NDA (Non-Disclosure Agreement)/CDA (Confidential Disclosure Agreement)

The contract, which is widely used in the IT industry, has become increasingly prevalent in Serbia in the transitional period. In order to protect the business interests of your company, the data confidentiality agreement has multiple meanings (hereinafter: NDA agreement). An NDA is an agreement between at least two parties to protect confidential information, knowledge, or material that the parties share with each other but want to restrict access to third parties. Thus, the party that discloses its confidential information is the provider and the party to whom the information is disclosed is the recipient of the information. This is an example of a unilateral NDA agreement. It is possible for such a contract to be bilateral, in which each party discloses some of its confidential information. An NDA contract can be concluded between two (or more legal entities), but also between a future employer and an employee. It is therefore necessary to specify in the contract whether it is a bilateral or unilateral NDA contract.

Since the goal of this contract is to protect information that is confidential for at least one contracting party, the moment of its conclusion is of great importance. Already during the first negotiations regarding the conclusion of a deal, that is, a contract, the parties find themselves in a situation to reveal information that is confidential in nature. It is precisely for this reason that it is important to protect your interests even in the negotiation phase.

What is important to know when drafting an NDA? First of all, it is necessary to define exactly what information is considered confidential and how the recipient can manage it ( use it ). This term should not be set too broadly, first of all due to the need to clearly specify contractual provisions in order to avoid different interpretations or, ultimately, abuse. Then, the possible consequences of data confidentiality violations, compensation for damages, etc. depend on the definition of what exactly is considered confidential information. Therefore, when drafting the contract itself, it is necessary to determine exactly which data the parties want to protect, i.e. make it inaccessible to third parties. These can be algorithms, computer programs, source codes, customer data, trade secret, etc. When you have defined what is considered confidential information, you should also predict how the recipient of the information can use it, but determine the time for which the given data will be considered confidential (for example, till the end of a contract period or without a time limit). In certain situations, it is necessary for the information to be “protected” for the duration of the work, that is, until the end of a project, so it is advisable to foresee that the obligation to keep data confidential lasts until the termination of the contract or several years. While on the other hand, we also have situations when, by nature, data is kept as confidential indefinitely (codes, computer processes, product formula, etc.). According to the needs and nature of the work, the parties will determine the duration of data confidentiality, which is significant from the point of view of the duration of the obligation. If the subject of the confidentiality agreement is a marketing strategy or e.g. financial balance, such data lose their “value” over time, and the need for their confidentiality ceases.

The NDA agreement can also contain provisions on the cases in which confidential data can be used or must be discovered. One example of this is an order from a court or other authority to disclose information previously agreed to be confidential, in which case the order must be complied with. From the practice so far, it has been shown to be very important that the contract foresees the obligation to compensate for damages in the event of a breach of data confidentiality: penalty agreement. This provision in itself is not sufficient to obtain compensation for possible damage, but it is necessary to prove the damage before the court. However, the penalty agreement has a double role, a psychological one for the contracting party who is obliged to keep confidential data, but also the fact that it facilitates the proof of damages in court.

In NDA contracts that have a foreign element (contracting parties have their business headquarters in different countries), the jurisdiction of the court can be determined, as well as the applicable law in the event of a dispute, which is certainly expedient and highly recommended for every contractor.

A parallel between the protection of intellectual property rights. Certain information that is the subject of an NDA may be concurrently copyrighted. Therefore, it does not represent an obstacle to additionally protect confidentiality with an NDA agreement in a specific business relationship. It is recommended for any person who has certain information that provides him with competitiveness on the market or for any other reason should remain inaccessible to debt, to protect himself through an NDA contract.

NDA agreements are one form of keeping data confidential, but they do not represent absolute protection, however, they give the owner of the data a legal basis for a lawsuit in case of abuse.

Author: Lana Nikolić, lawyer from Belgrade

Belgrade, 17.01.2023.

Leave a Reply

Your email address will not be published. Required fields are marked *