Non-Disclosure Agreement (Unilateral) Kenya
NON-DISCLOSURE AGREEMENT (UNILATERAL)
Law of Contract Act Cap. 23 | Data Protection Act No. 24 of 2019
THIS NON-DISCLOSURE AGREEMENT ("Agreement") is made on [Agreement Date].
BETWEEN:
(1) [Disclosing Party Name], of [Disclosing Party Address], KRA PIN: [Disclosing Party KRA PIN] (the "Disclosing Party"); and
(2) [Receiving Party Name], of [Receiving Party Address], KRA PIN: [Receiving Party KRA PIN] (the "Receiving Party").
This Agreement is unilateral — only the Receiving Party is bound by the confidentiality obligations herein.
BACKGROUND
The Disclosing Party wishes to disclose certain confidential information to the Receiving Party for the Permitted Purpose (as defined below). The Receiving Party agrees to receive that information and to keep it confidential on the terms set out in this Agreement.
1. PERMITTED PURPOSE
1.1 The Disclosing Party discloses Confidential Information to the Receiving Party solely for the following purpose: [Permitted Purpose] (the "Permitted Purpose").
1.2 The Receiving Party shall use the Confidential Information exclusively for the Permitted Purpose and for no other purpose whatsoever without the Disclosing Party's prior written consent.
2. DEFINITION OF CONFIDENTIAL INFORMATION
2.1 "Confidential Information" means all information disclosed by the Disclosing Party to the Receiving Party — whether orally, in writing, electronically, or by demonstration — that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including: [Confidential Info Description].
2.2 Where this Agreement covers personal data ([Includes Personal Data]), "Confidential Information" includes all personal data as defined in Section 2 of the Data Protection Act No. 24 of 2019.
2.3 Confidential Information does not include information that: (a) is or becomes publicly available without breach of this Agreement; (b) was known to the Receiving Party before disclosure; (c) is received from a third party without restriction; or (d) is independently developed by the Receiving Party without reference to the Disclosing Party's information.
2.4 Disclosure required by the Kenya Revenue Authority (KRA), the Office of the Data Protection Commissioner (ODPC), the Central Bank of Kenya (CBK), or any court of competent jurisdiction is permitted, provided the Receiving Party notifies the Disclosing Party promptly in writing before such disclosure.
3. CONFIDENTIALITY OBLIGATIONS
3.1 The Receiving Party undertakes to: (a) hold all Confidential Information in strict confidence; (b) use the Confidential Information solely for the Permitted Purpose; (c) not disclose the Confidential Information to any third party without the Disclosing Party's prior written consent; (d) restrict access to the Confidential Information to its employees, directors, or professional advisers with a strict need to know, who are bound by equivalent confidentiality obligations; and (e) implement reasonable technical and organisational security measures to protect the Confidential Information against unauthorised access, loss, or destruction.
3.2 Duration: The obligations in this Clause 3 shall continue for [Confidentiality Period]. Obligations relating to trade secrets shall survive indefinitely. Obligations relating to personal data shall survive until the personal data is securely destroyed or returned.
4. DATA PROTECTION
4.1 Where the Confidential Information includes personal data, the Receiving Party shall comply with the Data Protection Act No. 24 of 2019 as a data processor under Section 35 and shall: (a) process personal data only on the Disclosing Party's documented instructions; (b) implement appropriate technical and organisational security measures under the ODPC Data Protection (General) Regulations 2021; (c) assist the Disclosing Party in responding to data subject rights requests; and (d) notify the Disclosing Party of any personal data breach within 72 hours of discovery.
5. RETURN OR DESTRUCTION
5.1 On written demand by the Disclosing Party or on completion of the Permitted Purpose, the Receiving Party shall, within [Return Deadline], return or securely destroy all documents, digital files, and copies containing Confidential Information and confirm compliance in writing.
6. REMEDIES
6.1 The Receiving Party acknowledges that breach of this Agreement will cause irreparable harm to the Disclosing Party for which monetary damages alone are an inadequate remedy. The Disclosing Party is entitled to seek urgent injunctive relief, an account of profits, and delivery up of materials from [Dispute Forum] without proof of actual financial loss.
