Why NDAs Fail and How to Fix Them

Alex Solo
byAlex Solo11 min read

Lots of New Zealand founders treat an NDA like a magic shield. They send over a one page template, get a signature, then assume their ideas, pricing, product plans and customer data are protected. That is usually where things go wrong. The most common mistakes are using a generic NDA that does not match the deal, defining confidential information too vaguely, and forgetting that an NDA is only useful if it is realistic to enforce.

Another problem is timing. Businesses often hand over valuable information before the NDA is signed, or they accept the other side's standard terms without checking whether the confidentiality obligations are one sided, full of carve outs, or too short to matter. A signed document can look reassuring while doing very little when things get messy.

This guide explains why an NDA can be useless in practice, what a workable NDA should actually cover under New Zealand law, and what to fix before you sign. If you are sharing commercial information with a supplier, contractor, adviser, investor, agency or potential buyer, this is where founders often get caught.

Overview

An NDA can help protect confidential business information, but only if it is drafted for the real situation and paired with sensible business processes. A weak NDA usually fails because the information is not clearly described, the obligations are too narrow, the exceptions are too broad, or the business cannot show what was disclosed and when.

  • Identify exactly what information needs protection, such as pricing models, code, product roadmaps, customer lists, supplier terms or financial forecasts.
  • Check whether the NDA is mutual or one way, and whether that matches the relationship.
  • Review the definition of confidential information and the exceptions to that definition.
  • Make sure the permitted use clause is tight, so the recipient can only use the information for the stated purpose.
  • Check the term of the NDA and how long confidentiality obligations continue after disclosure.
  • Look for clauses dealing with return or destruction of information, intellectual property, and remedies if the NDA is breached.
  • Confirm who is allowed to receive the information, including employees, contractors, related companies and advisers.
  • Keep practical records of what you disclosed, when you disclosed it, and to whom.

When New Zealand Businesses Use NDAs

NDAs are most useful when you are about to share specific non-public information with someone who does not otherwise owe you a clear duty of confidence. They are common in early stage deal-making, supplier discussions and contractor relationships, but they are not a substitute for a well-drafted main contract.

For many SMEs, the NDA appears before any money changes hands. You might be sounding out a software developer, discussing a manufacturing arrangement, talking to a marketing agency, or giving a consultant access to internal data before you sign a broader service agreement.

Common founder situations

Here are some real business moments where an NDA often makes sense before you sign a contract or before you rely on a verbal promise:

  • You are showing a prototype, process or technical workflow to a developer or manufacturer.
  • You are sharing sales data, pricing strategy or customer churn figures with a consultant or adviser.
  • You are discussing a potential acquisition, investment, joint venture or strategic partnership.
  • You are giving a contractor access to customer databases, internal playbooks or supplier terms.
  • You are inviting a potential distributor or reseller to review commercial information before a full agreement is negotiated.

That said, not every conversation needs an NDA. If the information is already public, easily reverse engineered, or not especially sensitive, an NDA may add friction without adding much protection. Founders sometimes ask for an NDA before a first meeting about a broad idea, only to discover the other side refuses because the concept is too general and the obligation too uncertain.

What an NDA does, and does not do

An NDA creates contractual obligations about secrecy and permitted use. It can help you claim loss, seek an injunction in some cases, and create a clear standard of conduct if the recipient misuses information.

But an NDA does not automatically protect every idea you mention. It does not replace intellectual property ownership terms, assignment clauses, employment agreements, contractor terms, privacy compliance, or security controls. If your contractor builds software, for example, confidentiality is only one issue. You also need to deal with who owns the code, what can be reused, and what happens on termination.

This is where founders often get caught. They use an NDA as a stand-in for a proper commercial contract, then realise later that the real problem was not secrecy alone. It was ownership, scope of work, data handling, or a vague statement of what each side could do with the information.

The main legal question is whether the NDA actually matches the risk you are trying to manage. Before you sign, the document should clearly say what is protected, who must protect it, how it can be used, and what happens if things go wrong.

1. What counts as confidential information

If the definition is vague, the NDA may be hard to enforce. A clause that says all information shared between the parties is confidential can be too broad in practice, especially if there is no way to identify what was disclosed.

A better approach is to define confidential information using categories that fit the deal, such as:

  • business plans and financial models
  • product specifications and source code
  • customer and supplier lists
  • pricing, margins and sales strategy
  • non-public operational processes
  • marketing plans, forecasts and internal reports

You can also cover information disclosed verbally, but only if the NDA explains how that verbal disclosure will be confirmed later, such as in writing within a set number of days.

2. Permitted purpose and use restrictions

An NDA should not just say keep this secret. It should also say what the recipient may use the information for. This is one of the most important fixes if your NDA is currently useless.

