Is an NDA legally binding in South Africa?

Yes. An NDA is a valid and enforceable contract under South African common law, provided the standard requirements for a valid contract are met: there must be consensus (offer and acceptance), the parties must have legal capacity, the terms must be lawful, performance must be possible, and any formalities required by law must be observed. No specific legislation governs NDAs - they are enforced under general contract law principles.

How long should an NDA last?

There is no fixed rule, but most NDAs in South Africa run for two to five years from the date of disclosure. The appropriate duration depends on the nature of the information: trade secrets and proprietary technology may justify longer periods (or even indefinite protection), while commercial negotiations may only need 12 to 24 months. Courts are more likely to enforce time-limited NDAs, as indefinite obligations may be considered unreasonable.

Can I be sued for breaking an NDA?

Yes. Breaching an NDA exposes the offending party to a contractual damages claim. The disclosing party can sue for actual financial losses caused by the breach. In many cases, the NDA will also entitle the disclosing party to seek an urgent interdict (injunction) from the High Court to prevent further disclosure. Some NDAs include penalty clauses that specify a predetermined amount payable upon breach.

Do I need an NDA for employees?

It depends. Employees already owe a common-law duty of good faith to their employer during the employment relationship, which includes an implied obligation not to disclose confidential information. However, this duty ends when employment terminates. A standalone NDA or confidentiality clause in the employment contract extends protection beyond the employment period and clearly defines what constitutes confidential information, making enforcement far easier.

What information can be excluded from an NDA?

Standard exclusions include: information that was already in the public domain at the time of disclosure; information that becomes public through no fault of the receiving party; information the receiving party already possessed before disclosure; information independently developed without reference to the confidential material; and information required to be disclosed by law, regulation, or court order. These exclusions are essential for the NDA to be considered reasonable.

Can an NDA prevent whistleblowing?

No. The Protected Disclosures Act 26 of 2000 (PDA) protects employees who disclose information about unlawful or irregular conduct by their employer. An NDA cannot override this statutory protection. Any clause that attempts to prevent a protected disclosure would be unenforceable. Similarly, disclosures required by law, regulation, or court order cannot be restricted by an NDA.

Is an electronic NDA valid?

Yes. The Electronic Communications and Transactions Act 25 of 2002 (ECTA) gives legal recognition to electronic signatures and electronic agreements in South Africa. An NDA signed electronically - whether via a simple electronic signature or an advanced electronic signature - is as enforceable as a paper document, provided the parties consented to transacting electronically.

What remedies are available for NDA breach?

The primary remedies are: (1) contractual damages - the disclosing party can claim proven financial losses; (2) an interdict (injunction) - the court can order the breaching party to stop disclosing or using the information; (3) specific performance - the court can compel compliance with the NDA terms; and (4) penalty clauses - if the NDA includes a penalty provision, the agreed amount becomes payable. In urgent cases, an interim interdict can be obtained on an expedited basis.

GuideBusiness

Non-Disclosure Agreements (NDAs) in South Africa: When, Why, and How

Learn when you need an NDA, what makes it enforceable under South African law, and the key clauses every confidentiality agreement must include.

Read the Guide Back to Resources

By My-Contracts Legal Team, Legal Content|7 March 2026|11 min read

The Basics

What Is a Non-Disclosure Agreement?

A Non-Disclosure Agreement (NDA) - also called a confidentiality agreement or secrecy agreement - is a legally binding contract in which one or more parties agree not to disclose confidential information they have received or will receive from another party. The NDA creates a confidential relationship between the parties and establishes clear boundaries around what information is protected, how it may be used, and what happens if those boundaries are breached.

NDAs are one of the most widely used commercial agreements in South Africa. They appear in virtually every business context where sensitive information changes hands. Common scenarios include:

Investor discussions - a startup shares its business plan, financial projections, and proprietary technology with potential investors before a funding round.
Employment relationships - an employer gives employees access to trade secrets, customer lists, pricing strategies, and internal processes.
Mergers and acquisitions - both buyer and seller exchange sensitive financial, operational, and legal information during due diligence.
Partnerships and joint ventures - collaborating businesses share proprietary methodologies, client data, and commercial strategies.
Vendor and supplier engagement - a company shares specifications, designs, or manufacturing processes with third-party service providers or suppliers.

