NDA Risk Check (Before You Sign)
NDA Risk Check: Red Flags to Spot Before You Sign
An NDA should do one job: protect confidential information without quietly restricting your business or creating impossible obligations. This NDA risk check highlights common red flags and gives you example scripts to request cleaner terms—fast.
Primary CTA: Get the “Before You Sign” Pack
Secondary CTA: Download the Free Checklist
How to use this page (60 seconds)
- Skim the NDA once for purpose, term, and who can receive information.
- Check the red flags below.
- If you hit 2+ red flags, slow down. Use the scripts and consider legal review.
The 7 NDA red flags (preview)
1) “Confidential Information” is defined as “everything”
Why it matters: You can breach accidentally by normal business activity.
Example script:
“Can we define Confidential Information as information marked confidential (or reasonably understood to be confidential) and limited to the stated purpose of disclosure?”
2) Standard exclusions are missing
Why it matters: Exclusions protect you from unrealistic obligations.
Example script:
“Can we add standard exclusions (public info, already known, independently developed, or received lawfully from a third party)?”
3) Confidentiality lasts forever for everything
Why it matters: Perpetual obligations increase long-tail risk.
Example script:
“Can we set a reasonable confidentiality term for general business information, while keeping trade secrets protected as long as they remain trade secrets?”
4) Purpose / permitted use is vague or missing
Why it matters: The “use” clause controls what you can do.
Example script:
“Let’s add a clear Purpose clause and limit use strictly to that purpose.”
5) Sharing rules are impractical (or too loose)
Why it matters: You either can’t operate or information spreads too far.
Example script:
“Can we allow disclosure to employees/contractors/advisors on a need-to-know basis, provided they’re bound by confidentiality obligations?”
6) Return/destruction requirements are unrealistic
Why it matters: Backups and record-retention are normal.
Example script:
“Can we allow retention of archival/backup copies created in the ordinary course and copies required by law, with confidentiality continuing?”
7) Hidden non-compete / non-solicit language slipped in
Why it matters: NDAs shouldn’t restrict competition—only disclosure.
Example script:
“We can agree to confidentiality, but we can’t agree to non-compete language inside an NDA. Please remove that section.”
US↔Canada watch-outs (short preview)
If the other party is in a different country, clarify: where information is stored, who can access it (including subcontractors), and whether extra security obligations are realistic.
When to escalate (pause and get legal review)
Escalate if the NDA involves:
- source code, inventions, or core IP
- a residuals clause you can’t remove
- heavy audit/security requirements
- non-compete/non-solicit restrictions
- very large counterparties with one-sided remedies
CTA section
Want the complete NDA toolkit (fillable Deal Snapshot, full scorecard, and a full script library with A/B/C fallback options)?
Button: Get the “Before You Sign” Pack
FAQ
Is this legal advice? No—educational information only.
Is a mutual NDA always better? Not always; it depends on who is disclosing meaningful confidential info.
Can I just use AI to review an NDA? AI can summarize, but it won’t reliably match your risk tolerance and may mishandle sensitive info. Also, you may not know if the AI is giving you good good information. You don't know, what you don't know.