One-Way NDA (Non-Disclosure Agreement) in the UK: Uses and Key Clauses

If you run a small business, there’s a good chance you’ll need to share confidential information at some point - with a freelancer, a developer, a marketing agency, a potential buyer, or even a supplier.

That’s where a one-way NDA can help. It’s one of the simplest legal tools for protecting sensitive business information, without turning every conversation into a complicated negotiation.

In this guide, we’ll walk you through what a one-way NDA is in the UK, when it makes sense to use one, the key clauses to look for, and the practical mistakes that can make an NDA difficult to rely on in practice.

What Is A One-Way NDA?

A one-way NDA (also called a one-way non-disclosure agreement) is an agreement where:

• Only one party is disclosing confidential information (the “Disclosing Party”), and
• The other party receives that information (the “Receiving Party”) and must keep it confidential.

In other words: it’s “one-way” because the confidentiality obligations mainly fall on the receiving party. This is different to a mutual NDA, where both sides will be sharing confidential information and both sides owe confidentiality obligations.

From a small business perspective, one-way NDAs are incredibly common because so many business relationships are naturally one-directional. For example, you might be giving a contractor access to internal systems, processes, customer lists, pricing, or product plans - but they’re not sharing anything confidential back.

While a one-way NDA can be short, it still needs to be properly drafted. Generic templates often miss the clauses that matter most (especially around what counts as “confidential,” how long obligations last, and what happens if there’s a breach).

When Should You Use A One-Way NDA In Your Business?

A one-way NDA is usually the right fit when you are the only party disclosing sensitive information.

Here are common situations where a one-way NDA makes sense for UK businesses:

Before Sharing Business Plans Or Financials With A Potential Buyer Or Investor

If you’re exploring a sale of your business, a partnership, or even early-stage funding, you’ll often need to share financial reports, customer metrics, and strategy documents. A one-way NDA can help you control how that information is used and who it can be shared with.

Often, this NDA sits alongside a more detailed transaction document later on, such as a Business Sale Agreement.

When Engaging Contractors, Freelancers, Or Consultants

Contractors regularly need access to confidential material to do their job - think developers accessing source code, designers accessing unreleased product images, or consultants reviewing internal reports.

In practice, you may build confidentiality obligations into a broader contract (like a services agreement), but a standalone NDA is still a common and convenient option, especially early on.

If you’re also setting expectations around ownership and deliverables, it may be worth using (or pairing it with) a properly drafted Consulting Agreement.

Before Onboarding Suppliers Who Will See Sensitive Operational Information

Sometimes a supplier needs visibility over pricing, customer demand forecasts, internal processes, or product specs. If you’re handing over information that would hurt your business if it leaked, an NDA is a sensible step.

During Early Discussions With Strategic Partners

Let’s say you’re speaking to a potential distributor, referral partner, or brand collaborator. You might need to share:

• marketing strategy and upcoming campaigns
• pricing structures and margins
• product roadmap or launch timelines
• operational systems and supplier relationships

If you’re the one doing the sharing, a one-way NDA can be the right starting point before you invest time and resources into deeper talks.

When Testing, Piloting, Or Demoing A Product

If your business offers software, a digital product, or a unique process, a demo can reveal more than you think - workflows, logic, pricing, even the “secret sauce” behind the scenes.

While terms and conditions can cover some of this, a one-way NDA can provide direct confidentiality protection tailored to what you’re showing and why.

Why A One-Way NDA Matters (And What It Can And Can’t Do)

At a practical level, a one-way NDA does two big things:

• It sets clear rules about how the receiving party must treat your confidential information (use restrictions, non-sharing obligations, security expectations).
• It creates legal consequences if they misuse or disclose that information - which can help you take steps to stop the misuse and, where appropriate, pursue a claim for losses.

But it’s also important to be realistic about what an NDA can’t do.

An NDA Doesn’t Automatically Stop A Breach

It’s a legal tool, not a physical barrier. If someone is determined to steal information, an NDA won’t magically prevent it - but it can make enforcement clearer and increase the consequences for the breaching party.

