FCR
Contract ReviewerNDA ReviewRed FlagsBlogReview Free

Published May 20, 2026

How to Review an NDA Before Signing

A nine-step walkthrough for reading an NDA carefully — from the definition of Confidential Information to term length, exceptions, and one-sided clauses.

An NDA — non-disclosure agreement — is usually short. Two or three pages, sometimes one. That brevity is deceptive. A poorly drafted NDA can lock you out of an entire industry, tie up information you already had before the conversation, or expose you to lawsuits years after the relationship has ended. Most NDAs are signed in under a minute. They deserve more than that.

This is a step-by-step walkthrough for reading an NDA carefully. It works for the common scenarios: a prospective client asking you to sign before a discovery call, a startup founder asking you to keep an idea confidential, an employer's onboarding paperwork, or any business meeting where both sides will share information. It is informational only and is not legal advice.

Step 1. Is it one-way or mutual?

The first thing to check is direction. A one-way (or unilateral) NDA imposes confidentiality on one party only — usually you, the recipient. A mutual NDA imposes the same obligations on both sides. Mutual NDAs are almost always preferable when the conversation is genuinely two-way (a sales call, a partnership discussion, an investor pitch).

Look for language like "the Disclosing Party" and "the Receiving Party". If those terms refer to specific named entities (only one of which is you), it's one-way. If they refer to "each Party as the disclosing party", it's mutual.

Step 2. Check the definition of "Confidential Information"

Every NDA defines what counts as Confidential Information. This is where most one-sided agreements hide their teeth. A reasonable definition is specific: information explicitly marked confidential, information that would be reasonably understood as confidential given the context, technical and business information shared in the course of the engagement.

Watch for definitions that capture "any information, in any form, disclosed at any time". That sweeps in casual conversation, public information, and things you already knew. The disclosing party should have some duty to mark sensitive information as confidential — otherwise the burden is on you to prove a negative.

Step 3. Review the term length

Most NDAs run between 2 and 5 years. Longer terms are sometimes justified for trade secrets, but a flat 10-year or "indefinite" obligation across all information is unusual.

Ideally the NDA has two clocks: a fixed term (often 2–3 years) for ordinary confidential information, and an indefinite term that applies only to information the parties explicitly designate as a trade secret in writing. That's a sensible structure — it doesn't ask you to keep yesterday's marketing roadmap secret forever.

Step 4. Confirm the standard exceptions

A well-drafted NDA carves out information that should never be subject to confidentiality obligations. Look for all four:

  • Already known. Information you can show you had before the engagement (e.g., documented in your own files).
  • Publicly known. Information that becomes public through no fault of yours.
  • Independently developed. Information you develop on your own without using the disclosing party's confidential information.
  • Lawfully received from a third party. Information you legitimately get from someone else who isn't bound by a duty of confidentiality.

If any of these is missing, you have a problem. Without the "independently developed" carve-out in particular, you could be sued for solving a problem you would have solved anyway.

Step 5. Understand permitted disclosures

Sometimes you have to share confidential information — with your lawyer, your accountant, a court that has subpoenaed it, or a government regulator. A good NDA permits these disclosures explicitly, usually with a requirement that the recipients of the disclosure are themselves bound by confidentiality.

If the NDA prohibits all disclosure with no exceptions, you could be in technical breach the first time you forward something to your accountant for tax purposes. Insist on a "required by law" carve-out and a "professional advisors" carve-out.

Halfway through. This is a lot to track in a short document — and most NDAs come with a "can you sign and return today?" expectation that cuts the review window short. If you'd rather not do this by hand, paste the NDA into our free AI reviewer with the contract type set to NDA. You'll get a structured breakdown that flags everything in this article: definition scope, term length, missing carve-outs, and one-sided obligations. Informational, not legal advice — but a faster first pass.

Step 6. Watch for hidden non-compete restrictions

Some NDAs slip in clauses that look like confidentiality obligations but actually function as non-competes. Phrases like "the receiving party agrees not to engage in any business or activity that would compete with the disclosing party's business for a period of two years after termination" are not confidentiality clauses at all — they are non-competes.

Non-competes in NDAs are particularly aggressive because they're not what the document is supposed to be doing. If you see one, either strike it entirely or insist it be moved to a separate, negotiated non-compete agreement so you can deal with it on its own terms.

Step 7. Check what happens at the end

When the NDA ends or the engagement is over, what happens to the confidential information you received? The standard options are return, destroy, or retain in archived form.

Watch out for impossible obligations: "delete all copies, including from backups." Modern infrastructure makes this unrealistic — backups are immutable, email systems keep copies, and you may have legal obligations to retain records. A reasonable clause allows you to keep archived backups subject to continued confidentiality obligations until the backups expire under your normal retention schedule.

Step 8. Verify governing law and venue

Where will disputes be resolved, and under whose law? If the other party is a Delaware company and you're a freelancer in Texas, a clause saying "all disputes shall be resolved in the state and federal courts of Wilmington, Delaware" effectively means you'd have to travel to Delaware to enforce your rights.