6.2 Nothing in this Clause 6 limits any other remedy available to the Disclosing Party under the Law of Contract Act Cap. 23 or the equitable jurisdiction of the High Court of Kenya under Section 3 of the Judicature Act Cap. 8.
7. GOVERNING LAW AND DISPUTE RESOLUTION
7.1 This Agreement is governed by the laws of Kenya. Any dispute arising from or relating to this Agreement shall be referred to [Dispute Forum], sitting in [Governing City], under the Arbitration Act No. 4 of 1995 (revised 2022) where applicable.
IN WITNESS WHEREOF, the Parties have executed this Non-Disclosure Agreement on the date first written above.
Disclosing Party
________________
Signature
Receiving Party
________________
Signature
Witness
________________
Signature
What Is a Non-Disclosure Agreement (Unilateral) Kenya?
A Non-Disclosure Agreement (Unilateral) in Kenya obliges the receiving party to keep the disclosing party's proprietary information secret. It restricts disclosure and use of designated confidential information between the disclosing and receiving parties.
The Law of Contract Act Cap. 23 incorporates received English contract law applicable in Kenya under Section 3 of the Judicature Act Cap. 8, meaning the principles of offer, acceptance, consideration, intention to create legal relations, and certainty of terms govern the validity of the unilateral NDA. Consideration in a unilateral NDA where no payment is made flows from the underlying business relationship — employment, a vendor contract, an investment evaluation — or from a nominal payment of KES 100. Kenyan courts consistently hold that a commercial context supplies sufficient consideration to support the confidentiality obligation.
Kenya's Data Protection Act No. 24 of 2019, enforced by the Office of the Data Protection Commissioner (ODPC), overlays an additional statutory duty of confidence wherever the disclosed information includes personal data — names, national identification numbers, KRA PINs, financial records, health information, or other data relating to identifiable individuals. Section 35 of the Data Protection Act requires a written data processing agreement whenever a data controller shares personal data with a data processor. A unilateral NDA that covers personal data should incorporate these requirements to confirm the receiving party's data handling complies with both the contractual and statutory frameworks.
In practice, the unilateral NDA is the most widely used confidentiality instrument in Kenyan business. Employers use it during recruitment — candidates and new hires gain access to proprietary business information before their employment contracts are signed. Technology companies in Nairobi's Silicon Savannah use it to protect source code, product roadmaps, and algorithms when briefing development partners, consultants, or integration testers. Startups seeking funding from venture capital funds or angel investors registered with the Capital Markets Authority (CMA) use it to protect their financial models, customer acquisition strategies, and intellectual property during due diligence. Government contractors bidding on procurement tenders regulated by the Public Procurement and Asset Disposal Act No. 33 of 2015 use it when sub-contractors receive access to tender documentation and client data.
The unilateral NDA is distinct from the employment confidentiality clause — which is embedded within the Employment Contract under the Employment Act No. 11 of 2007 — and from the full mutual confidentiality agreement used in joint ventures and partnerships. It stands as a standalone instrument providing targeted, one-directional protection from the moment the disclosing party first shares information, before any broader commercial agreement is finalised. Kenyan courts, applying Section 3 of the Judicature Act Cap. 8 and the equitable duty of confidence received from English equity, will enforce a unilateral NDA as both a contract and an equitable obligation.
When Do You Need a Non-Disclosure Agreement (Unilateral) Kenya?
A Kenya Unilateral NDA is needed in every situation where one party discloses sensitive information to another party and needs contractual assurance that the recipient will not misuse or disclose that information before, during, or after the relevant transaction or relationship.
The Unilateral NDA is needed before investor pitches and fundraising — when a Kenyan startup or established business presents its financial model, product roadmap, customer acquisition data, or proprietary technology to a potential investor, venture capital fund, or private equity firm. Without a signed unilateral NDA, the recipient has no contractual obligation to keep the disclosed information confidential or to refrain from using it to fund a competing business.
The Agreement is needed when engaging freelancers, consultants, and independent contractors — software developers, marketing consultants, financial modellers, and business analysts — who require access to proprietary systems, databases, or processes to perform their services. The unilateral NDA should be signed before access is granted, creating a binding obligation that survives the termination of the service contract.