An NDA Won’t Protect Information That Isn’t Actually Confidential

If the information is already public, already known to the recipient, or so broadly defined that it becomes meaningless, you may struggle to rely on it.

An NDA Is Only One Part Of Your Protection Strategy

In many businesses, confidentiality is one layer. You may also need:

• strong IP ownership terms in your commercial contracts
• access controls (passwords, limited permissions, need-to-know processes)
• a clear data handling approach if personal data is involved

If your confidential information includes customer or employee personal data, you’ll also need to think about UK GDPR compliance and documentation like a Privacy Policy (and, in many cases, contractual terms with service providers about processing personal data).

Key Clauses To Include In A One-Way NDA (UK)

A one-way NDA doesn’t need to be long to be effective - but the clauses inside it need to be carefully thought through.

Below are the clauses we commonly see as “must-haves” for small businesses using a one-way non-disclosure agreement.

1) Definition Of “Confidential Information”

This is the heart of the NDA. If the definition is too narrow, it won’t protect what you actually care about. If it’s too broad, it may become hard to apply (or be challenged as unreasonable).

Common categories you may want to include are:

• financial information (pricing, margins, forecasts)
• customer lists and lead lists
• supplier details and terms
• product designs, prototypes, formulas, and processes
• software code, technical documentation, and architecture
• marketing plans and business strategy
• internal policies, systems, and workflows

A well-drafted NDA also clarifies how confidential information can be shared - for example, whether it includes information disclosed in writing, verbally, visually (like demos), or electronically.

2) Purpose / Permitted Use

It’s not enough to say “keep it secret.” A strong one-way NDA states that the receiving party can only use the confidential information for a specific purpose - for example:

• evaluating a commercial relationship
• providing services to you
• building or testing a defined deliverable

This “purpose” clause matters because many confidentiality disputes come down to use, not just disclosure. For example, a contractor might not share your information with anyone, but they might use your pricing model to pitch a competitor. Clear permitted use wording helps reduce that risk.

3) Who Can Access The Information (And On What Conditions)

In reality, the receiving party may need to share your information internally (for example, with employees or subcontractors). Your NDA should set limits such as:

• only sharing with people who need to know for the purpose
• ensuring those people are also bound by confidentiality obligations
• remaining responsible if their team or subcontractors cause a breach

This is particularly important if you’re engaging a service provider who uses subcontractors. If you’re also putting in place a broader services relationship, you might handle these details in a more comprehensive Service Agreement.

4) Exclusions: What Is Not Confidential?

Most NDAs include standard exclusions. Common examples include information that:

• is already public (other than because of a breach)
• the recipient already knew before you disclosed it
• is independently developed without using your confidential information
• is required to be disclosed by law or a regulator (usually with notice to you where possible)

These exclusions aren’t “loopholes” - they help keep the NDA reasonable and commercially workable, and they’re very common in UK agreements.

5) Duration: How Long Does The NDA Last?

This is one of the most misunderstood parts of a one-way NDA.

Your NDA should cover:

• the term (how long the agreement runs - e.g. 12 months, 2 years, or until a project ends), and
• the confidentiality period (how long confidentiality obligations continue after disclosure or after termination).

There’s no single “best” timeframe - it depends on what’s being shared and how quickly it becomes outdated. For example, a short-term marketing plan might not need years of protection, while a proprietary formula or source code might.

Getting this right is important: too short and it won’t protect you long enough; too long and the other party may push back in negotiations.

6) Return Or Destruction Of Information

When the relationship ends (or when requested), you may want the recipient to return or delete confidential information.

In modern businesses, this also raises practical questions:

• What about backups and archived emails?
• What about records they must keep for legal or compliance reasons?
• What about information stored in third-party platforms?

A good NDA addresses these realities, rather than pretending everything can be completely erased instantly.

7) Remedies: What Happens If There’s A Breach?

