The Seller's Guide to NDA Negotiations with Software PE Buyers

What to expect and how to respond when negotiating NDAs with private equity firms - common patterns, pitfalls, and proven strategies

Important Disclaimer

I am not a lawyer, and this article does not constitute legal advice. This guide is based on practical experience and observations from numerous M&A transactions, and is intended solely to highlight common patterns and potential pitfalls that sellers may encounter during NDA negotiations with private equity firms. Every transaction is unique, and you should always consult with qualified legal counsel before entering into any legal agreement or negotiation. The examples and suggestions provided here are for educational purposes only and should not be relied upon as legal guidance for your specific situation.

I. Introduction: Why NDAs Matter More Than You Think

Non-disclosure agreements represent far more than legal paperwork—they’re your first real negotiation with a potential buyer. How you navigate this initial exchange sets expectations for every negotiation that follows, from the Letter of Intent through to final purchase agreements.

Most founders treat NDAs as routine administrative tasks, quickly signing whatever form the buyer presents. This is a mistake. PE firms use NDA negotiations to test your sophistication, resolve, and attention to detail. They’re assessing whether you’ll be an easy mark or a formidable negotiating partner.

The good news? PE firms follow predictable patterns. Once you understand their standard playbook, you can anticipate their moves and respond strategically. This guide reveals those patterns and provides proven responses that protect your interests without derailing deals.

II. The Standard PE Playbook: 7 Changes They’ll Always Make

A. Duration Reduction (100% will try this)

The Move: You propose a 5-year confidentiality period. They counter with 1-2 years, sometimes even suggesting 6 months for preliminary discussions.

Their Argument: “Information becomes stale quickly in the software industry. Technology changes, customers churn, competitive landscapes shift. Five years is excessive for protecting information that won’t be relevant in twelve months.”

Your Response: “Our financial data, customer contracts, and pricing strategies remain competitively sensitive for years. Our customer relationships, many spanning 3-5 year contracts, represent ongoing value. Two years might work for general market information, but core business data needs longer protection.”

The Likely Outcome: Settle on 2-3 years for general information, with longer terms for specific categories like customer lists and financial data.

B. Trade Secret Removal

The Move: They’ll strike language protecting trade secrets, arguing these have independent legal protection.

Their Argument: “Trade secrets are already protected under law. Including them creates perpetual obligations that could expose us to litigation years after discussions end.”

Your Counter-Strategy: Propose a two-stage NDA approach:

  • Stage 1: Basic NDA for financial and commercial information
  • Stage 2: Enhanced NDA with IP protections before sharing technical documentation

Why This Works: It demonstrates reasonableness while protecting what matters most. PE firms rarely walk away from deals over graduated disclosure requirements.

C. Jurisdiction Changes

The Move: Your company is in Wisconsin, they’re in Boston, and they’ll push for Delaware courts or Massachusetts jurisdiction.

Their Argument: “Delaware has sophisticated commercial courts familiar with M&A disputes. It’s neutral ground for both parties.”

The Reality: Out-of-state jurisdiction makes enforcement expensive and impractical for sellers. A lawsuit in Delaware could cost you $250,000+ before seeing a courtroom.

The Compromise: Non-exclusive jurisdiction allowing either party to bring claims in their home courts. This preserves your ability to enforce locally while giving them the same option.

Cross-Border Note: For international deals (e.g., US seller, UK buyer), jurisdiction becomes even more critical. Foreign enforcement can cost $500,000+ and take years. Consider international arbitration (ICC, LCIA) or explicit non-exclusive jurisdiction in both countries.

D. Lowering Standards of Care

The Move: Changing “all reasonable precautions” to “commercially reasonable efforts” or “same degree of care as own confidential information.”

Their Argument: “We need practical standards that reflect how businesses actually operate.”

Your Assessment: This change matters less than you think. Courts interpret these standards similarly, and proving breach requires showing actual disclosure, not just inadequate precautions.

Your Response: Accept this change in exchange for something more valuable, like longer duration or tighter use restrictions.

E. Expanding “Representatives”

The Move: Adding portfolio companies, potential co-investors, debt providers, and seemingly anyone who might touch the deal.

Their Initial Language: “Representatives shall include employees, officers, directors, partners, members, affiliates, portfolio companies, financing sources, and advisors.”

The Problem: This could include direct competitors if they have portfolio companies in your space.

Your Counter: “Representatives with a legitimate need to know for evaluating the proposed transaction, provided that portfolio companies in competitive markets require our prior written consent.”

The Resolution: Usually settles on “need to know” basis with notification requirements for sensitive categories.

F. Document Retention Carve-outs

The Move: Creating exceptions for backup systems, archived emails, and attorney work product.

Their Argument: “Our IT systems automatically backup everything. We can’t guarantee complete destruction from archived systems, and legal hold obligations may require retention.”

Your Analysis: These carve-outs are generally legitimate if properly limited.

Your Requirements:

  • Retained copies remain subject to confidentiality obligations
  • No active use of archived information
  • Reasonable efforts to prevent access

G. “Residual Knowledge” Clauses

The Move: Adding language that permits use of information retained in “unaided memory” of their personnel.