The Unilateral NDA is required during employment onboarding — before a new employee receives access to client lists, pricing structures, trade secrets, or proprietary processes. While the Employment Contract under the Employment Act No. 11 of 2007 may include a confidentiality clause, a standalone unilateral NDA signed on the first day of employment provides stronger and more detailed protection.
The Agreement is needed in vendor and supplier relationships — when a business shares product specifications, manufacturing processes, supply chain data, or pricing models with a potential supplier to enable the supplier to quote or tender. In Kenya's agricultural export, pharmaceutical, and fast-moving consumer goods (FMCG) sectors, production formulas and supply arrangements represent significant commercial value requiring contractual protection.
The Unilateral NDA is needed in technology licensing negotiations — when a software company, fintech firm regulated by the Central Bank of Kenya (CBK), or insurtech company shares its platform architecture, API documentation, or integration specifications with a potential licensee or distribution partner. In these situations, only the technology owner discloses sensitive information, making the unilateral structure the correct choice.
Parties in Kenya should prepare a Non-Disclosure Agreement (Unilateral) Kenya proactively rather than waiting for a dispute to arise. Courts interpret agreements based on the written terms rather than oral representations. Under the Companies Act No. 17 of 2015, the Registrar of Companies at the Office of the Attorney General maintains the register of Kenyan companies. Section 3 of the Law of Contract Act (Cap. 23) governs contractual obligations. The Competition Authority of Kenya (CAK) enforces the Competition Act No. 12 of 2010. The Kenya Revenue Authority (KRA) administers corporate tax under the Income Tax Act (Cap. 470). The High Court of Kenya has unlimited original jurisdiction under Article 165 of the Constitution of Kenya 2010. Where the transaction involves regulated activities, prior approval from the relevant authority may be required before execution.
What to Include in Your Non-Disclosure Agreement (Unilateral) Kenya
A Kenya Unilateral Non-Disclosure Agreement under the Law of Contract Act Cap. 23 must include the following essential provisions to be legally complete and enforceable.
Parties: Full legal names, physical addresses, and KRA PINs of the disclosing party and the receiving party. If either party is a company registered under the Companies Act No. 17 of 2015, include the BRS Company Registration Number. The disclosing party is the owner of the confidential information; the receiving party is the sole party bound by confidentiality obligations.
Definition of Confidential Information: A thorough definition covering all information disclosed by the disclosing party in any form — oral, written, digital, visual, or demonstrated — that is designated confidential or that a reasonable person would understand to be confidential given its nature. The definition should expressly include trade secrets, business plans, financial projections, customer and supplier lists, pricing structures, technical specifications, source code, algorithms, personnel records, and any personal data as defined in Section 2 of the Data Protection Act No. 24 of 2019.
Exclusions: Standard carve-outs for information that was already in the public domain before disclosure; entered the public domain through no fault of the receiving party; was independently developed by the receiving party without reference to the disclosed information; was received from a third party under no restriction; or must be disclosed pursuant to a court order, a KRA audit, a CBK supervisory requirement, or a directive from the ODPC.
Permitted Purpose: A precise statement of the business purpose for which the disclosure is made — e.g., evaluation of a proposed software development engagement, assessment of a supply agreement, or due diligence for a proposed investment. Use of confidential information for any other purpose is a breach of the Agreement.
Obligations of the Receiving Party: The receiving party must hold all confidential information in strict confidence; use it only for the permitted purpose; not disclose it to any third party without the disclosing party's prior written consent; restrict access to authorised personnel on a strict need-to-know basis; confirm all authorised personnel are bound by equivalent obligations; and implement technical and organisational security measures appropriate to the sensitivity of the information.
Data Protection Compliance: Where the disclosed information includes personal data, the receiving party must comply with Section 35 of the Data Protection Act No. 24 of 2019 — processing only on documented instructions, implementing security measures consistent with the ODPC Data Protection (General) Regulations 2021, and notifying the disclosing party of any personal data breach within 72 hours.
Duration: The confidentiality obligation period — typically 2 to 5 years for commercial information, indefinitely for genuine trade secrets, and for the full retention period for personal data under the Data Protection Act No. 24 of 2019.
