Non-Disclosure Agreement (India)

A Non-Disclosure Agreement in India protects sensitive commercial information by restricting how the recipient may use or pass on what is disclosed.

In India, NDAs derive their legal force from the Indian Contract Act 1872, which is the primary statute governing contracts. Confidential information that meets the criteria of a trade secret may also receive protection under the common law of confidence recognised by Indian courts. Where the confidential information includes digital data or personal information, the Information Technology Act 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 impose additional security and handling obligations.

A critical drafting consideration in India is Section 27 of the Indian Contract Act 1872, which provides that every agreement in restraint of trade is void. Indian courts have consistently held that a reasonable confidentiality obligation does not constitute a restraint of trade. However, an NDA must be carefully scoped to avoid any clause that could be characterised as preventing the receiving party from carrying on their lawful business or profession. NDAs with reasonable scope, duration, and defined categories of protected information are routinely upheld by Indian courts and arbitral tribunals.

India NDAs commonly include an arbitration clause governed by the Arbitration and Conciliation Act 1996, which provides for confidential, efficient dispute resolution — an important feature given that court litigation in India can be prolonged.

The legal framework governing the Non-Disclosure Agreement (India) in India draws on several key statutes and regulatory bodies. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Parties executing a Non-Disclosure Agreement (India) in India should confirm the document reflects current law, including any amendments enacted since the original drafting date. The Indian Contract Act, 1872 (Section 27) sets the foundational requirements.

You need an India NDA before sharing any commercially sensitive, proprietary, or personal information with a third party in the Indian context. The agreement should be signed before any disclosure takes place, as information shared before the NDA is signed may not be protected.

You need this agreement during business negotiations with a potential partner, investor, distributor, or joint venture collaborator where you need to share financial projections, business plans, technology details, or customer data to evaluate the opportunity. Without an NDA, the receiving party has no contractual obligation of confidence.

You need this agreement when engaging consultants, contractors, or advisors who will have access to proprietary systems, data, processes, or client information. This is particularly important in the Indian IT and technology sector where source code, algorithms, and database architectures represent significant commercial value.

You need this agreement in the context of mergers, acquisitions, or investments, where due diligence requires the sharing of highly sensitive financial, operational, legal, and personnel information. An NDA is invariably the first document signed in any M&A process in India.

You also need this agreement where the shared information includes personal data or sensitive personal data of Indian residents (as defined under the SPDI Rules 2011), to confirm the receiving party is contractually bound to comply with the IT Act 2000 and applicable data protection requirements.

Parties in India should prepare a Non-Disclosure Agreement (India) proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.

A thorough India NDA should contain the following key elements.

Parties: Full legal names, addresses, and PAN numbers of both parties. For companies, the CIN should also be included.

Effective Date: The date on which the agreement comes into force — information shared before this date is not protected unless the NDA expressly covers prior disclosures.

Type of Agreement: Specify whether the NDA is unilateral (one party discloses only) or mutual (both parties may disclose). A mutual NDA is appropriate where both parties will share sensitive information, such as in a joint venture negotiation.

Definition of Confidential Information: A clear, broad but reasonable definition of what constitutes protected information, including technical data, financial information, business plans, client lists, trade secrets, and software. The definition should note whether information needs to be marked as confidential or whether context of disclosure determines its status.

Standard Exclusions: Information that is or becomes publicly available, was already known to the receiving party, is independently developed without use of the protected information, or is required to be disclosed by law or regulatory authority.

Obligation of Confidence: The receiving party's core obligation to keep information confidential, use it only for the stated purpose, limit access to those with a need to know, and implement reasonable security measures.

Confidentiality Period: The duration of the obligation. In India, courts have upheld 2–5 year periods; the period should be specified clearly.

Return and Destruction: The obligation to return or destroy confidential information on request or termination.

Remedies: Acknowledgement of irreparable harm and the right to seek injunctive relief.

Arbitration: Dispute resolution by arbitration under the Arbitration and Conciliation Act 1996, with specified seat and number of arbitrators.

Governing Law: Laws of India, with jurisdiction of courts in the specified state as a backstop.

Judicial framework on restraint of trade and negative covenants: The enforceability of an India NDA cannot be considered in isolation from the Supreme Court's foundational ruling in Niranjan Shankar Golikari v. Century Spinning and Manufacturing Co. Ltd. AIR 1967 SC 1098. In that case, the Court held that a negative covenant restraining an employee from working for a competitor during the currency of the employment contract was not void under Section 27 of the Indian Contract Act 1872, because it was reasonable in scope and limited to the contract period. The Court drew a sharp distinction between post-termination restraints — which are generally void under Section 27 — and in-term restraints, which are enforceable if proportionate. For NDAs, this means that a confidentiality obligation that effectively prevents the receiving party from carrying on their business or profession after termination will be read down or struck down by Indian courts, while an obligation limited to the period of the commercial relationship and tied to genuinely proprietary information will be upheld. Section 73 of the Indian Contract Act 1872 additionally entitles the disclosing party to compensation for any loss or damage directly caused by breach of the NDA — not remote loss. Drafters should confirm the NDA's confidentiality period and scope are calibrated to protect legitimate interests without crossing into unreasonable restraint.