This clause deals with enforcement. Depending on the situation, it may cover:

• the right to apply for an injunction (a court order intended to stop misuse/disclosure, where the legal test is met and the court grants it)
• damages/compensation for loss suffered (where you can prove loss and the legal requirements are satisfied)
• costs and recovery options (depending on the dispute and any court/tribunal powers)

It’s also common for NDAs to acknowledge that a breach may cause serious harm and that monetary compensation might not be an adequate remedy on its own (which can support an application for urgent court relief in appropriate cases).

8) “No Licence” / IP Protection Wording

One-way NDAs often include a clause confirming that disclosure of confidential information does not transfer ownership or grant rights to intellectual property.

This helps avoid arguments like “you showed me how it works, so I can now build it.” If your business relies heavily on IP, you may also want to consider broader IP documentation (for example, an IP Assignment when someone creates work for you, so you clearly own what you paid for).

9) Governing Law And Jurisdiction (UK)

If you’re a UK business, your one-way NDA should usually specify which UK legal system governs it (for example, the laws of England and Wales, or Scotland, or Northern Ireland) and which courts have jurisdiction.

This is especially important if you’re dealing with overseas contractors or cross-border commercial relationships.

Common Mistakes Businesses Make With One-Way NDAs

Most NDA problems aren’t caused by businesses “not caring” - they’re caused by moving quickly, using a generic template, or assuming an NDA is just a box-ticking exercise.

Here are mistakes we often see small businesses make with a one-way NDA.

Signing The NDA Too Late

If you share sensitive information first and send an NDA later, you lose leverage and create ambiguity over what was protected (and when).

Ideally, the NDA should be signed before the disclosure happens.

Using A One-Way NDA When The Relationship Is Actually Mutual

Sometimes both sides are sharing confidential information, even if one side is sharing “more.” If that’s the case, a mutual NDA may be more appropriate.

If you use a one-way NDA in a mutual situation, you might create friction (or worse, you might fail to protect the other side’s information properly, which can damage trust and derail the deal).

Defining Confidential Information Too Vaguely

Clauses like “all information disclosed is confidential” might sound strong, but can be impractical to apply.

Clear categories, clear examples, and clear purpose restrictions usually work better than overly broad wording.

Forgetting About Data Protection

If the “confidential information” includes personal data (customer contact details, employee records, user analytics linked to individuals), you may also be dealing with UK GDPR and the Data Protection Act 2018 obligations.

An NDA is not a substitute for proper data-processing terms and privacy compliance. Depending on the situation, you might need a dedicated data agreement or contract wording, plus operational compliance (access controls, retention, security measures).

Relying On An NDA Instead Of A Proper Commercial Contract

If someone is providing services, building a product, or working with your business on an ongoing basis, an NDA alone won’t cover the commercial essentials like payment, deliverables, timelines, liability, or IP ownership.

Often, confidentiality should be part of a broader contract framework - and you may also need clear terms like a Employment Contract if the person is actually joining your business as staff (rather than acting as an independent contractor).

Key Takeaways

• A one-way NDA is used when only one party (often your business) is disclosing confidential information and the other party must keep it confidential and only use it for an agreed purpose.
• Common uses include sharing information with contractors, suppliers, potential partners, and potential buyers or investors.
• Key clauses to focus on include the definition of confidential information, permitted use/purpose, who can access the information, the confidentiality period, return/destruction obligations, and enforcement/remedies.
• Don’t treat a one-way non-disclosure agreement as a “template job” - vague definitions, missing IP protections, and unclear timeframes can weaken it when you actually need to enforce it.
• If the confidential information includes personal data, you also need to think about UK GDPR and your broader privacy obligations, not just confidentiality wording.
• An NDA is often only one piece of the puzzle - service delivery, payment, IP ownership, and liability are usually better handled in a tailored commercial agreement.

If you’d like help drafting or reviewing a one-way NDA (or putting the right contracts in place for your business), you can reach us at 08081347754 or team@sprintlaw.co.uk.