NDA Contract



In some segments of business, data confidentiality is as important as the quality of the product/service, or as the financial result or the profit share. Sometimes the key of business development is based on confidentiality of business data, and business secrets, when the future of business is entirely based on these methods. Some big companies decide to rather save their business secrets, software codes, industrial solutions, and other, through the institute of trade secrets, and concluding strict NDA contracts, rather than through patent protection having in mind its time limitations. Before you engage in a business relationship with a third party, you must protect your business data as well as your business visions so that they are not publicly available, regardless of the type of contract you want to conclude, such as employment contracts, business-technical cooperation contracts, or consulting contracts. NDA contracts have shown to be quite efficient for data protection if they are well composed and if they have high penalties in case of their violation.

Firstly, it is important to determine what is a business secret, what constitutes confidential data, their legal treatment, the relationship between business secrets and an unfair business match, as well as all possibilities that the law and practice state.

Before concluding confidentiality/NDA contracts, that is the implementation of the NDA clauses in contracts, it is important to foresee all the necessary elements, which includes the possibility of concluding a contract penalty. The right to compensation for the caused damages depends on the NDA contracts.


Today almost every business engagement and negotiations precede the signing of so called NDA contracts (Non-Disclosure Agreement) that are meant to secure the protection of confidential data between the contracting parties. Regardless of the fact that NDA contracts are standard contracts and a lot of companies sign them, to most of the business entities they are unknown and because of that the level of data protection is low, and there are mistakes with their conclusion.

First of all, we need to explain what do we consider as protected data? Protected data is the data that the provider has proclaimed as confidential, regardless of the way they are disclosed to their recipient (verbally, in writing in material or electronic forms). The form they are in doesn`t diminish the data to be considered as confidential.

The term confidential data can be used for data about technology, such as computer codes, databases, software solutions, apps, hardware, data about business plans, and strategies, including unpublished financial information about inflows, profit, and revenues. Confidential data can also be data the data about clients, work-engaged persons, and their professional characteristics etc.

In some legal relationships, confidentiality is implied by legal regulations that oblige the recipient to keep the data private, for example, attorneys in their practice or personal data processing. However, when the data in question refers to business data, then in many cases the confidentiality must be regulated with a contract, and the data which are meant to be protected must be determined.

With all of the above mentioned, NDA contracts also regulate the treatment of the data after termination, as well as the disclosure of data to business partners and related parties from the main contract (return of the documentation in physical form, deleting of the data). We have to distinguish the difference between NDA contracts and Data processing contracts. Data processing contracts regulate the relationship between the controllers and processors of the data that is being processed and which must contain a confidentiality clause.


The confidentiality of the data is regulated by a contract in case of securing the secrecy of the data or prevention of their exposure and abuse by third parties. NDA contracts can closely rely on the primary contract that is the contract with which the parties enter into a business relationship and define their rights and obligations, as well as determining in what manner each of them must handle the data that is considered as confidential. If that is the case, NDA contracts are considered as an attachment to the main contract. It is important to indicate that the effect of the NDA contract can be extended even after the termination of the primary contract. In addition, if they want even more security, contracting parties can be obligated to keep the data in question secret even after the termination of business cooperation.

NDA contracts are also concluded without а prior concluded primary contract that is in phases of business negotiation, business offers or other. In that case, the party which is considered to be the recipient of the data must be aware of the consequences of their reviling to third parties, for which the NDA is being concluded.

For example, if by sending a business offer for providing services to a potential bidder you must show your procedures and technical solutions on which you have to work on in order to improve them, regardless if the offer will be accepted, the investor must sign a confidentiality contract before getting the information about the scope of work and the preparation of the offer.

The regulation of rights and obligations by NDA contracts is most common in the IT sector, including the engagement of legal persons as associates, as well as engagement of natural personas as labor workers and freelancers. In practice it is common that the party that gives the confidential data insists that their partner concludes a specific confidentiality contract with their employees, which means that he guarantees the protection of data in the business in question which includes the exchange of sensitive and important data.

If the data is exposed and it leads to damages, or if their unlawful taking brings benefits to third parties, the owner, besides the compensation for damages, has a contractual penalty as an additional sanction to the party that allows the information to be disclosed. Contractual penalty can be much more efficient, having in mind the difficulty to prove and determine the damages before the competent authority.

Bearing in mind the importance of the protected data for any legal persons, the law has regulated a specific institute of confidential data – business secret, and stated the necessary elements and detailed rights and obligations, as well as protection before competent authorities.       


The primary claim that the legal owner can make is the right to compensation for damages. The owner of the business secret can sue for damages the person who violated the business secret, that is knew or had to know that the business secret has been illegally obtained, used or reviled. The damage can be material or immaterial depending on if the damage is caused on the owner’s assets or other goods, or even personal.

Material damage can be common damage, which consists of direct reduction of the owner’s assets or profit lost which consists of profit that the owner should have expected but was prevented. The court will take all circumstances into consideration, as well as negative economic consequences that have affected the owner of the business secret that is the licensee and also estimate which injury is in question.

As for the right to compensation for the immaterial damage, the Law of contract and torts states that the right to compensation due to an insult of honor, fear, physical or emotional pain belongs only to natural persons. On the other hand, this rule and its personal effect is softened by the Trade law, which allows some subjects (persons who carry out trade activities) to claim immaterial damages, but not in the name of emotional pain due to insults, but due to unfair market competition. 

Unfair competition represents actions of traders or service providers which are aimed at their competitors and with which the codex of good business are broken and which causes damages by obtaining, using and reviling business secrets without a prior consent of the owner with a goal of diminishing the competitors business position. Therefore, the court will give the rightful compensation for the immaterial damage if it is determined that the duration, goal and intensity of the violation and its effects to the prosecutor, the importance of the violated goods, the goal served by that compensation, as well as ensuring that the compensation is with its nature and social purpose.


With the right to compensation for damages, the owner of the business secret can also require the following measures:  

  • determining the existence of a violation;
  • termination of the violation, depending on the case, the ban of using or disclosing of the business secret;
  • destruction of all documents or document parts, objects, materials, substances or electronic documents that contain business secrets or which themselves represent a business secret, or in other case, hand over documents, objects, materials, substances or electronic documents in parts or in whole;
  • banning the production, offering or using the goods that caused the violation;
  • banning the import, export or storage of goods that have been violated for the purposes of production, offering or use of the goods;
  • removing the properties form the goods that make them the goods by which the trade secret was violated;
  • destruction of the goods that caused the violation;
  • withdraw of the goods from the market that caused the violation, provided that the withdrawal of the goods does not jeopardize the protection of the business secret to which the lawsuit relates.

In addition to the listed measures that can be requested, the owner of a business secret can file a lawsuit against the person who is a potential threat to illegally acquire, use or revile the business secret and with a lawsuit request a ban for acquisition, use or revile of the business secret.