Without an NDA, the disclosing party has limited legal recourse if confidential information is leaked or misused. While South African common law provides some protection through the duty of good faith and the law of delict, these remedies are difficult to enforce without a clear contractual framework defining what is confidential and what obligations apply.

NDA Types

Types of NDAs: Mutual vs Unilateral

The right type of NDA depends on whether one or both parties are sharing confidential information.

Unilateral (One-Way) NDA

Only one party discloses confidential information, and the other agrees to keep it secret. This is the most common type, used when an employer shares trade secrets with an employee, a startup pitches to an investor, or a company engages a freelancer or consultant. The obligation to protect information flows in one direction only.

Employer-employee, investor pitch, outsourcing

Mutual (Two-Way) NDA

Both parties share confidential information with each other and both assume obligations to protect what they receive. This is standard in joint ventures, merger and acquisition negotiations, technology licensing discussions, and strategic partnerships where both sides bring proprietary information to the table.

Joint ventures, M&A discussions, partnerships

Multilateral NDA

Three or more parties are involved, and at least one discloses information to the others. Instead of executing multiple bilateral NDAs, a single multilateral agreement covers all parties. This reduces administrative burden and ensures consistent terms across the group.

Consortium deals, multi-party projects

Which type do you need?

If you are sharing information with a service provider, employee, or consultant and they are not sharing anything proprietary in return, use a unilateral NDA. If both parties are exchanging sensitive information - such as in a potential partnership, merger, or technology collaboration - use a mutual NDA. Mutual NDAs signal equal commitment and are generally preferred in arm's-length commercial negotiations.

Essential Terms

Key Clauses Every NDA Must Include

A well-drafted NDA is only as strong as its clauses. These are the provisions that determine whether your agreement will hold up in a South African court.

Definition of Confidential Information

The single most important clause. It must clearly and specifically define what constitutes confidential information - whether by category (trade secrets, financial data, customer lists, business plans, source code) or by marking requirement (all information marked 'Confidential'). Overly broad definitions risk being struck down as unreasonable; overly narrow definitions leave gaps in protection.

Obligations of the Receiving Party

Specifies what the receiving party must do (and not do) with the information. Typical obligations include: using the information only for the stated purpose, restricting access to employees and advisors on a need-to-know basis, implementing reasonable security measures, and not reverse-engineering products or processes.

Exclusions from Confidentiality

Defines information that falls outside the NDA's protection. Standard exclusions cover information already in the public domain, information independently developed by the receiving party, information already known before disclosure, and information received from a third party without restriction. These exclusions are essential for reasonableness.

Term and Duration

Sets the period during which confidential information may be disclosed (the 'disclosure period') and the period during which obligations survive after disclosure ends (the 'survival period'). Most South African NDAs specify a survival period of two to five years. Trade secrets may warrant indefinite protection as long as they remain secret.

Permitted Disclosures

Specifies when the receiving party may disclose confidential information without breaching the NDA. Common permitted disclosures include: disclosure to professional advisors bound by professional secrecy, disclosure to employees or contractors who have signed their own NDAs, and disclosure required by law, regulation, court order, or government authority.

Return or Destruction of Information

Requires the receiving party to return or destroy all confidential information (including copies, notes, and derivative materials) upon request or upon expiry of the agreement. This clause should specify a timeframe for compliance and require written confirmation that destruction has occurred.

Remedies for Breach (Injunctive Relief)

Acknowledges that monetary damages may be insufficient to compensate for a breach and that the disclosing party is entitled to seek urgent injunctive relief (an interdict in South African law) without having to prove actual financial loss. This clause is critical because confidential information, once disclosed, cannot be 'un-disclosed'.

Governing Law and Jurisdiction

Specifies that the NDA is governed by the laws of the Republic of South Africa and that disputes will be resolved in a particular division of the High Court, or through alternative dispute resolution (mediation or arbitration). For cross-border NDAs, this clause prevents uncertainty about which country's laws apply.

Legal Framework

Enforceability Under South African Law

NDAs in South Africa are governed by the common law of contract. There is no specific statute that deals exclusively with confidentiality agreements. This means an NDA must satisfy the same requirements as any other valid contract under South African law:

Consensus - the parties must have a genuine meeting of minds. There must be a clear offer and acceptance, and both parties must understand and agree to the terms.
Capacity - each party must have the legal capacity to enter into the contract. For companies, this means the signatory must be duly authorised.
Legality - the purpose of the NDA and its terms must be lawful. An NDA cannot be used to conceal criminal activity.
Possibility of performance - the obligations imposed must be capable of being performed.
Formalities - while NDAs do not require notarisation or witnesses, they should be in writing and signed by authorised representatives.

