Guide6 min read

Is It Safe to Review an NDA With AI?

Reviewing an NDA with a public AI can breach the confidentiality it protects. Anonymise the parties and subject before you paste.

By Pierre de ONYRI

Yes, AI can help you understand an NDA — but not by pasting the whole document into it. An NDA (Non-Disclosure Agreement, or confidentiality agreement) names the parties and describes the secret subject: the deal, the technology, the trade secret. Pasting it into a consumer ChatGPT exposes exactly what the agreement exists to protect. Worse still: many NDAs forbid disclosing that information to a third party. A public AI is a third party. Your prompt is a disclosure. So reviewing an NDA with a public AI can breach that NDA itself. The fix is simple: anonymise the parties and the subject before you paste. The model then explains the clauses, not the secret.

The irony: the NDA protects what you expose

An NDA exists for one reason: to keep information secret. It names the parties. It identifies the confidential subject — the project, the product, the technology, the trade secret. It sets each side's obligations. The whole document is built around what nobody should see.

Pasting that document into an AI to "review" it flips the logic. You hand an outside service the very things the agreement wants kept confidential. The names of the parties. The nature of the deal. The secret itself. The tool meant to help you receives what the agreement forbids you to leak.

The sharp point: reviewing an NDA can breach it

Most NDAs restrict disclosure of the confidential information to third parties. Many also forbid transmitting it to outside services without permission. A public AI is a third party. The text of your prompt is a disclosure. So using such a tool to understand the NDA can breach the very clause you are trying to read.

An important nuance: this depends on the NDA's wording. Some agreements permit disclosure to professional advisers. Others allow it to service providers under equivalent confidentiality. The risk is not absolute. But it is real whenever the text bars any sharing with an unplanned third party.

Trade secrets: a disclosure can cost the protection

The subject of an NDA is often a trade secret protected by law. In the European Union, the Trade Secrets Directive (Directive (EU) 2016/943) sets three conditions. The information must be secret. It must have commercial value because it is secret. And its holder must take reasonable steps to keep it secret.

  • Secret: not generally known, nor readily accessible.
  • Valuable: its commercial value comes from being secret.
  • Protected: the holder takes reasonable steps to keep it secret — an NDA is one of them.

WIPO (the World Intellectual Property Organization) describes a trade secret the same way. It is a right over confidential information, valuable because it is secret. Once it becomes public, it loses that protected status. Unlike a patent, it gives no defence against a third party who obtains or independently develops the information.

The consequence is direct. Protection depends on you keeping the information secret. So a careless disclosure can undermine it. Feeding an external AI with deal or technology details — a tool that may retain or reuse them — weakens that showing. This is not an automatic loss in every jurisdiction. Outside the EU, national law applies. But the risk is enough to justify caution.

And if the NDA holds personal data

An NDA or its subject often holds personal data. Names. Contact details. Information about employees or clients. In that case, the GDPR (Regulation (EU) 2016/679) applies too. It governs who may process personal data and under what safeguards. So a data-protection dimension stacks on top of the contractual and trade-secret exposure.

Applying the GDPR to AI is still shifting ground. Italy's Garante had fined OpenAI 15 million euros in 2024 over ChatGPT. In March 2026, a Rome court annulled that fine. Read it carefully: the annulment was on jurisdiction, not the merits. The court held that the Irish authority had become lead supervisor. It did not rule on the substantive claims. Take one thing from this: the GDPR remains the applicable regime if the NDA contains personal data.

You assumeThe reality
“I'm just pasting the NDA to understand it”You disclose the parties and the secret subject the agreement protects
“An AI isn't really a third party”It's an outside service; your prompt is a disclosure to a third party
“My trade secret stays protected no matter what”A careless disclosure can undermine the protection (Directive 2016/943, WIPO)
“There's no personal data in here”Names and contact details fall under the GDPR the moment they appear
The risk isn't discussing an NDA with an AI — it's the parties and the secret you leave behind in it.

The fix: anonymise before you paste

Good news: AI is still very useful on an NDA. It can explain the clauses. It can describe the obligations. It can flag the traps and the points to negotiate. For that, it needs no idea who the parties are or what the secret is. It works on the structure of the agreement, not its confidential content.

The method is four moves. You replace the real values with neutral tokens before sending. The model analyses the clauses without ever seeing the secret. Then you restore the real values locally. The sensitive content never leaves your control.

  1. 1Spot the sensitive parts: party names, the deal's subject, figures, technology, the secret.
  2. 2Replace each one with a reversible token, in the browser.
  3. 3Send only the anonymized NDA to the AI for clause review.
  4. 4Restore the real values in the reply, locally.

A word on enterprise offerings. The risk here targets consumer AI, which may retain or retrain on your inputs. An enterprise offering with a no-retention and no-training commitment changes the analysis. But anonymisation stays the safest layer: what the model never sees cannot leak.

Two-part diagram. At top, an NDA with a "confidential" seal, its party and subject lines in the clear (amber), travels toward an AI card where the seal appears broken — the self-breach. At bottom, the same NDA anonymized shows only cobalt tokens, the seal stays intact, and the AI receives only tokens with a checkmark: reviewed safely.
After the Trade Secrets Directive (Directive (EU) 2016/943), WIPO, and the GDPR (Regulation (EU) 2016/679).

That's what ONYRI Sanitize is for. The engine detects sensitive data — party names, the deal's subject, figures, the trade secret — and replaces it with reversible tokens before sending. Detection and the mapping stay in your browser. Only anonymized text reaches the model. The AI reviews the clauses, never the secret. You get the analysis, without risking a breach of the very agreement you're trying to understand.

Frequently asked questions

Is it safe to review an NDA with AI?
Yes for the clauses, no with the raw document. AI can explain the obligations, the traps and the points to negotiate without knowing the parties or the secret. But pasting the whole NDA into a consumer ChatGPT exposes the information the agreement protects. Depending on its terms, that can even breach the clause barring disclosure to a third party. Anonymise the parties and the subject before you send.
Can pasting an NDA into ChatGPT really breach the agreement?
It depends on the terms. Many NDAs forbid disclosing the confidential information to a third party, or transmitting it to an outside service without permission. A public AI is a third party, and your prompt is a disclosure. The risk isn't absolute: some agreements allow sharing with advisers or providers under equivalent confidentiality. When in doubt, anonymise.
Does disclosing a trade secret to an AI forfeit its protection?
It's a real risk, not an automatic loss. The Trade Secrets Directive (Directive (EU) 2016/943) and WIPO tie protection to keeping the information secret through reasonable steps. An NDA is one of those steps. Feeding an external AI the secret can undermine that showing. Outside the EU, national law applies. The safe move: never let the secret reach the model.

Sources & references

Keep your sensitive data in your browser

ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.

Anonymize my prompt

Read next