What Does "In Confidence" Mean?

When someone shares information “in confidence”, they expect you to keep it private and use it only for a specific purpose. In business, this comes up a lot - from early investor chats to pitching to a potential supplier, or onboarding a new employee.

Understanding what “in confidence” really means (and how to protect it) is essential. It helps you safeguard trade secrets, avoid accidental leaks, and build trust with partners and customers - all while staying compliant with Australian law.

In this guide, we’ll unpack what counts as confidential information, when those obligations arise, how to protect it contractually and operationally, and what to do if there’s a breach.

What Does “In Confidence” Mean In Business?

“In confidence” refers to information shared on the basis that it won’t be disclosed beyond the agreed purpose or audience. In a business context, this often covers:

• Trade secrets and know‑how (e.g. pricing formulas, recipes, process maps)
• Financials, forecasts and investor decks
• Product roadmaps, source code and prototypes
• Customer lists and supplier terms
• Staff details and internal policies

Confidentiality can arise in a few ways:

• Contractually - via a confidentiality clause or a standalone Non‑Disclosure Agreement (NDA)
• By context - where a reasonable person would expect privacy (e.g. a labelled “confidential” board pack)
• By law - for example, obligations owed by employees or under equitable principles protecting trade secrets

The core idea is simple: if you receive information “in confidence”, you shouldn’t share or use it beyond the agreed purpose without permission.

When Should You Share Information “In Confidence”?

Most small businesses will exchange sensitive information during normal operations. Typical scenarios include:

• Pitching to a potential client or partner and discussing pricing strategy or IP
• Engaging contractors who need access to your systems or code
• Hiring employees who will see customer data or internal playbooks
• Fundraising discussions with investors or lenders
• Supplier negotiations where you share demand forecasts or product specs

Whenever the information would cause you harm if it leaked - competitive, legal or reputational - treat it as confidential and put the right protections in place before sharing.

How Do You Legally Protect Confidential Information?

Good confidentiality management combines clear contracts and practical controls. Here are the key tools most businesses use.

Use NDAs For Pre‑Contract Discussions

An NDA sets out what’s confidential, how it may be used, who can access it, and what happens if someone breaches. It’s ideal before deeper talks with potential partners, advisors or investors.

You can use a one‑way NDA if only one side is disclosing, or a Mutual NDA if both sides will share sensitive information. Having a signed Non‑Disclosure Agreement on file makes expectations clear from day one, and a Mutual NDA is common for collaborative projects or due diligence.

Include Confidentiality Clauses In Your Contracts

Once you’re working together, embed confidentiality obligations directly into your commercial agreements. This keeps everything in one place and ties confidentiality to the broader relationship and termination rights.

• Customer and supplier contracts should define “Confidential Information”, permitted use, security standards, and return/destruction on request.
• A well‑drafted Contractor Agreement should cover access controls, IP ownership and ongoing confidentiality after the engagement ends.
• If you employ staff, an Employment Contract should include confidentiality, conflicts of interest, and restraint provisions where appropriate.

Distinguish Privacy From Confidentiality

Privacy and confidentiality overlap but are not the same. Privacy laws regulate how you collect, use and store personal information about individuals. Confidentiality is broader - it covers your commercial secrets and sensitive business data.

If your business collects personal information (for example through your website or CRM), you’ll likely need a Privacy Policy and processes to manage consent, access and storage. For incident readiness, many businesses also maintain a Data Breach Response Plan and may add an Email Disclaimer to reinforce confidentiality and privacy expectations in communications.

Protect Your Brand And Trade Secrets

Contractual confidentiality protects information, but you should also protect brand assets that become public. Registering your brand name and logo as a trade mark helps you stop copycats and maintain reputation while you keep your know‑how confidential. It’s common to register your trade mark alongside strengthening your internal confidentiality practices.

Practical Steps To Handle Confidential Information Day‑To‑Day

Paperwork alone isn’t enough. A few simple habits will significantly reduce risk.

1) Label, Scope And Limit Access

• Mark documents “Confidential” and date them.
• Share on a “need‑to‑know” basis; use access controls for folders and apps.
• State the purpose each time you share (e.g. “provided solely to evaluate a partnership”).

2) Control The Channels

• Use secure storage (e.g. reputable cloud providers with MFA) and avoid personal email accounts.
• Disable file downloads or set expiries where possible; watermark drafts for traceability.
• Keep meeting notes short and factual; circulate only to authorised people.

3) Train Your Team

• Explain what your business considers confidential and how to handle it.
• Remind staff not to discuss sensitive matters in public spaces or on unsecured networks.
• Build confidentiality into onboarding and offboarding checklists.