Additional compliance elements for a Non-Disclosure Agreement (India) used in India include: Under Indian law, the Indian Contract Act 1872 governs contractual obligations, with Section 10 setting essential requirements for valid agreements. The Companies Act 2013 regulates corporate entities through the Registrar of Companies (ROC) and Ministry of Corporate Affairs (MCA). The Industrial Disputes Act 1947 and state labour commissioners govern employment disputes. The Information Technology Act 2000 and IT (Reasonable Security Practices) Rules 2011 protect personal data. The Income Tax Act 1961 and Goods and Services Tax Act 2017 govern tax obligations through the Central Board of Direct Taxes (CBDT) and GST Council. Forms-legal.com provides this template as a starting point for India-compliant documentation.

A Non-Disclosure Agreement (India) fails most often not because it was never signed but because it was drafted with one or more of the following errors — each of which has led to unenforceable obligations or lost trade secret protection in Indian courts and arbitral proceedings.

1. Overly broad or undifferentiated definition of confidential information. An NDA that defines 'confidential information' as 'everything discussed between the parties' gives courts no workable standard for what is actually protected. Indian courts, following the principle in Section 73 of the Indian Contract Act 1872, require the disclosing party to demonstrate what specific information was protected and what loss its disclosure caused. A precise, category-based definition — financial projections, source code, customer lists, clinical data — is both more enforceable and more credible.

2. Post-termination restraint drafted as an indefinite obligation. Section 27 of the Indian Contract Act 1872 renders void any agreement in restraint of trade. An NDA that purports to prevent the receiving party from using general industry knowledge for life, or from working in their field after the engagement ends, risks being struck down as a disguised non-compete. The Supreme Court in Niranjan Shankar Golikari v. Century Spinning AIR 1967 SC 1098 confirmed that post-termination restrictions require especially careful scoping. Confidentiality periods of two to five years after termination, limited to genuinely proprietary information, are the safer approach.

3. No carve-out for compelled disclosure. Every NDA must allow the receiving party to disclose information when required by law, court order, or regulatory authority — provided the receiving party gives the disclosing party prompt notice and cooperates in seeking a protective order. Without this carve-out, the receiving party faces an impossible conflict between contractual obligation and legal duty, and the NDA itself may be challenged as contrary to public policy under Section 23 of the Indian Contract Act 1872.

4. Mutual NDA used when obligations are asymmetric. A mutual NDA implies equivalent obligations on both sides. Where one party is the sole discloser — such as a startup sharing its technology with a prospective investor — a unilateral NDA is more appropriate and avoids the risk that the disclosing party inadvertently accepts confidentiality obligations it did not intend.

5. Failing to include IT Act 2000 and SPDI Rules compliance obligations. Where the confidential information includes personal data of Indian residents — employment records, health data, financial data — the receiving party must comply with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011. An NDA that omits this obligation leaves the disclosing party exposed to regulatory liability and civil claims from data subjects.

6. Absence of an injunctive relief clause. Damages under Section 73 of the Indian Contract Act 1872 are the default remedy for breach of contract, but damages may be inadequate where the confidential information has already been disclosed to third parties. An express acknowledgment that breach will cause irreparable harm and that the disclosing party is entitled to seek injunctive relief under Order 39 of the Code of Civil Procedure 1908 — without having to prove actual damage — strengthens the remedy available in court.

7. No return or destruction obligation on termination. Without a return/destruction clause, confidential documents, electronic files, and copies remain with the receiving party after the commercial relationship ends. A clear obligation to return all tangible materials and certify the deletion of electronic copies, with a specific deadline, prevents inadvertent or deliberate retention of protected information.

8. Missing arbitration clause in high-value transactions. Indian court proceedings for NDA breaches can take years, during which the confidential information continues to be used or disseminated. An arbitration clause under the Arbitration and Conciliation Act 1996 — specifying the seat (Mumbai, Delhi, or another major centre), the number of arbitrators, and the institutional rules (MCIA, DIAC, or ICC) — enables faster interim relief under Section 17 of the Act and a final award within months rather than years.

9. NDA signed after disclosure has already occurred. Any information shared before the NDA is signed is not protected by the subsequent agreement unless the NDA expressly provides that it covers prior disclosures and specifies a look-back date. Parties frequently begin discussions informally before engaging lawyers; a well-drafted NDA should always include a retroactive coverage clause to capture preliminary exchanges.

10. Witness formality overlooked for evidentiary strength. While an NDA under Indian law does not require notarisation or registration, executing the agreement before a witness — ideally with each party initialling every page — significantly strengthens its evidentiary weight in any subsequent dispute. Courts and arbitral tribunals place higher reliance on documents that show a clear chain of custody and contemporaneous authentication.