It’s never been easier to collaborate across borders. You can jump on a video call with a supplier in Asia, a software developer in Europe, or an investor in the US - and start sharing sensitive information within minutes.
But that convenience comes with a common (and risky) question: if you sign an NDA with an overseas party, which country’s laws apply?
This 2026 update reflects the reality that cross-border deals are now “normal business”, and that privacy and data handling expectations are sharper than ever. Getting the legal foundations right from day one can save you a lot of stress later - especially if your NDA ever needs to be enforced.
Below, we’ll walk you through how governing law works in NDAs, what happens if it’s missing, and the practical steps you can take to make your NDA enforceable and useful (not just a document you sign and forget).
What Is An NDA, And Why Does “Which Country’s Laws Apply?” Matter?
An NDA (non-disclosure agreement) is a contract that protects confidential information. In a business context, that might include:
- your product idea, formula or design files
- customer lists and pricing strategies
- financials, forecasts and funding discussions
- software code, prototypes, or internal processes
- supplier terms, distribution arrangements, or marketing plans
When everything is based in New Zealand, the “legal backdrop” is relatively straightforward: New Zealand contract law applies, New Zealand courts can generally hear disputes, and enforcement is more predictable.
When the other party is overseas, it’s different. If there’s a breach, you’ll quickly run into issues like:
- Which legal system interprets the NDA? (NZ, Australia, England & Wales, California, Singapore, etc.)
- Which courts (or arbitration forum) hear the dispute?
- Can you actually enforce an NZ judgment overseas?
- Does the NDA cover cross-border data sharing and privacy obligations?
This is why “governing law” and “jurisdiction” clauses aren’t just formalities - they often determine whether the NDA will help you when it matters.
How Do Governing Law And Jurisdiction Clauses Work In An International NDA?
Two clauses usually do most of the heavy lifting when it comes to “which country’s laws apply”:
1) Governing Law (Also Called Applicable Law)
This clause says which country’s laws will be used to interpret the NDA. For example:
- “This agreement is governed by the laws of New Zealand.”
- “This agreement is governed by the laws of Singapore.”
In practice, governing law influences:
- how “confidential information” is interpreted
- what remedies are available (damages, injunctions, etc.)
- how enforceable certain clauses are (like broad restraints or penalty-style clauses)
2) Jurisdiction (Or Dispute Resolution Forum)
This clause says where a dispute will be heard. Often it’s a court, but it can also be arbitration or mediation.
For example:
- “The parties submit to the exclusive jurisdiction of the courts of New Zealand.”
- “Disputes must be resolved by arbitration in Hong Kong.”
It’s possible to have:
- NZ governing law + NZ courts (simple and consistent)
- NZ governing law + overseas courts (less common, but possible)
- Overseas law + NZ courts (rare and often impractical)
- Overseas law + overseas courts
If you’re trying to keep things manageable, aligning governing law and jurisdiction is usually the cleanest approach.
Also, an NDA is often only one piece of the puzzle. If the relationship moves forward, you may also need a broader Service Agreement or a more detailed contract that handles deliverables, payment, and IP ownership.
What Happens If The NDA Doesn’t Say Which Country’s Laws Apply?
This is more common than you’d think - especially with “template” NDAs, or NDAs sent by overseas parties that are missing key clauses.
If there’s no governing law clause, the question becomes: which legal system has the closest connection to the contract?
That analysis can get messy fast. A court may look at things like:
- where each party is based
- where the information was disclosed
- where the project is being performed
- the language and structure of the NDA (sometimes it hints at a legal tradition)
- where a breach occurred (for example, where data was accessed or used)
The main risk here is not just uncertainty - it’s that you may end up arguing about the “rules of the game” before you even get to the breach itself. That can mean extra cost and delays when you’re trying to act quickly to protect confidential information.
And if you’re relying on an NDA to protect something commercially valuable (like a product concept or a codebase), uncertainty is the last thing you want.
Which Country’s Laws Should You Choose For A Cross-Border NDA?
There’s no one-size-fits-all answer, but there are practical ways to decide.
When choosing governing law and jurisdiction for an international NDA, you’ll usually be balancing:
- enforceability (can you realistically enforce it where the other party is?)
- cost (what would a dispute cost in that forum?)
- speed (how quickly can you get urgent relief like an injunction?)
- familiarity (do you understand the legal system and language?)
- bargaining power (who has leverage to insist on their preferred law?)
Option A: New Zealand Law (Common If You’re The Disclosing Party)
If you’re based in NZ and you’re sharing your confidential information, choosing NZ law is often sensible because:
- it’s familiar and easier to manage with NZ legal support
- you’re more likely to understand how your obligations and remedies work
- it can fit neatly with other NZ contracts you’re using in your business
The practical catch is enforcement. Even if you get a favourable outcome in NZ, you may still need to enforce it in the overseas party’s country (and that can involve extra steps).