If you are talking to a manufacturer, the permitted purpose might be evaluating a supply arrangement. If you are talking to an investor, it might be assessing a potential investment. Without a tight purpose clause, the recipient may argue they were free to use the information internally for broader commercial purposes.

3. Exceptions and carve outs

Every NDA has exceptions. The issue is whether they are reasonable or so wide that they swallow the rule.

Common exceptions include information that:

  • is already public, other than through a breach
  • was already known to the recipient before disclosure
  • is lawfully received from someone else without confidentiality restrictions
  • must be disclosed by law, court order or regulatory requirement

These are standard, but the wording matters. A recipient should not be able to rely on a broad exception without evidence. Clauses should also require notice where legally permitted, so the disclosing party has a chance to respond before compulsory disclosure happens.

4. Who can access the information

Businesses rarely act through one person. The NDA should say whether the recipient can share confidential information with employees, contractors, related entities, financiers, legal advisers or accountants.

That access should be limited to people who genuinely need to know and who are bound by equivalent confidentiality obligations. If the recipient can pass information widely through its group with no controls, your practical protection is much weaker.

5. Duration and survival

A common template problem is using a confidentiality period that is too short. Twelve months might be enough for some discussions, but it may be meaningless if you are disclosing sensitive methods, pricing architecture or product plans with a longer shelf life.

The right period depends on the information. Trade secrets and highly sensitive know-how often justify longer protection than ordinary commercial discussions. The NDA should distinguish between the term of the agreement and how long confidentiality obligations survive after the relationship ends.

6. Return, deletion and evidence

If discussions end, the NDA should say what happens to the material. A practical clause usually covers return or destruction of documents and deletion of electronic copies, subject to narrow legal or backup exceptions.

Just as important, your business should keep a record of:

  • what documents were shared
  • when they were shared
  • who received them
  • whether they were marked confidential
  • what meeting notes or verbal disclosures were made

Without this, enforcement becomes much harder.

7. Intellectual property and privacy overlap

An NDA does not automatically transfer ownership of intellectual property. If you are disclosing ideas, designs, code, branding concepts or technical material before you accept the provider's standard terms, check whether a separate clause or agreement is needed to deal with ownership and licence rights.

If personal information is involved, confidentiality is only part of the picture. New Zealand businesses also need to think about Privacy Act obligations, including whether sharing that information is lawful, necessary and properly safeguarded. An NDA cannot fix a privacy problem created by poor data handling.

8. Governing law and enforceability

If you are dealing with an offshore counterparty, the governing law and dispute provisions matter. A New Zealand SME may hold a signed NDA, but enforcing it overseas can still be costly and complicated.

That does not make the NDA pointless, but it does mean you should be realistic. Sometimes the better protection is a mix of limited disclosure, staged sharing, technical controls and a contract review of the wider arrangement with an entity that has assets in a sensible jurisdiction.

Common NDA Mistakes

Most useless NDAs fail because the business relied on the document instead of thinking through the actual risk. The fix is usually not a longer template. It is a sharper contract and better disclosure discipline.

Using a generic template for every deal

An NDA for investor discussions is not the same as one for a software contractor or manufacturer. Different deals raise different issues around permitted use, subcontracting, data access, intellectual property and duration.

A one size fits all form often leaves obvious gaps. It may also include irrelevant clauses that create confusion or make the other side push back.

Signing after disclosure has already happened

This happens all the time. A founder jumps on a call, shares key numbers or a product demo, then sends the NDA later. At that point, some of the most important information may already have been disclosed without contractual protection.

If you know sensitive information is coming, get the NDA sorted first. If that is not practical, limit the early conversation to high level information until the paperwork is in place.

Describing the information too broadly or too narrowly

If everything is labelled confidential, nothing stands out. If the description is too narrow, the recipient may argue the specific material used was outside the definition.

The aim is clarity. Describe the categories properly, then support that with sensible internal practices such as marking documents and controlling access.

Ignoring the purpose clause

A weak purpose clause lets recipients say they used the information for internal evaluation, benchmarking or business planning, even where that hurts you commercially. This is especially risky where you are speaking with a potential competitor, distributor or strategic partner.

The NDA should limit use to the stated purpose and prohibit any other commercial use, copying or exploitation unless you give written consent.

The party you are speaking to may not do the work itself. It might pass your material to affiliates, external developers, consultants or advisers. If your NDA does not deal with onward disclosure clearly, your information can spread quickly.

Founders often discover this only after a relationship sours. By then, proving who saw what can be difficult.

Assuming the NDA protects ideas by itself

An NDA can stop misuse of confidential information, but it does not turn a general idea into owned intellectual property. If your commercial value sits in copyright, trade marks, designs, code or invention rights, those issues need their own treatment.

This matters before you sign with developers, designers, agencies and manufacturers. The NDA may be part of the solution, but it is not the whole solution.

Using unrealistic enforcement language

Some templates promise sweeping remedies that look powerful on paper but add little in reality. The more useful question is whether the clauses support a practical response if there is a breach.

