Skip to main content
European Commission logo
IP Helpdesk
News blog26 May 2023European Innovation Council and SMEs Executive Agency9 min read

All you need to know about Non-Disclosure Agreements (NDAs) in Brazil

Hiago de Borba Busch

IP Lawyer / Partner at VilelaCoelho


As it is widely known, each company’s valuable intangible assets– such as confidential information– must be protected to be competitive in the market and achieve its business goals. When a company wants to invest or do business overseas, be it in Brazil or other Latin American countries, it will most likely, at some point, have to share confidential information with its local Brazilian or Latin American partners.

Before sharing confidential information, it is important to make sure that the local partner(s) understand(s) that the information received cannot be shared or used for other purposes. Companies need to make sure that their sensitive/confidential information is not improperly shared or used in a way that could harm their competitiveness.

For this purpose, prior to any commercial transaction with local partners in Brazil, signing a confidentiality agreement or Non-Disclosure Agreement (“NDA”) is advised. As its name reveals, an NDA is a legal agreement that aims to ensure that the confidential and strategic information (such as trade secrets, business strategies, know-how, and financial data) received in such transactions is not disclosed without authorization. NDAs are legally enforceable in Brazil and widely used for general business purposes whenever a party needs to disclose sensitive or confidential information to its counterpart before the performance of a business project, commercial transaction, collaboration, due diligence, or hiring employees, among others.

Even though a company should always choose a local partner that can be trusted and that acts in good faith, having a local partner sign an NDA is an important cautionary measure that can be of great value. Besides protecting against an eventual misuse of sensitive information provided to the local partner, it will also guarantee that the local partner understands the value of this information and that it should be correctly handled and used.


1. NDA Regulation

Although Brazil does not have a specific statute regulating confidential information, there are some laws protecting confidential information such as the Industrial Property Law (IPL) and the General Data Protection Law (GDPL). The IPL establishes that the unauthorized disclosure of commercial confidential data/information/know-how constitutes a crime of unfair competition; whereas the GDPL, regulates and guarantees the security and confidentiality of personal data.

Moreover, labor laws also include specific protection for employers’ confidential information accessed through an employment relationship. For example, article 482(g) of the Consolidated Labor Laws establishes that any unauthorized disclosure of a company's secret information by its employees is deemed just cause for termination of the employment agreement, penalizing the employee with the loss of several termination payment rights.

Since there is no specific regulation, Brazilian law does not define confidential information, which is why this definition must always be inserted in the clauses of the NDA. Any non-public sensitive information disclosed by a party may constitute confidential information. The Courts have already stated that an NDA cannot protect public domain data.


2. Types of NDA

The NDA can be unilateral, bilateral, or multilateral, depending on the parties owning the information considered confidential that is communicated to other(s). It is unilateral when only one company shares its confidential information/data with the other (s). This happens in basic service agreements when one party receives information to be able to provide a service, e.g., when hiring a local IT company. This company will be seeing company’s confidential information and data while providing its IT support services.  

It is bilateral when both parties are sharing confidential information with the other. It can happen for example in Joint Venture agreements when two companies join their knowledge to execute a common business project. A multilateral agreement happens when more than two parties are involved in the project and all of them are sharing confidential information with the others.


3. Drafting NDAs

There is no particular format for the NDA to be valid in Brazil, prevailing the parties' contractual freedom while drafting the agreement. No formalities are required, such as notarization or apostille. The NDA may be drafted in any language, although using Portuguese is recommended to avoid the need for a Portuguese-sworn translation if a lawsuit needs to be filed for the enforcement of the agreement (article 192, Civil Procedure Code).

According to Brazilian contractual laws, only parties that have signed an agreement are bound by its terms. Therefore, it is recommended that all parties and their affiliates that may be affected by the confidentiality agreement are duly identified and execute the NDA. Furthermore, it is a good practice to establish that the receiving party will be responsible for any breaches of the agreement by its affiliates, partners, employees, and representatives that will have access to the confidential information, undertaking to make them contractually bound by the terms of the NDA executed between the parties.

Moreover, as in all contracts in Brazil, besides the precise and complete identification of the parties, it is important to include the identification details of two witnesses along with their signatures. With this clause the NDA fulfills the requirements to be considered a valid extrajudicial enforceable deed, which means that the NDA is subject to a faster judicial enforcement proceeding, avoiding the need to previously obtain a judicial declaration on the existence of the right and determining its extension.

Beyond general terms (such as applicable law, jurisdiction, and termination) there are 3 key elements in an NDA: (a) the definition of the confidential information; (b) the duration of the confidentiality obligation; and (c) the penalty for breach of contract.