4) Keep A Clean Paper Trail

• Store signed NDAs and contracts in a central register.
• Record when, how and to whom you disclosed sensitive information.
• Note any restrictions agreed (e.g. no subcontracting, no screenshots, return by a certain date).

5) Plan For Incidents

• Set an escalation path for suspected leaks (who to tell, what to preserve, when to notify).
• Include steps to contain the issue, investigate quickly and enforce your contractual rights.
• If personal information is involved, follow your Data Breach Response Plan processes.

What Happens If Confidentiality Is Breached?

Breaches happen - from accidental forwards to deliberate misuse. Your response should be fast, proportionate and documented.

Identify And Contain

Find out what was shared, to whom and through which channel. Lock down access, revoke sharing links and request immediate deletion or return of materials under your contractual rights.

Check Contractual Remedies

Most well‑drafted confidentiality clauses provide for equitable relief (like an injunction to stop further misuse) and damages. Your NDA or commercial contract may also require cooperation, audits, or destruction certificates.

Consider Legal And Regulatory Steps

If the incident involves personal information, assess whether you need to notify affected individuals or regulators under applicable privacy requirements. Even where notification isn’t required, it may be prudent to inform key partners to preserve trust.

Review And Improve Controls

After containment, close the loop. Update training, tighten permissions, or adjust your playbook. In some cases, you may also renegotiate contract terms to raise security standards with repeat counterparties.

Common Questions About “In Confidence”

What Counts As “Confidential Information”?

It depends on your contract and the context. Typically, anything disclosed as confidential or that a reasonable person would treat as secret qualifies. Many contracts exclude information that’s already public, independently developed, or lawfully received from someone else.

Is An NDA Always Necessary?

An NDA isn’t legally mandatory, but it’s highly recommended before sharing valuable know‑how. It clarifies the rules and gives you stronger enforcement options. Once you formalise a relationship, ensure your main contract contains robust confidentiality terms so you don’t rely on the NDA alone.

How Long Does Confidentiality Last?

Your contract should set a period (e.g. two to five years) and often provide that genuine trade secrets must be kept confidential indefinitely. Without a contract, obligations may still exist under general law, but they’re harder to prove - hence the value of clear written terms.

Can We Share Confidences Internally?

Usually yes, on a need‑to‑know basis. Many NDAs allow disclosure to your officers, employees and advisers who are bound by similar obligations. Make sure your internal documents (like your Employment Contract and contractor terms) include the necessary confidentiality provisions.

How Does Privacy Law Fit In?

Privacy law governs personal information. If you handle personal data as part of a confidential project (e.g. a customer list), you’ll need appropriate privacy notices, secure handling and incident response processes alongside your confidentiality controls.

What To Include In Your Confidentiality Clauses

If you’re drafting or reviewing confidentiality wording, look for these essentials:

• Clear definition of “Confidential Information” (including oral disclosures confirmed in writing)
• Permitted purpose and limitations on use
• Who may receive the information (staff, agents, advisers) and their obligations
• Security standards, audit rights and incident notification
• Return/destruction requirements and certification on request
• Duration of confidentiality and special treatment of trade secrets
• Injunctive relief and liability provisions for breach
• Carve‑outs for disclosures required by law or regulators (with notice where possible)

If you’re collaborating across borders or dealing with offshore teams, consider whether you need additional provisions for cross‑border transfers, local data storage or export controls. In global projects, some businesses also use an international or multi‑jurisdictional NDA alongside their main contract.

Build A Simple Confidentiality Toolkit

Most small businesses can cover the majority of scenarios with a short, practical set of documents and habits:

• A standard one‑way NDA for vendor demos and early supplier chats
• A Mutual NDA for joint projects and due diligence
• Strong confidentiality terms baked into your commercial agreements
• An Employment Contract and Contractor Agreement with confidentiality and IP ownership clauses
• A customer‑facing Privacy Policy and internal Data Breach Response Plan
• Team training, access controls, and clear labelling practices

With these in place, you can share what you need to grow - without putting your competitive edge at risk.

Key Takeaways

• “In confidence” means information is shared for a limited purpose and must not be disclosed or misused.
• Use NDAs for early discussions and include strong confidentiality clauses in your commercial, contractor and employment agreements.
• Pair contracts with practical controls - label documents, limit access, train your team and keep a clear paper trail.
• Privacy and confidentiality are related but distinct; most businesses need a Privacy Policy and incident response processes alongside confidentiality terms.
• Plan your breach response in advance so you can contain issues quickly and enforce your rights if needed.
• Protect your broader brand by registering trade marks while you keep your know‑how confidential.

If you’d like a consultation on setting up NDAs, contract clauses and privacy documents for your business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.