Return or Destruction: An obligation to return or securely destroy all confidential materials within a specified number of days on demand or on the termination of the permitted purpose, with written confirmation of compliance.
Remedies and Governing Law: Acknowledgement that breach will cause irreparable harm entitling the disclosing party to seek urgent injunctive relief from the High Court of Kenya or the Nairobi Centre for International Arbitration (NCIA) under the Arbitration Act No. 4 of 1995 (revised 2022). Governing law is the laws of Kenya. Forms-legal.com provides this Unilateral NDA as a practical, Kenya-specific template for businesses, entrepreneurs, and individuals protecting sensitive commercial information at the start of any business relationship.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Non-Disclosure Agreement (Unilateral) Kenya (Kenya) [Legal document template]. Forms Legal. https://forms-legal.com/kenya/business/contracts/non-disclosure-agreement-unilateral-kenya
"Non-Disclosure Agreement (Unilateral) Kenya (Kenya)." Forms Legal, 2026, https://forms-legal.com/kenya/business/contracts/non-disclosure-agreement-unilateral-kenya.
@misc{formslegal-non-disclosure-agreement-unilateral-kenya,
author = {{Forms Legal}},
title = {Non-Disclosure Agreement (Unilateral) Kenya (Kenya)},
year = {2026},
howpublished = {\url{https://forms-legal.com/kenya/business/contracts/non-disclosure-agreement-unilateral-kenya}},
note = {Free legal document template}
}Also available for these jurisdictions:
Frequently Asked Questions
A Unilateral NDA in Kenya binds only the receiving party to confidentiality obligations — the disclosing party retains the right to use and share its own information freely. A Mutual NDA (also called a bilateral NDA) binds both parties because both parties are disclosing confidential information to each other, such as in a joint venture negotiation or a technology partnership where each party shares proprietary systems with the other. Under the Law of Contract Act Cap. 23, both forms are equally enforceable, but the unilateral structure is the appropriate choice when the information flow is one-directional — for example, a startup pitching to an investor, an employer briefing a new hire, or a technology company sharing its platform architecture with a potential integration partner. Choosing a mutual NDA when only one party is actually disclosing confidential information creates unnecessary obligations on the disclosing party and can complicate the agreement's interpretation in the High Court of Kenya if a dispute arises.
Yes. Under the Law of Contract Act Cap. 23, consideration for a Unilateral NDA in Kenya does not require a monetary payment. Courts applying received English contract law under Section 3 of the Judicature Act Cap. 8 consistently hold that consideration in a commercial unilateral NDA flows from the underlying transaction — the employment relationship, the vendor engagement, the investment evaluation, or the technology licensing negotiation — in which the receiving party benefits from the disclosed information. In employment contexts, the receiving party's salary and the opportunity of employment together constitute sufficient consideration for the confidentiality obligation under the Employment Act No. 11 of 2007. Where the unilateral NDA is entirely standalone with no related transaction, a nominal payment of KES 100 stated in the agreement will supply adequate consideration and remove any doubt about enforceability. Including a recital that acknowledges the commercial context and the mutual benefit of the disclosure strengthens the agreement's enforceability in any dispute before the High Court of Kenya or the Nairobi Centre for International Arbitration (NCIA).
The appropriate duration for a Unilateral NDA in Kenya depends on the nature of the information being protected and the commercial context. For general business information — pricing structures, client lists, marketing plans, and financial projections — a period of 2 to 5 years from the date of disclosure is standard in Kenyan commercial practice and reflects the commercial lifespan of such information. For genuine trade secrets — proprietary software algorithms, manufacturing processes, pharmaceutical formulas, and fintech platform architectures — an indefinite obligation is appropriate, as the Law of Contract Act Cap. 23 and Kenyan equity (received under Section 3 of the Judicature Act Cap. 8) will protect trade secrets for as long as they remain secret and retain commercial value. In employment contexts, the Employment and Labour Relations Court (ELRC) has consistently upheld post-employment confidentiality obligations of 2 to 3 years covering client information and trade secrets, provided the restriction does not amount to an unreasonable restraint of trade under Section 87 of the Employment Act No. 11 of 2007. For personal data disclosed under the Data Protection Act No. 24 of 2019, the confidentiality obligation must continue for the entire period that the receiving party retains the personal data — a fixed expiry date that would permit disclosure of personal data is void to the extent it conflicts with the Data Protection Act.