Their Language: “Nothing herein prevents use of residual knowledge retained in unaided memory of representatives who had rightful access to confidential information.”

Why This Is Dangerous: It effectively guts your NDA. Everything important could be claimed as “residual knowledge.”

Your Response: Reject entirely or severely limit:

  • Exclude specific categories (customer lists, pricing, technical specifications)
  • Require documentation of what constitutes “residual”
  • Include non-compete provisions to prevent use in competing investments

III. Information Stages and Disclosure Strategy

A. Initial Disclosure Package

Include in Round 1:

  • Three years of financial statements
  • High-level SaaS metrics (ARR, growth rates, logo retention)
  • Customer concentration data (without names)
  • Executive team bios
  • Market positioning materials

Hold for Later Stages:

  • Customer names and contracts
  • Detailed cohort analyses
  • Source code or technical architecture
  • Employee compensation details
  • Detailed product roadmaps

B. The Two-Stage NDA Approach

Stage 1 - Commercial NDA:

  • 2-3 year term
  • Standard commercial protections
  • Covers 80% of due diligence

Stage 2 - Technical NDA:

  • 5+ year term for technical information
  • IP assignment provisions
  • Specific use limitations
  • Required for technical due diligence

Positioning This Approach: “We’ve found this two-stage approach works well for both parties. You get the commercial information needed to make a bid without excessive restrictions. If you move forward, we’ll share technical details under appropriate protections.”

IV. The Psychology of NDA Negotiations

A. What PE Firms Really Want

Flexibility for Portfolio Operations: They manage multiple companies and want freedom to share information across their platform where it might create value.

Protection from Liability: They see dozens of deals monthly and fear being sued over similarities between companies they evaluate.

Standardization: They want consistent terms across all NDAs to simplify compliance and reduce administrative burden.

Speed: They’re often evaluating multiple targets and don’t want NDA negotiations to slow their process.

B. Your Leverage Points

Information Asymmetry: They need your data to evaluate the opportunity. You don’t need to give it to them.

Reputation Sensitivity: PE firms protect their reputations carefully. Being known as unreasonable or predatory hurts deal flow.

Competition: If multiple buyers are interested, you can use competitive dynamics to maintain standards.

Reasonableness: Courts and the business community expect balanced terms. Extreme positions from either side appear unreasonable.

V. Practical Negotiation Tactics That Work

A. The Rhetorical Question Method

Instead of arguing positions, ask questions that highlight absurdity:

Example 1: “Are you planning to publish our customer list after eighteen months?” Forces them to admit the concern is theoretical

Example 2: “Do you believe our financial performance becomes public knowledge after one year?” Highlights the ongoing sensitivity of information

Example 3: “Would you accept these same terms when selling one of your portfolio companies?” Appeals to reciprocity and fairness

B. The Business Logic Approach

Tie protection periods to actual business realities:

“Our average customer contract is 3 years. Sales cycles run 6-9 months. A competitor with our pricing data could undercut deals for at least two full sales cycles. That’s why we need 24-month protection minimum.”

C. The Compromise Ladder

Never accept or reject immediately. Use structured compromises:

Duration Example:

  • Opening: 5 years
  • Their counter: 1 year
  • Your counter: 3 years
  • Their counter: 18 months
  • Final: 2 years general, 3 years for customer/pricing data

Jurisdiction Example:

  • Opening: Wisconsin exclusive jurisdiction
  • Their counter: Delaware exclusive
  • Your counter: Non-exclusive (either party’s choice)
  • Final: Non-exclusive jurisdiction in both home states

VI. Red Lines: When to Walk Away

Unacceptable Terms

Duration Under 18 Months: Anything less makes enforcement pointless and signals they don’t respect your concerns.

Complete IP Removal: If they won’t protect any technical information, they’re either planning to use it or don’t understand software businesses.

Single Foreign Jurisdiction: Exclusive foreign jurisdiction without alternatives makes enforcement impossible for most sellers.

Unlimited Residual Knowledge: Broad residual clauses without categorical exceptions essentially void the NDA.

Warning Signs About the Buyer

Unwillingness to Negotiate: If they won’t move on reasonable requests at the NDA stage, imagine the LOI and SPA negotiations.

Aggressive Tactics Early: Threats to walk over standard terms suggest they’ll be difficult partners.

Disrespect for Process: Demanding immediate signature or bypassing legal counsel shows they don’t respect proper governance.