  1. Definition of confidential information

It is essential that the confidentiality agreement clearly specifies the data and information that is considered confidential and should be protected as such. The definition of confidential information can be broad or narrow, but in any case, the more specific and clear the definition the better. For example, confidential information can be narrowly defined as data disclosed and expressly marked as "confidential".

A broader and more common definition includes any information disclosed by the revealing party to the receiving party during negotiations or the performance of the commercial transaction. A broad definition should also include that confidential information is not limited to the information disclosed on documents, but also those disclosed in any way, orally, written, visual, or any other forms of transmission.

In some circumstances, where there has been a prior exchange of information between the parties, it is important to include a provision expressly extending confidentiality obligation to encompass information that was disclosed to the recipient before the NDA was signed. However, this obligation will obviously only protect against future discloses and could not cover disclosures already made before the execution of the agreement, as the parties were not bound by a contractual confidentiality obligation at that stage. Such disclosures could only be protected by statutory obligations, provided that the legal requirements are met.

The definition clause also normally states information that is not considered confidential, such as publicly available information, information that is already owned or known by the receiving party before the disclosure, and information that can be easily obtained in the market.

  1. Duration of the confidentiality obligation

The duration of the confidentiality obligation should encompass not only the expected duration of the business transaction or relation with the local partner but also some time after the end of the relation. This is very important as the most critical part of a potential breach is precisely after the related transaction is over and parties have already obtained what they need from the other.

There are no formal restrictions on the duration of NDAs. However, it is important to mention that the duration of confidentiality obligations must always be reasonable in view of the circumstances of the case according to scholars and court precedents. Thus, NDAs with very long duration or not setting a duration at all could be considered abusive by the Courts and potentially declared null and void or be early terminated at will by any of the parties, at any time, since no contractual relationship is supposed to be perpetual.

Therefore, to be on the safe side, it is important to set a reasonable duration in view of the circumstances (amount and relevancy of shared data, duration of the business relationship, etc) and according to common practices in the respective market. For orientation purposes only, NDAs tend to include durations between 2-5 years after the disclosure of information or termination of the contractual relationship between the parties.

  1. Penalty clause for breach of contract

A penalty clause should be included whenever possible to set a fixed/minimum amount as a penalty that can be easily enforced independently of judicial discussions. This way it is possible to have at least some estimate of the amount to be recovered in case of confidentiality breaches, in addition to regular damages and loss of profits, which can be very uncertain and depend on evidence sometimes difficult to provide.

A limitation of the liability amount to be paid by the breaching party is allowed, although not common.

  1. Other relevant clauses 
  • A purpose clause is important to limit the authorized use of confidential information disclosed exclusively to a specific purpose, e.g., to explore the possibility of entering into a potential business transaction. This way, there would be a breach if the receiving party uses the data for a different purpose or transaction.
  • Second, since NDAs cannot protect the parties to disclose the information requested by public authorities, it’s advisable to include the obligation for a recipient party to previously inform the disclosing party before providing any confidential information received to attend legal requirements, or at the request of a governmental authority or by a court order.
  • Another relevant clause is the one regulating publicity about the agreement or business. It is recommended that the NDA outlines that all declarations, public announcements, and disclosures by the receiving party must be previously communicated and authorized by the disclosing party. Prior and express consent is the better way to avoid a local partner disclosing excessive information in public announcements.
  • As to the termination of the NDA, it should include the regular provision that it can be canceled at any time with the mutual agreement of the parties involved. This usually requires a formal written notification confirming the cancellation of the agreement. It is also common to set a specific expiration date, after which the agreement will be considered canceled automatically without the need for a formal notification. It can be a specific date or a condition such as the end of the main service agreement or collaboration agreement between the parties.
  • In addition, it is a good practice to include a provision for the automatic termination of the confidentiality agreement whenever there is a breach of contract. Consequently, if one party breaches the confidentiality agreement, the other party may have the right to terminate the agreement immediately, without notice. Although it may not be a contractual obligation, it will always be better for the aggrieved party to notify the breaching party in writing, indicating that the agreement is being terminated due to a breach. This breach notice can also work to set a breach date, which may be important in damages claims. However, it is important to remember that the termination of the agreement should not terminate the confidentiality obligation as its duration, as mentioned before, should remain in force for a certain period, protecting the information after the relationship between the parties is ended.

Contact us

If you would like to be up to date with the latest news about IP in Brazil, or any country in Latin America, and you happen to have questions about Non-Disclosure Agreements, please let us know by making use of our Helpline. It’s free, fast (maximum 3 working days), and you will get an answer from our IP experts back in English, French, Italian, German, or Portuguese (upon experts’ availability).