A Belgium Non‑Disclosure Agreement (NDA) is a contract used to protect confidential business information while complying with Belgian civil and regulatory rules — in particular the Law of 30 July 2018 implementing the EU Trade Secrets Directive, GDPR (Regulation (EU) 2016/679), and recent reforms to the Belgian Civil Code (Livre 5) that set general limitation periods.

What is a Belgium NDA?

Definition: A Belgium NDA (accord de confidentialité) is a written contract by which the recipient of information agrees not to disclose or misuse confidential business information. It is designed to protect "trade secrets" as defined by the Law of 30 July 2018 (Loi relative au secret des affaires) and to set contractual duties of confidentiality consistent with GDPR and contract law under the Code civil belge (nouveau Livre 5).

Under Belgian law, a valid NDA must: (1) clearly identify the confidential information or the categories of information covered; (2) show that the information has commercial value from being secret; and (3) describe the reasonable steps taken to keep it secret. Those three elements mirror the statutory test in the 2018 law implementing the EU Trade Secrets Directive.

Why “generic” NDAs are dangerous in Belgium

Templates copied from other jurisdictions often miss three Belgium‑specific traps:

1. GDPR and personal data. Many NDAs casually allow the exchange of files containing personal data (contacts, CVs, customer data) without defining legal bases or processing rules. Under GDPR, the parties must allocate responsibilities (controller vs processor), state lawful bases, and include data‑transfer safeguards when data leaves the EEA.
   
2. Whistleblowers and public interest disclosures. The EU Whistleblower Directive and national transposition protect certain disclosures to authorities and the public interest. An NDA that attempts to forbid all disclosure of wrongdoing is unenforceable and may expose the company to administrative penalties.
   
3. Overbroad “gag” clauses vs procedural protection under the 2018 trade secrets law. Belgian courts and civil procedure allow specific protective measures in trade secret litigation (e.g., in camera filings, preservation orders). But courts will not enforce NDAs used to conceal information that should be disclosed by law or to circumvent employment protections.

Paradigm‑shifting insight: In Belgium the biggest drafting mistake is trying to use an NDA as a substitute for employment restraints or as a tool to prevent lawful reporting. The 2018 trade secrets law gives robust civil remedies for misappropriation — but it does not authorize contractual silencing of whistleblowers or permit indefinite, catch‑all confidentiality that ignores GDPR and public‑interest exceptions. In short: NDAs must be precise, GDPR‑aware, and whistleblower‑proof.

Real legal development to note

Belgium implemented the EU Trade Secrets Directive via the Law of 30 July 2018 (Loi du 30 juillet 2018 relative au secret des affaires). That law expressly requires the demonstrable elements of a trade secret and provides civil procedures for preservation and relief. At the same time, GDPR enforcement by the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit) makes data‑processing clauses inside NDAs essential for compliance.

What’s included in this template? (Key clauses adapted for Belgium)

• Precise definition of Confidential Information vs. Trade Secrets (mirroring the 2018 law): distinguishes limited‑term confidential business info (e.g., pricing) from trade secrets that may enjoy indefinite protection while secret.
• GDPR / data processing clause: allocates controller/processor roles, lists lawful bases, provides security measures and cross‑border transfer safeguards.
• Whistleblower carve‑out: permits disclosures to competent public authorities and to persons protected by Whistleblower rules; prevents the NDA from being used to mask unlawful conduct.
• Purpose limitation clause: narrows permitted use to a specific evaluation (e.g., "due diligence on proposed joint venture X").
• Duration and return/destruction obligations: typical confidentiality periods (2–5 years) for general information, indefinite for properly demonstrated trade secrets; obligations to return or destroy confidential materials on request.
• Residuals / memory clause (optional): limited language to avoid imposing an unreasonable restraint on future employment while protecting genuinely retained trade secrets.
• Governing law and jurisdiction: Belgian law is recommended if the primary operations are in Belgium; parties should be careful when choosing foreign law if it conflicts with mandatory Belgian public policy.

Who needs this document?

How to execute a valid Belgium NDA

1. Be precise about the Purpose. Describe what the recipient may do with the information; avoid broad, unlimited aims.
2. Mark your documents and show secrecy steps. Label documents "CONFIDENTIAL," restrict access, and keep records demonstrating reasonable efforts to maintain secrecy (this is critical under the 2018 law).
3. Build GDPR compliance into the NDA. Identify which party is controller/processor, say what data may be exchanged, and state security measures and transfer safeguards.
4. Sign before sharing and use reliable electronic signatures. The eIDAS Regulation (Regulation (EU) No 910/2014) recognises electronic signatures; using a qualified electronic signature (or Belgium eID) increases evidentiary weight.

Already receiving NDAs from clients?

If a client sends you an NDA, review it for: undefined "confidential" categories, missing data processing language, overbroad non‑disclosure of wrongdoing, and clauses that attempt to restrict lawful disclosures. Contract Analyze flags GDPR and trade‑secret red flags, compares terms against Belgian precedents, and highlights clauses that likely require negotiation.