VII. Deal-Specific Considerations

A. Strategic vs. Financial Buyers

Strategic Buyers (Competitors):

  • Require tighter use restrictions
  • Limit disclosure to senior executives only
  • Include specific non-compete provisions
  • Consider staged disclosure regardless of their preferences
  • May need separate “clean team” agreements

Financial Buyers (PE Firms):

  • Focus on portfolio company restrictions
  • Address co-investment scenarios
  • Consider financing source limitations
  • More flexible on general commercial terms

B. Your Company’s Specific Vulnerabilities

High Customer Concentration:

  • Protect customer names longer
  • Restrict contact without permission
  • Include non-solicitation provisions

Technical Moat:

  • Require enhanced IP protection
  • Limit technical disclosure entirely
  • Consider code room protocols

Regulatory Advantages:

  • Protect compliance procedures
  • Restrict disclosure of regulatory strategies
  • Include government relationship protections

VIII. The Email Game: Managing the Back-and-Forth

A. Response Timeline Tactics

When Speed Helps:

  • First response to their markup (shows engagement)
  • Final minor clarifications (maintains momentum)
  • When multiple buyers are engaged (creates urgency)

When Delays Are Strategic:

  • After receiving aggressive changes (implies you’re considering walking)
  • Before accepting compromises (suggests reluctance)
  • When seeking internal alignment (demonstrates governance)

B. Documentation Best Practices

Version Control:

  • Number every draft clearly
  • Track changes in Word, not PDF
  • Maintain a master issues list

Email Structure:

Subject: Re: Project [Codename] - NDA v3 Response

[Buyer Name] Team,

Thank you for your markup. We've reviewed internally and can accept most of your changes. Three items remain:

1. Duration (Section 2): We need 24 months minimum given our sales cycles
2. Jurisdiction (Section 8): Requesting non-exclusive jurisdiction 
3. Representatives (Section 1): Please add "need to know" limitation

Revised draft attached with changes accepted where possible and our remaining points highlighted.

Best regards,
[Your name]

IX. Common Buyer Arguments and Proven Rebuttals

A. “This is our standard form”

Your Response: “We appreciate you have standards, as do we. Every deal has unique characteristics that require some customization. We’re not asking for anything unusual—just protections appropriate for our specific situation.”

B. “Trade secrets have their own protection”

Your Response: “If they’re already protected, there’s no harm in acknowledging that protection in our agreement. This simply avoids future disputes about what qualifies as a trade secret.”

C. “One year is sufficient”

Your Response: “Our sales cycles average 9 months. Major customers sign 3-year contracts. Competitors with our pricing data could damage us through multiple selling seasons. Two years is the minimum that makes business sense.”

D. “We need flexibility for our portfolio”

Your Response: “We understand the portfolio dynamics. That’s why we’re proposing a ‘need to know’ standard with notification for competitive situations. This balances your operational needs with our protection requirements.”

X. The Bottom Line: Getting to Yes

A. What Actually Kills Deals

Reality Check: NDA disputes rarely kill legitimate deals. If a buyer walks over reasonable NDA terms, they were never serious or would have been nightmare partners.

What Really Matters:

  • Valuation alignment
  • Strategic fit
  • Management chemistry
  • Deal structure
  • Timing compatibility

B. The 80/20 Rule

Focus 80% of your energy on:

  • Duration (minimum 2 years)
  • Use restrictions (evaluation only)
  • Representative limitations (need to know)
  • Return/destruction obligations

Don’t waste energy on:

  • Choice of law (unless truly egregious)
  • Standard of care language
  • Notice provisions
  • Technical defined terms

C. Setting the Tone for LOI Negotiations

Building Credibility:

  • Reasonable but firm positions
  • Quick responses on non-issues
  • Professional documentation
  • Clear escalation when needed

Demonstrating Sophistication:

  • Understanding their concerns
  • Offering creative compromises
  • Referencing market standards
  • Maintaining business focus

Creating Momentum:

  • Don’t let NDAs drag beyond a week
  • Accept reasonable terms quickly
  • Save fighting for material issues
  • Keep focus on the bigger picture

Appendix: Sample Language That Works

Compromise Duration Language

“Confidentiality obligations shall survive for two (2) years from disclosure, except that obligations regarding customer information, pricing data, and financial projections shall survive for three (3) years.”

Need-to-Know Representatives

“Representatives shall mean those employees, officers, directors, and advisors of Recipient who have a legitimate need to know Confidential Information for purposes of evaluating the proposed transaction and who are bound by confidentiality obligations no less restrictive than those contained herein.”

Balanced Jurisdiction

“Each party irrevocably submits to the non-exclusive jurisdiction of the courts of [Your State] and [Their State] for purposes of any action arising from or relating to this Agreement.”

Email Escalation Template

Subject: Project [Codename] - NDA Final Issues

[PE Partner Name],

We've made good progress on the NDA with your team. Two issues remain where we need your input:

1. Duration: Your team proposed 12 months. Given our 3-year customer contracts and 9-month sales cycles, we need 24 months minimum. 

2. Residual Knowledge: The current language would permit use of any information retained in memory. This effectively voids the NDA for non-documented information.

We're prepared to be flexible on other points if we can resolve these two appropriately. Shall we schedule a brief call to finalize?

Regards,
[CEO/Founder Name]

The Ultimate Reminder

Remember: The NDA negotiation is just the opening act. Don’t exhaust your credibility or relationship capital here. Fight for what matters, compromise on what doesn’t, and keep everyone focused on the real prize—a successful transaction that works for all parties.