Cyber Rebels

  • Mon - Fri : 9:00 -17:00
Neotech-icon-facebook-f Neotech-icon-twitter Neotech-icon-linkedin-in Neotech-icon-instagram
Cyber Rebels logo with padlock design.
Menu
0 £0.00

Have Any Questions?

Book A Call

Get In Touch
breacumb linear4
breacumb linear5
Non-Disclosure Agreement (NDA)

Non-Disclosure Agreement

This Non-Disclosure Agreement is made between Cyber Rebels Ltd, a company registered in England and Wales under company number 16228861, with its registered office at 56 High Street, Tamworth, Staffordshire, B77 1LP, and the client or organisation engaging Cyber Rebels Ltd.

For the purpose of this Agreement, the party sharing confidential information is called the Disclosing Party and the party receiving it is called the Receiving Party. In most cases, this will mean the client shares confidential information with Cyber Rebels Ltd so that Cyber Rebels can provide training, consultancy, advice, scoping, reporting or related services.

1. Purpose

During discussions, training, consultancy, scoping or related work, the Disclosing Party may share confidential information with the Receiving Party.

This may happen when a client explains how their organisation works, describes security concerns, shares internal processes, discusses past incidents, provides staff or system information, or asks Cyber Rebels to understand risks that are not publicly known.

The purpose of this Agreement is to make sure that any confidential information shared for that work is handled carefully, used only for the agreed purpose, and not shared inappropriately.

2. What Counts as Confidential Information

Confidential information means any non-public information shared in any form, whether spoken, written, digital, visual or otherwise.

This may include, but is not limited to, business operations, internal procedures, policies, security measures, vulnerabilities, incident details, staff information, personal data, technical information, systems information, plans, strategies, financial information, client information, training requirements, reports, proposals, risk findings and any other information that would reasonably be understood to be confidential.

Information will not be treated as confidential if it:

  • is already public through no fault of the Receiving Party;
  • was already known by the Receiving Party before it was shared;
  • is received lawfully from another source;
  • is developed independently without using the confidential information; or
  • must be disclosed by law, regulation, court order or a competent authority.

3. Responsibilities of the Receiving Party

The Receiving Party will:

  • keep confidential information secure and confidential;
  • use it only for the purpose for which it was shared;
  • only share it with people who need access to support the agreed work;
  • make sure anyone given access understands the need to protect it;
  • not disclose it to anyone else without permission unless legally required;
  • take reasonable technical and organisational steps to protect it; and
  • tell the Disclosing Party promptly if it becomes aware of any unauthorised access, loss or disclosure.

In practice, this means confidential information should only be used in a controlled and proportionate way. It should not be copied, discussed, forwarded or stored more widely than necessary.

4. Permitted Disclosure

The Receiving Party may share confidential information where necessary with its employees, contractors, trainers, professional advisers, insurers, legal advisers or trusted service providers, provided they need the information for the agreed purpose and are required to keep it confidential.

The Receiving Party may also disclose confidential information where required by law, regulation, court order, a regulator, or another competent authority. Where legally allowed, the Receiving Party will tell the Disclosing Party before making that disclosure.

5. Data Protection

Where confidential information includes personal data, both parties will comply with UK data protection law, including the UK GDPR and the Data Protection Act 2018.

Each party will normally act as an independent controller unless a separate written agreement says otherwise. If Cyber Rebels Ltd is required to process personal data on the client’s behalf and under the client’s instructions, the parties will put appropriate data processing terms in place before that processing begins.

6. Duration of Confidentiality

This Agreement applies from the date confidential information is first shared.

The duty to protect confidential information continues for 36 months after the relevant training, consultancy, discussion or service has ended.

Where information remains protected by law, including trade secrets, personal data, legal obligations or information that is still clearly confidential, the duty to protect it will continue for as long as that protection applies.

7. Return or Secure Destruction

If the Disclosing Party asks in writing, the Receiving Party will return or securely destroy confidential information within 14 days, unless it is required to keep a copy for legal, regulatory, insurance, accounting, audit or legitimate business record purposes.

Routine backups may continue to hold copies for a limited period, but those copies will remain protected and will not be actively used unless recovery is required.

8. No Licence or Ownership Transfer

Sharing confidential information does not give the Receiving Party ownership of that information.

No intellectual property rights, licence or wider usage rights are granted unless agreed separately in writing.

9. No Obligation to Proceed

This Agreement does not require either party to enter into a contract, buy services, provide services, or continue discussions. It only controls how confidential information is handled.

10. Remedies

Unauthorised disclosure of confidential information may cause serious harm.

If confidential information is misused or disclosed without permission, the Disclosing Party may seek appropriate legal remedies, including injunctive relief, in addition to any other rights available under law.

11. Governing Law

This Agreement is governed by the laws of England and Wales.

The courts of England and Wales will have exclusive jurisdiction over any dispute relating to this Agreement.

This page provides the publicly accessible version of the Cyber Rebels NDA. Executed NDAs signed through our digital signature system remain confidential and are shared only with the parties involved.

Search

account

cart

  • Cyber Rebels
All category
Shopping cart close