Draft announcements, investor decks, analyst notes and fundraising updates. | Usually confidential | High | Directors, finance, investor relations, legal |
Fundraising plans | Investor targets, valuation, pitch decks, term sheets and cash runway. | Usually confidential | High | Founders, directors, finance, legal, advisers |
Capitalisation table | Shareholdings, options, investment rounds, dilution and investor rights. | Usually confidential | Medium | Founders, finance, legal, company secretariat |
Tax strategy and records | Tax filings, advice, computations, disputes and planning assumptions. | Usually confidential | Medium | Finance, tax, directors, external accountants |
Financial information | ||||
Banking information | Account numbers, mandates, facilities, covenants and treasury arrangements. | Usually confidential | High | Finance, treasury, directors, payroll |
Financial information, Client or supplier information | ||||
Payment card data | Cardholder data, payment references, merchant records and transaction logs. | Usually confidential | High | Finance, payments, IT, customer service |
Commercial information, Operational information | ||||
Procurement strategy | Sourcing plans, negotiation tactics, supplier scoring and savings targets. | Usually confidential | Medium | Procurement, finance, legal, operations |
Supplier selection criteria | Evaluation weightings, scoring models, shortlists and approval notes. | Usually confidential | Medium | Procurement, operations, legal, finance |
Operational information | ||||
Occupational health records | Fitness reports, adjustments, medical advice and health assessment notes. | Usually confidential | High | HR, occupational health, managers, legal |
Health and safety incident data | Accident reports, witness accounts, investigations and corrective actions. | May be confidential depending on context | Medium | H&S, HR, operations, legal, managers |
Operational information, Strategic information | ||||
Regulatory correspondence | Letters, notices, enquiries and responses involving regulators. | Usually confidential | High | Compliance, legal, leadership, operations |
Client or supplier information, Financial information, Operational information | ||||
Regulated financial services information | Client files, suitability records, compliance reviews and conduct reports. | Usually confidential | High | Advisers, compliance, operations, legal |
Client or supplier information, Operational information | ||||
Anti-money laundering records | CDD checks, risk assessments, monitoring records and suspicious activity notes. | Usually confidential | High | Compliance, MLRO, legal, finance, client teams |
Sanctions screening data | Screening matches, risk decisions, licences and reporting records. | Usually confidential | High | Compliance, finance, legal, client onboarding |
Technical information, Operational information | ||||
Export control information | Controlled technology, licence applications, end users and shipment details. | Usually confidential | High | Export control, legal, logistics, engineering |
Operational information, Technical information, Strategic information | ||||
Government security-classified information | Official, secret or top secret information handled under UK classifications. | Usually confidential | High | Cleared staff, project teams, security, legal |
Technical information, Operational information, Strategic information | ||||
Defence project information | Defence designs, requirements, security controls and project deliverables. | Usually confidential | High | Engineering, programme teams, security, legal |
Operational information | ||||
General skill and know-how | Employee experience, memory, general methods and professional judgement. | Usually not confidential unless specifically protected | Low | All employees |
Commercial information | ||||
Publicly available information | Information already public through websites, filings, releases or media. | Usually not confidential unless specifically protected | Low | Marketing, sales, leadership, all employees |
Operational information, Commercial information | ||||
Anonymised aggregated data | Summarised data that no longer identifies individuals or specific clients. | May be confidential depending on context | Low | Data, analytics, marketing, product |
Operational information, Technical information | ||||
Pseudonymised data | Personal data processed so identifiers are kept separately. | Usually confidential | Medium | Data, IT, compliance, research teams |
Technical information | ||||
Encryption keys | Private keys, key stores, seed phrases and cryptographic secrets. | Usually confidential | High | Security, DevOps, IT, platform engineers |
Technical information, Operational information | ||||
Cloud infrastructure configuration | Cloud architecture, IAM settings, storage rules and deployment scripts. | Usually confidential | High | DevOps, security, IT, platform teams |
What Types Of Information Should A UK Employee NDA Protect?
A well-drafted UK employee confidentiality agreement should identify the business information that would realistically cause harm if disclosed, such as customer lists, pricing models, product roadmaps, source code, financial forecasts, trade secrets, tender strategy, and internal security information. Categories that are already public, obvious, or too broad are less reliable unless the agreement explains why they are confidential in the employment context.
Which Confidential Information Needs Extra Care Under UK Law?
- Personal data should be handled consistently with the UK GDPR and Data Protection Act 2018, especially where employee records, customer databases, health data, or payroll details are involved.
- Trade secrets should be limited to information that is secret, has commercial value because it is secret, and is subject to reasonable steps to keep it secret under the Trade Secrets Regulations 2018.
- Inside information for listed companies requires particular control because market-sensitive disclosure may trigger UK market abuse issues.
- Whistleblowing disclosures cannot lawfully be prevented by an NDA where they are protected disclosures under the Employment Rights Act 1996.
How Specific Should An Employee Confidentiality Agreement Be?
The dataset shows that the strongest NDA categories are concrete and role-specific: for example, sales staff may handle customer pipelines and pricing, developers may handle source code and architecture diagrams, and finance staff may handle forecasts and margins. A UK employee NDA is usually more useful when it gives examples by department instead of relying only on a wide phrase such as all company information.
What Should Employers Avoid Treating As Confidential?
Employers should avoid using confidentiality wording to cover information that is public, already known to the employee outside work, or part of the employee’s general skill and experience. NDAs should also preserve statutory rights, regulatory reporting, legal advice disclosures, and protected whistleblowing.
Want to Generate Your own Non-Disclosure Agreement?
Docaro AI can help you write your own Non-Disclosure Agreement for use in the United Kingdom in minutes.
FAQs
Common types include trade secrets, client lists, pricing, financial data, product plans, software code, processes, marketing strategies, supplier details, and personal data handled during employment.
Show All FAQs
You Might Also Be Interested In
Compare UK employee NDA clauses to understand confidentiality terms, obligations, exclusions, and enforcement considerations.
Explore United Kingdom employee roles and key confidentiality considerations for clearer workplace NDA planning.
Find out if you need an employee confidentiality agreement in the United Kingdom to protect business secrets and sensitive data.
Learn what a United Kingdom employee confidentiality agreement should include, from protected information to duties and exclusions.