Mutual Non-Disclosure Agreement

Document type

Mutual NDA · template

Effective date

[Effective Date]

Term

2 years from the Effective Date (confidentiality survives indefinitely for trade secrets)

Governing law

State of [State], USA

This Mutual Non-Disclosure Agreement (the "Agreement") is entered into as of [Effective Date] by and between:

CyberGrid, a security testing services company (the "Provider"), having its principal place of business at [CyberGrid Address]; and

[Customer Legal Name], a [State of incorporation] [entity type] (the "Customer"), having its principal place of business at [Customer Address].

Each a "Party" and together the "Parties." The Parties wish to explore a potential business relationship in connection with security testing services (the "Purpose") and may share Confidential Information for that Purpose. The Parties agree as follows:

1. Definition of Confidential Information

"Confidential Information" means any non-public information disclosed by one Party (the "Disclosing Party") to the other Party (the "Receiving Party") in any form, that is identified as confidential at the time of disclosure or that a reasonable person would understand to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information includes, without limitation: technical data, source code, security vulnerabilities, audit findings, business plans, customer lists, financial information, internal architecture, and the existence and terms of any discussions between the Parties.

2. Exclusions

Confidential Information does not include information that:

1. was already known to the Receiving Party at the time of disclosure, without obligation of confidentiality, as evidenced by written records;
2. was or becomes publicly known through no breach of this Agreement by the Receiving Party;
3. was rightfully received by the Receiving Party from a third party without an obligation of confidentiality;
4. was independently developed by the Receiving Party without use of or reference to the Disclosing Party's Confidential Information, as evidenced by written records; or
5. is required to be disclosed by law, court order, or regulatory authority, provided that the Receiving Party gives the Disclosing Party prompt written notice (where legally permissible) and reasonable opportunity to seek a protective order.

3. Obligations of the Receiving Party

The Receiving Party agrees to:

1. hold Confidential Information in strict confidence and use at least the same degree of care it uses to protect its own confidential information of similar importance (and in no event less than reasonable care);
2. use Confidential Information solely for the Purpose, and for no other purpose;
3. limit access to Confidential Information to employees, contractors, and professional advisors who have a need to know for the Purpose and who are bound by written confidentiality obligations at least as protective as those in this Agreement;
4. not reverse engineer, decompile, or disassemble any Confidential Information disclosed in any tangible or electronic form;
5. not disclose Confidential Information to any third party without the prior written consent of the Disclosing Party.

4. Security findings

For the avoidance of doubt: any security vulnerabilities, weaknesses, or findings disclosed by either Party to the other in the course of evaluating or performing security testing services are Confidential Information and are subject to the obligations of this Agreement. Neither Party will publicly disclose, publish, or share any such finding without the other Party's prior written consent, except as permitted by Section 2(5) above.

5. Term and Survival

This Agreement is effective from the Effective Date and continues for two (2) years, unless terminated earlier by either Party upon thirty (30) days' written notice. The Receiving Party's obligations with respect to Confidential Information disclosed prior to termination survive for three (3) years after termination, except that obligations with respect to trade secrets survive for as long as such information remains a trade secret under applicable law.

6. Return or destruction

Upon written request of the Disclosing Party, or upon termination of this Agreement, the Receiving Party shall promptly return or destroy (at the Disclosing Party's option) all Confidential Information in its possession and certify such destruction in writing. The Receiving Party may retain one (1) archival copy in its legal files solely to evidence compliance with this Agreement, and any electronic copies created in the ordinary course of automated backup that cannot reasonably be deleted; such retained copies remain subject to the obligations of this Agreement indefinitely.

7. No license, no warranty

This Agreement does not grant any license, right of use, or ownership interest to either Party in any Confidential Information of the other Party. All Confidential Information is provided "as is" without warranty of any kind, express or implied, including without limitation any warranty of accuracy, completeness, non-infringement, or fitness for a particular purpose.

8. No obligation to proceed

Nothing in this Agreement obligates either Party to enter into any further agreement, to provide any goods or services, or to make any payment to the other Party. Either Party may decline to proceed with the Purpose at any time, for any reason or no reason.

9. Equitable relief

The Parties acknowledge that breach of this Agreement may cause irreparable harm for which monetary damages would be inadequate. Accordingly, the non-breaching Party is entitled to seek injunctive and other equitable relief, in addition to any other available remedies, without the necessity of posting bond.

10. Miscellaneous

Governing law. This Agreement is governed by the laws of the State of [State], without regard to its conflict-of-laws provisions. The Parties consent to the exclusive jurisdiction of the state and federal courts located in [County, State] for any dispute arising under this Agreement.

Entire agreement. This Agreement constitutes the entire understanding of the Parties with respect to the subject matter hereof and supersedes all prior or contemporaneous communications, whether oral or written.

Amendments. No amendment, modification, or waiver of any provision of this Agreement is effective unless in writing and signed by both Parties.

Severability. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions remain in full force and effect.

Counterparts & electronic signature. This Agreement may be executed in counterparts, each of which is deemed an original. Electronic and digital signatures (including via DocuSign, HelloSign, or PDF) are valid and binding.