If the receiving party breaches a Unilateral NDA in Kenya, the disclosing party has several remedies available. First, injunctive relief: the disclosing party may apply on an urgent basis — ex parte if necessary — to the High Court of Kenya (Commercial Division) for an interim injunction under Order 40 of the Civil Procedure Rules to immediately restrain further disclosure or use of the confidential information. Kenyan courts apply the balance of convenience test and will grant interim injunctions where there is a serious question to be tried and the balance of convenience favours restraint. Second, damages for breach of contract under the Law of Contract Act Cap. 23, compensating the disclosing party for proven financial losses caused by the breach — lost business opportunities, lost profits, and costs of remediation. If the agreement includes a liquidated damages clause specifying a pre-agreed sum for breach, that amount may be recovered without proving specific loss, provided the sum is a genuine pre-estimate of damage and not a penalty under Kenyan law. Third, an account of profits in equity — requiring the receiving party to disgorge any profit derived from misuse of the confidential information. Fourth, delivery up and destruction of all confidential materials. Where the breach involves personal data, the ODPC may impose administrative penalties of up to KES 5,000,000 under Section 71 of the Data Protection Act No. 24 of 2019.
A Unilateral NDA in Kenya does not require witnessing, notarisation, or stamping to be legally binding under the Law of Contract Act Cap. 23 — a signed written agreement between two competent parties with agreed terms and consideration is fully enforceable without any additional formalities. Witnessing is recommended as a best practice because it prevents the receiving party from later denying that they signed the document, which can occur with electronic or hard-copy signatures. Notarisation by a Commissioner for Oaths in Kenya (under the Commissioners for Oaths Act Cap. 11) creates a more formal record of execution and is advisable where the confidential information is of high commercial value. If the NDA is to be used in a cross-border transaction or if either party is a foreign entity, an apostille issued by the High Court Registrar under Kenya's accession to the Hague Convention in 2021 makes the document recognised in all 124 Hague Convention member states. Stamp duty is not applicable to confidentiality agreements in Kenya under the Stamp Duty Act Cap. 480, so no duty or stamping is required to make the agreement admissible in Kenyan courts.
Yes. Electronic signatures on a Unilateral NDA are legally valid in Kenya under the Kenya Information and Communications Act (KICA) Cap. 411A and the Electronic Transactions Act No. 9 of 2017, which give electronic signatures the same legal force as handwritten signatures provided the signature method reliably identifies the signatory and indicates their approval of the document. DocuSign, Adobe Sign, and equivalent platforms producing a verifiable electronic signature and audit trail satisfy the Electronic Transactions Act No. 9 of 2017 requirements. Email exchange confirming agreement to the terms of a Unilateral NDA may also constitute a binding electronic contract under the Act, though a formal signed document is preferable for evidentiary purposes in the High Court of Kenya. For sensitive commercial NDAs involving high-value intellectual property, financial models, or personal data covered by the Data Protection Act No. 24 of 2019, a qualified electronic signature with identity verification is advisable to meet the evidential standard required in arbitration proceedings before the Nairobi Centre for International Arbitration (NCIA) under the NCIA Arbitration Rules 2015.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
Confidentiality Agreement (Kenya)
A Kenya Confidentiality Agreement (mutual or one-way) protecting trade secrets, business information, and personal data, compliant with the Law of Contract Act Cap. 23 and the Data Protection Act No. 24 of 2019.
Employment Contract (Kenya)
A Kenya Employment Contract setting out terms and conditions of employment, compliant with the Employment Act No. 11 of 2007, NSSF Act 2013, SHIF Act 2024, and the Housing Levy obligations.
Investment Agreement (Kenya)
A Kenya Investment Agreement governing equity or debt investment in a Kenyan company, compliant with the Capital Markets Act Cap. 485A, Companies Act No. 17 of 2015, and Capital Markets (Securities) (Public Offers, Listing and Disclosures) Regulations 2002.