Push for a neutral venue, or at least your home jurisdiction. For small-dollar NDAs the venue often doesn't matter in practice (you're unlikely to litigate over a $5,000 dispute regardless), but for anything substantial, this clause sets the price of enforcement.

Step 9. Look for one-sided remedies

The remedy section says what the parties can do if the agreement is breached. A common red flag is a clause where one party is entitled to an automatic injunction (a court order to stop doing something) without having to prove damages, while the other party has to go through normal litigation. That asymmetry tilts the entire balance of the agreement.

Equally important: liquidated damages. Some NDAs specify a fixed dollar amount payable for each breach (e.g., "$50,000 per disclosure"). That can be reasonable in a true trade-secret context, but a flat five-figure penalty for a casual breach is almost always unreasonable and may not be enforceable — but you'd have to spend money arguing about it.

Common NDA red flags at a glance

Pulling the patterns together, the five red flags we see most often:

  • Definition of confidential information so broad it captures public information.
  • Indefinite or 10+ year term without a trade-secret carve-out.
  • Missing "independently developed" or "publicly known" exceptions.
  • Non-compete or non-solicit obligations buried in an NDA.
  • One-way remedies (injunctions, liquidated damages) where only one party benefits.

For the broader picture — beyond NDAs to contracts in general — our 10 Contract Red Flags Before You Sign guide covers the rest: indemnification, auto-renewal, limitation of liability, and more.

When to walk away

Most NDAs can be negotiated to something reasonable. If the other party flatly refuses to budge on the worst clauses — particularly anything that looks like a non-compete, an indefinite confidentiality term, or a one-sided injunction right — that tells you how the rest of the relationship will go. The willingness to negotiate the NDA is a leading indicator of whether the eventual deal will be workable.

For low-stakes NDAs (a quick discovery call, a no-pay info exchange), the practical answer is often "sign and move on." For anything that precedes real work, real money, or real IP — slow down, negotiate, and if necessary pay a lawyer for an hour of review.

Run your NDA through the reviewer

If you'd rather not do this walkthrough by hand, use our free NDA review tool. It runs the same checks this article describes — definition scope, term length, missing carve-outs, hidden non-competes, one-sided remedies — and gives you a plain-English summary with specific suggestions. The review takes about 15 seconds. We do not store the NDA text or share it with anyone.

For other contract types, see our targeted reviewers: freelance contracts, employment contracts, lease agreements, and service agreements.

Frequently asked questions

Do I need a lawyer to review an NDA?

For low-stakes NDAs — a discovery call, a casual conversation, a no-money information exchange — the steps in this article are usually enough. For NDAs that precede a real business relationship, employment, investment, or IP transfer, paying a lawyer for an hour of review is worth it. The cost is typically $200–$500 and can save you from clauses that bind you for years.

Can I negotiate an NDA, or is it take-it-or-leave-it?

You can almost always negotiate. NDAs from sophisticated parties (large companies, well-funded startups) often come in a 'take-it-or-leave-it' tone, but the legal team on the other side usually has authority to make reasonable changes — especially on term length, mutual obligations, and standard exceptions. Send back a marked-up version and see what happens. Refusal to negotiate is itself useful information.

How long should an NDA last?

For ordinary confidential information, 2 to 5 years is standard. Anything longer is unusual unless the agreement carves out true trade secrets, which can reasonably be protected indefinitely. An NDA that flatly says 'confidentiality obligations shall continue in perpetuity' for all information is too broad and should be pushed back on.

Is a one-way NDA always bad?

No. A one-way NDA can be appropriate when only one party is disclosing information — for example, a freelancer signing a client's NDA before being shown confidential project details, where the freelancer isn't expected to disclose anything in return. The question to ask is whether the direction matches the reality of what each side will share.

What if I've already signed a problematic NDA?

First, don't panic — many of the harsh clauses you might worry about are unenforceable in court, especially if they're vague or overbroad. Second, you can usually negotiate an amendment with the other party at any time, especially if circumstances have changed. Third, if you're genuinely concerned about specific obligations, talk to a lawyer about your real-world risk rather than the worst-case wording of the document.

Review your own contract — free, in seconds

Paste any contract and get a plain-English risk analysis. No signup. Informational, not legal advice.

Try the reviewer

More from the blog

  • May 21, 2026

    What Makes a Contract Risky?

    A practical framework for thinking about contract risk — asymmetry, exposure, and ambiguity — and how to weigh it against the value of the deal.

  • May 19, 2026

    10 Contract Red Flags Before You Sign

    Ten clauses that should make you pause before signing any contract — from broad indemnification to silent auto-renewal — and what to do when you spot them.

FreeContractReviewer.com provides AI-generated information to help you understand possible contract issues. It is not legal advice and does not replace a qualified lawyer.