Option B: The Overseas Party’s Law (Common If They’re Bigger Or They’re Disclosing)
Sometimes the overseas party will insist on their local law and courts (or they’ll send you their “standard” NDA).
This can be workable, but it’s important to understand the trade-off: if something goes wrong, you might be dealing with:
- an unfamiliar legal system
- different expectations around contractual terms and enforceability
- higher legal costs, especially if you need local counsel
If you’re signing under foreign law, it’s worth slowing down and getting advice before you sign - because changing terms later is much harder.
Option C: A Neutral Law Or Arbitration Venue (Sometimes Used For International Deals)
In some cross-border relationships, parties choose a “neutral” governing law or dispute forum (often because neither side wants to litigate in the other’s home courts).
Arbitration is also sometimes used, because it can be more enforceable internationally than court judgments in certain contexts.
This option can make sense, but you’ll want the NDA drafted carefully. If you’ve ever seen a dispute resolution clause that looks like it was cobbled together from three templates, you’ll know why - it can create more problems than it solves.
What Else Should You Check In An International NDA (Beyond Governing Law)?
Choosing governing law is important, but it won’t fix an NDA that’s vague, one-sided, or missing the clauses that make it practical.
Here are the other key areas we recommend checking when you’re signing an NDA with an overseas party.
A good NDA doesn’t just say “everything is confidential” and hope for the best. You want a definition that’s clear enough to enforce, but broad enough to cover what you’re actually sharing.
For example, if you’re sharing:
- technical documents
- pricing and margin information
- product roadmaps
- source code or development notes
…the NDA should clearly capture those categories.
Are You Actually Dealing With “Confidentiality” Or “Privacy” Too?
This is a big one in cross-border relationships.
“Confidential information” usually covers business information. But if you’re sharing information about identifiable individuals (for example, customer data, employee information, user analytics, or health-related data), you’re also stepping into privacy law territory.
In New Zealand, the Privacy Act 2020 sets out how you must collect, use, store and disclose personal information, including rules around disclosure overseas in some situations.
If your NDA involves personal information, you may also need privacy-specific documents and processes - like a Privacy Policy and internal privacy handling procedures - not just an NDA.
What’s The Permitted Purpose (And Does It Stop Misuse)?
Your NDA should clearly state why the other party is receiving the confidential information - and restrict them from using it for anything else.
For example:
- “for evaluating a potential supply relationship”
- “for performing development services”
- “for discussing investment in the business”
This is one of the most important practical protections in the NDA. If a party uses your confidential information outside the permitted purpose, that’s often the core breach.
Does It Deal With IP Ownership Properly?
Many founders assume an NDA automatically protects IP. It helps, but it’s not the whole story.
If you’re collaborating with an overseas developer, designer, or contractor, you should also think about who owns:
- new IP created during the project
- improvements to your existing IP
- derivatives (like modified designs or adapted code)
This is where a proper services contract and IP clauses become critical. In many situations, an IP Assignment (or IP assignment clauses within a broader agreement) is what ensures the rights end up where you expect.
What Happens When The Relationship Ends?
A practical NDA should answer questions like:
- Does the overseas party need to return or delete the confidential information?
- Can they keep copies for legal compliance or backups?
- How long do confidentiality obligations last?
Time periods matter. Some NDAs set confidentiality obligations for a fixed period (e.g. 2–5 years). Others require confidentiality indefinitely for certain categories like trade secrets.
The “right” answer depends on what you’re sharing and how quickly it becomes outdated - and that’s worth tailoring rather than guessing.
Is The NDA Signed Correctly (And Can You Prove It)?
Cross-border deals often move fast, and NDAs are frequently signed electronically. That’s usually fine, but you still want to be confident the NDA is properly executed and you can prove it later.
For example:
- Is the legal entity name correct (not just a trading name)?
- Is the signatory authorised to bind the overseas company?
- Do you need witnessing, and if so, is it done properly?
If you’re unsure about execution formalities, it can help to check what’s required and who is acceptable for signing formal documents, including who can witness a signature in contexts where witnessing is needed.
Key Takeaways
- In a cross-border NDA, the governing law clause usually determines which country’s laws will interpret the agreement, while the jurisdiction clause determines where disputes will be heard.
- If your NDA doesn’t specify governing law and jurisdiction, you may end up in a costly argument about which legal system applies before you can even address the breach.
- Choosing NZ law can be practical and familiar for NZ businesses, but you should still think about how enforcement would work if the overseas party breaches the NDA.
- A strong international NDA should do more than pick a legal system - it should clearly define confidential information, limit use to a permitted purpose, and cover return/deletion and time periods.
- If personal information is being shared across borders, you also need to consider NZ privacy obligations under the Privacy Act 2020, not just confidentiality obligations.
- For overseas contractors and collaborators, an NDA alone may not protect your ownership of new work - you may also need a properly drafted services contract and IP clauses or an IP assignment.
If you’d like help drafting or reviewing an NDA for an overseas relationship (or making sure your wider contract setup is protecting you properly), you can reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.