Good drafting usually covers:

  • the right to seek urgent court orders where appropriate
  • indemnity or damages language that is commercially sensible
  • clear obligations to return or delete information
  • survival of confidentiality after termination

Even with good drafting, enforcement depends on evidence, speed and the other party's ability to meet a claim.

Relying on the NDA instead of process

This is the biggest mistake. If your team shares confidential files freely, uses unsecured channels, gives broad folder access, or cannot track disclosures, the contract only goes so far.

Practical steps often matter just as much as legal wording. Limit access internally, share information in stages, watermark sensitive documents where appropriate, and keep clean records of discussions.

FAQs

Is an NDA legally enforceable in New Zealand?

Yes, an NDA can be enforceable in New Zealand if it is properly drafted, supported by a genuine commercial relationship, and clear about the information, obligations and exceptions. Enforceability still depends on the facts, the wording and the evidence available.

Do I need a mutual NDA or a one way NDA?

It depends on who is sharing confidential information. A one way NDA suits situations where only one party is disclosing. A mutual NDA is more suitable where both sides will share sensitive information during the discussions.

Can an NDA protect my business idea?

Sometimes, but only to a point. An NDA can restrict disclosure and misuse of confidential information about the idea. It does not automatically give you intellectual property ownership over a broad concept, and it does not replace proper IP clauses where those are needed.

How long should an NDA last?

There is no single right answer. The term should reflect the nature of the information and the deal. Sensitive know-how, code or pricing strategy may justify a longer confidentiality period than an ordinary preliminary discussion.

What if the other side sends their own NDA?

That is common. Before you accept the provider's standard terms, check whether the confidentiality obligations are balanced, whether the permitted use is narrow enough, whether the exceptions are too broad, and whether the duration and disclosure rules actually protect your business.

Key Takeaways

  • An NDA is not automatically useful just because it is signed. It needs to fit the actual deal and the real information being shared.
  • The strongest NDAs clearly define confidential information, restrict permitted use, control onward disclosure and set a sensible duration.
  • Common problems include generic templates, signing after disclosure, weak purpose clauses, short time periods and no record of what was shared.
  • An NDA does not replace clauses about intellectual property ownership, data handling, contractor obligations or the main commercial terms.
  • Practical controls matter, including staged disclosure, limited access, written records and careful handling of sensitive documents.
  • If the stakes are high, review the NDA before you sign, especially where offshore parties, valuable know-how or customer data are involved.

If you want help with confidentiality clauses, intellectual property terms, permitted use restrictions, contract drafting, and contract negotiation, you can reach us on 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.

Alex Solo
Alex SoloCo-Founder

Alex is Sprintlaw’s co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.

Need legal help?

Get in touch with our team

Tell us what you need and we'll come back with a fixed-fee quote - no obligation, no surprises.

Keep reading

Related Articles

Commission and Bonus Terms for New Zealand Asset Management Software Businesses

Commission and Bonus Terms for New Zealand Asset Management Software Businesses

Commission and bonus clauses can cause major disputes for New Zealand asset management software businesses if they do not clearly define when payments are

2 Jul 2026
Read more
What “Notwithstanding” Clauses Really Do In NZ Contracts

What “Notwithstanding” Clauses Really Do In NZ Contracts

If you’ve ever read a contract and felt your eyes stop at the phrase “notwithstanding anything else in this agreement” , you’re not alone. A notwithstanding clause can look like harmless legal...

2 Jul 2026
Read more
Warranties in NZ Business Contracts: What They Mean and How They Work

Warranties in NZ Business Contracts: What They Mean and How They Work

If you run a small business, you’ve probably seen the word “warranty” everywhere - in supplier contracts, customer terms, software agreements, equipment purchases, and even business sale documents. But “warranty” can mean...

2 Jul 2026
Read more
Leasing Equipment in New Zealand: Legal Essentials

Leasing Equipment in New Zealand: Legal Essentials

Leasing equipment can help New Zealand businesses preserve cash flow, but the legal terms often decide whether the deal is useful or costly. This guide

2 Jul 2026
Read more
What “Private And Confidential” Means In NZ Business Letters

What “Private And Confidential” Means In NZ Business Letters

If you run a business in New Zealand, you’ve probably seen (or used) the phrase “Private and Confidential” at the top of a letter or email. Sometimes it’s used for something genuinely...

1 Jul 2026
Read more
Launching a Startup in New Zealand's Renewable Energy Sector

Launching a Startup in New Zealand's Renewable Energy Sector

Launching a renewable energy startup in New Zealand can raise questions about registrations, contracts, consumer law, privacy, IP and sector specific

1 Jul 2026
Read more
Need support?

Need help with your business legals?

Speak with Sprintlaw to get practical legal support and fixed-fee options tailored to your business.