Non-Disclosure Agreement (NDA)
Template — South Africa

This section provides a comprehensive, layered definition of what constitutes confidential information under the agreement. It covers trade secrets (formulas, processes, algorithms, source code), business information (financial records, business plans, pricing strategies, customer and supplier lists), technical information (designs, specifications, prototypes, research data), and any other proprietary information disclosed in writing, orally, or through observation. Critically, it also sets out the standard exclusions recognised by South African courts: information that is or becomes publicly available through no fault of the receiving party, information already known to the receiving party before disclosure, information independently developed without reference to confidential information, and information received from a third party without breach of any obligation of confidence.

Sets out the core duties of the party receiving confidential information. The receiving party must hold all confidential information in strict confidence, use it only for the stated purpose (the "permitted purpose"), restrict access to authorised personnel on a need-to-know basis, implement reasonable security measures to prevent unauthorised access or disclosure, and not copy or reproduce confidential information except as reasonably necessary for the permitted purpose. The standard of care required is typically at least the same degree of care the receiving party applies to its own confidential information, but in no event less than a reasonable standard. This section also addresses the receiving party's vicarious liability for breaches by its employees, agents, or subcontractors.

Defines the narrow circumstances in which disclosure of confidential information is permitted without constituting a breach. These include disclosure to the receiving party's professional advisors (attorneys, auditors, tax consultants) who are bound by their own professional confidentiality obligations, disclosure to employees and directors who need access for the permitted purpose and who have signed individual confidentiality undertakings, and disclosure required by law, regulation, or court order — subject to the obligation to provide the disclosing party with prior written notice (where legally permissible) so that the disclosing party may seek a protective order or other remedy. Under Section 69 of the Companies Act 71 of 2008, certain disclosures may also be required to regulatory bodies such as CIPC.

Specifies the period during which confidentiality obligations remain in force. For general business information, obligations typically apply for a defined period of two to five years from the date of disclosure. For trade secrets — information that derives its economic value from being secret and is subject to reasonable measures to maintain its secrecy — obligations continue indefinitely for as long as the information retains its character as a trade secret. South African courts have upheld perpetual confidentiality obligations for genuine trade secrets, recognising that their value depends entirely on their secrecy. The section also addresses the survival of obligations beyond termination or expiry of the agreement itself.

Imposes obligations on the receiving party to return or destroy all confidential information upon termination of the agreement, expiry of the permitted purpose, or upon written request from the disclosing party. This includes physical documents, electronic files, copies, summaries, analyses, and any materials derived from confidential information. The receiving party must provide a written certification of destruction signed by an authorised representative. The section includes practical exceptions for copies retained in automated backup systems or as required by law or regulatory obligations, provided these retained copies remain subject to the confidentiality obligations for the duration of their retention.

Clarifies that no disclosure of confidential information under the NDA grants the receiving party any licence, ownership, or other intellectual property rights in the disclosed information. All intellectual property rights remain with the disclosing party or the relevant rights holder. This is critical under the South African Copyright Act 98 of 1978, where the first owner of copyright is generally the author — without an express reservation, a receiving party might argue that disclosure implied a licence to use the information commercially. The section also addresses the prohibition on reverse engineering, decompilation, or analysis of disclosed materials to derive trade secrets.

Addresses the intersection of confidentiality and data protection where the confidential information includes personal information as defined in Section 1 of POPIA. The section establishes which party is the responsible party and which is the operator (if applicable), imposes POPIA-compliant security measures under Section 19, requires breach notification in accordance with Section 22, and addresses cross-border transfer restrictions under Section 72. Where the NDA involves the sharing of databases, customer lists, or employee records containing personal information, these provisions ensure both parties meet their statutory obligations to the Information Regulator and affected data subjects.

Prevents the receiving party from using confidential information to solicit the disclosing party's employees, clients, or suppliers, or to circumvent the disclosing party in business opportunities that were the subject of the confidential disclosure. In the context of potential acquisition or investment discussions, this clause prevents a party from using disclosed customer lists or supplier contracts to approach those relationships directly. Under South African common law, restraint of trade principles (as established in Magna Alloys and Research (SA) (Pty) Ltd v Ellis) apply — the clause must be reasonable in scope and duration to be enforceable.

Acknowledges that a breach of confidentiality obligations may cause irreparable harm that cannot be adequately compensated by monetary damages alone, and provides for a range of remedies. The disclosing party may seek an urgent interdict (injunction) from the High Court to prevent further disclosure — South African courts have a well-established procedure for urgent applications under Uniform Rule 6(12). The section also provides for contractual damages, agreed penalty clauses (enforceable under the Conventional Penalties Act 15 of 1962), and the right to claim consequential damages where the breach causes quantifiable financial loss. The inclusion of a pre-estimated damages clause can expedite enforcement by avoiding the need to prove actual loss.

Makes clear that the NDA does not obligate either party to disclose any particular information or to proceed with any transaction, partnership, or business relationship. This is essential in the pre-contractual context where NDAs are commonly used — it preserves each party's freedom to walk away from negotiations without liability, consistent with the South African common law principle that there is no duty to negotiate in good faith absent an express contractual commitment. The disclosing party retains sole discretion over what information to share and when.

Specifies that the agreement is governed by the laws of the Republic of South Africa and establishes the dispute resolution process. Given the urgent nature of most confidentiality breaches, the template provides for the right to approach the High Court for urgent interim relief (interdicts) while establishing mediation followed by binding arbitration under the Arbitration Foundation of Southern Africa (AFSA) rules as the primary mechanism for substantive disputes. This dual-track approach ensures that time-sensitive breaches can be addressed immediately through the courts while the underlying dispute is resolved through cost-effective, confidential arbitration rather than protracted public litigation.