Reasonableness is key

South African courts apply a reasonableness test when assessing restrictive provisions in NDAs, similar to the approach used for restraint of trade clauses. An NDA that is excessively broad in scope, indefinite in duration, or disproportionate in its restrictions may be declared unenforceable. The burden of proof lies on the party seeking to escape the NDA - they must demonstrate that the restraint is unreasonable and contrary to public interest. However, courts will not rewrite an unreasonable clause; they will simply refuse to enforce it.

POPIA considerations

If confidential information includes personal data as defined in the Protection of Personal Information Act 4 of 2013 (POPIA), additional obligations apply. The NDA should address POPIA compliance, including the purpose limitation principle, security safeguards, and the receiving party's obligations as an operator (processor) under the Act.

Key Distinction

NDA vs Confidentiality Clause in Employment Contracts

Many employers rely on a confidentiality clause embedded in the employment contract and assume it provides sufficient protection. While such clauses are useful, they are not always adequate - particularly for employees who have access to highly sensitive information, trade secrets, or proprietary systems.

A standalone NDA offers several advantages over an embedded confidentiality clause:

Factor	Confidentiality Clause	Standalone NDA
Scope	Usually brief, general terms	Detailed, tailored definitions of confidential information
Survival period	Often unclear or unstated	Explicitly defined (typically 2-5 years post-termination)
Remedies	Relies on general contractual remedies	Specific remedies including injunctive relief and penalties
Enforceability	May be challenged as vague	Stronger - detailed terms are harder to dispute
Return of information	Rarely addressed	Explicit return/destruction obligations

Best practice

For employees in senior, technical, or client-facing roles, use both: a confidentiality clause in the employment contract for general coverage, and a standalone NDA for specific projects, clients, or categories of sensitive information. This layered approach provides the strongest protection.

Watch Out

Common Pitfalls and How to Avoid Them

These mistakes can render your NDA unenforceable or leave you exposed. Avoid them from the outset.

Overly broad definition of confidential information

Defining confidential information as "all information shared between the parties" is tempting but dangerous. Courts may consider such definitions unreasonably wide and refuse to enforce them. Instead, use specific categories (trade secrets, financial data, customer lists, source code) and consider requiring that information be marked as confidential at the time of disclosure.

Indefinite duration

An NDA with no expiry date or an unreasonably long duration is more likely to be challenged as a restraint of trade. Set a clear term - two to five years is standard for most commercial information. Reserve indefinite protection only for genuine trade secrets, and even then, tie the obligation to the information remaining confidential.

Missing exclusions

Failing to include standard exclusions (public domain, independently developed, prior knowledge) makes the NDA unreasonable and difficult to enforce. Exclusions protect the receiving party from liability for information they legitimately obtained through other channels.

No remedies specified

If the NDA does not address remedies for breach, the disclosing party is left to pursue general contractual damages - which requires proving actual financial loss. Including provisions for injunctive relief, penalty clauses, and acknowledgement that damages may be inadequate strengthens enforcement significantly.

Failing to mark information as confidential

If the NDA requires information to be marked as "Confidential" to receive protection, failing to apply that marking means the information is not covered. Implement internal processes to ensure all sensitive documents, emails, and communications are properly labelled.

Not considering POPIA implications

If confidential information includes personal data, the NDA should address the parties' obligations under the Protection of Personal Information Act (POPIA). Failure to do so could expose both parties to regulatory penalties from the Information Regulator, in addition to contractual liability.

FAQ

Frequently Asked Questions About NDAs in South Africa

Related Guides

Continue learning with these related resources.

Guide12 min read

Shareholders Agreement in South Africa

Protect shareholder interests with deadlock resolution, exit mechanisms, and restraint of trade clauses.

Read guide

Guide20 min read

Corporate Governance of South African Companies

Securities registers, beneficial ownership, share transactions, resolutions, and CIPC compliance.

Read guide

Guide12 min read

MSA + Statement of Work vs Professional Services Agreement

Compare contract structures for engaging service providers and protecting confidential information in service relationships.

Read guide

Protect Your Confidential Information

MyContracts helps South African businesses create, manage, and sign NDAs and confidentiality agreements - all in one platform.

Get Started Browse All Guides

Free plan to get startedUnlimited users