Trade Secrets in the UK: Definition, Protection and Practical Steps

Every small business has information that gives it an edge - your special process, a unique recipe, a pricing model, a supplier list, or a growth strategy. If that information leaked, you could lose time, money and market share.

That’s where trade secrets come in. With the right setup, UK law can protect your confidential business information - but only if you take reasonable steps to keep it secret from day one.

In this guide, we’ll explain what counts as a trade secret in the UK, how to protect it in practice, which contracts you should have in place, and what to do if something goes wrong.

What Is A Trade Secret Under UK Law?

In the UK, trade secrets are protected under the common law of breach of confidence and the Trade Secrets (Enforcement, etc.) Regulations 2018. In plain English, you’ll generally be protected if your information:

• Is secret (it’s not generally known or easily discoverable);
• Has commercial value because it is secret; and
• Is subject to reasonable steps to keep it secret.

That last limb is crucial. Courts look hard at what you actually did to protect the information. If you don’t treat it as confidential, it’s far harder to enforce your rights later.

Examples of trade secrets can include:

• Manufacturing processes and formulae
• Source code and algorithms
• Supplier terms and pricing models
• Marketing strategies and product roadmaps
• Customer lists and segmentation data

If someone unlawfully discloses or uses your trade secret, you can seek remedies like injunctions (to stop the misuse), delivery up or destruction of confidential material, damages or an account of profits, and springboard relief (to neutralise any unfair head-start gained from the misuse).

Trade Secrets Vs Other IP: When To Keep It Secret (Not Patent It)

Trade secrets sit alongside other intellectual property (IP) tools. Deciding whether to keep something secret or protect it another way is a strategic choice.

When Trade Secrets Make Sense

• Longevity: If your advantage could last many years (for example, a recipe or process that isn’t easily reverse-engineered), secrecy can outlast patents.
• Cost and speed: No registration fees, no waiting. Protection starts as soon as you take reasonable steps to keep it confidential.
• Scope: You can protect information that patents can’t, such as business methods or internal playbooks.

When To Consider Other IP

• Patent: If your invention is new, inventive and industrially applicable - and could be reverse-engineered once on the market - a patent may be worth the time and cost.
• Trade mark: Your brand name or logo should be protected with a registered trade mark. It complements trade secret protection for brand assets.
• Copyright and designs: Code, documents, graphics and product designs may be protected automatically or via registration, but that doesn’t replace secrecy for sensitive know‑how.

Many businesses use a hybrid approach: keep the core know‑how as a trade secret, protect the brand with a trade mark, and put copyright notices on materials. If you’re working with external developers or creatives, ensure you understand how IP with contractors works so ownership and confidentiality are watertight.

How To Protect Trade Secrets Day-To-Day (Practical Checklist)

Courts expect to see “reasonable steps” in how you operate. Think of it as a layered approach: policy, people, process and technology all working together.

1) Identify And Classify Your Trade Secrets

• List the specific information that gives you an advantage.
• Classify by sensitivity (for example, “Confidential”, “Strictly Confidential”).
• Mark documents clearly and avoid over-labelling everything - it should be meaningful.

2) Limit Access On A Need-To-Know Basis

• Use role-based access controls and permissions in your systems.
• Keep sensitive docs in separate drives or password-protected vaults.
• Remove access promptly when roles change or people leave.

3) Use Contracts And Notices Every Time

• Put confidentiality wording in your website, proposals and slide decks when sharing sensitive information.
• Before sharing with potential partners or investors, send a short, tailored Non-Disclosure Agreement (NDA).
• Include confidentiality and IP clauses in all staff and contractor agreements.

4) Adopt Clear Policies And Train Your Team

• Have a written Workplace Policy covering confidentiality, BYOD (bring your own device), remote work and information handling.
• Run onboarding and periodic refreshers on handling confidential information.
• Explain what staff can and can’t share publicly or on social media.

5) Strengthen Your Tech And Processes

• Encrypt laptops and cloud storage; enable MFA on all accounts.
• Segregate development, testing and production environments.
• Keep audit logs of access and downloads to support investigations later.
• Have a practical Data Breach Response Plan so you can act fast if something goes wrong.

6) Manage Your Partners And Vendors

• Flow down confidentiality obligations in supplier and reseller agreements.
• Check how third-party tools handle your data; restrict export features where possible.
• Document who you shared with, when, and under which NDA or contract.

Finally, remember that trade secrets are different to personal data. If your confidential information includes personal data (like customer lists), you’ll also need to comply with UK GDPR and the Data Protection Act 2018 - including being transparent with a publicly available Privacy Policy.

What Contracts Should You Put In Place?

Strong, tailored contracts are the core of trade secret protection. Avoid generic templates - your agreements should reflect your business model, who you share information with and how the information is used.

NDAs (Mutual And One-Way)

Use NDAs before you disclose sensitive information to potential partners, investors or suppliers. A Non-Disclosure Agreement should cover what counts as confidential, permitted use, who can access it, how it’s stored, return/destruction and how long the obligations last.

Employment Agreements

Your Employment Contract should include:

• Clear confidentiality clauses that survive termination;
• IP ownership clauses confirming all IP created in the course of employment belongs to the business; and
• Appropriate post-termination restrictions (e.g. non-compete clauses, non-solicit of clients/staff), drafted proportionately to improve enforceability.

Contractor And Supplier Agreements

For external developers, designers or consultants, make sure confidentiality and IP terms are explicit. If IP is created, use an IP Assignment clause or a standalone deed so rights transfer to you fully on payment. For resellers, distributors and manufacturers, embed strong confidentiality and limited-use provisions.

Internal Policies And Handbooks

Policies don’t replace contracts, but they reinforce them. Having documented confidentiality policies shows you take “reasonable steps” seriously, which helps both in day-to-day management and in court if you need to enforce your rights.

Managing Employees And Contractors Around Confidential Information

Most trade secret issues arise from people, not hackers. That’s why your onboarding, access and offboarding processes matter just as much as your legal wording.

Hiring And Onboarding

• Get contracts signed before access is granted.
• Explain what is confidential, how it must be handled, and the consequences of misuse.
• Use role-based access and set up the minimum necessary permissions.

Everyday Management

• Label and store sensitive documents in restricted areas only.
• Require two-person approval for exports of high-risk data.
• Rotate credentials for shared tools and avoid generic logins.

Working With Contractors

• Provide only the information they need for the project (not your whole playbook).
• Use shared workspaces with granular permissions and disable downloads where possible.
• Confirm deliverables and IP ownership in writing - don’t assume it’s automatic. Where needed, use a short-form IP Assignment on completion.

Exiting Employees Or Suppliers

• Run a structured offboarding: revoke access immediately, recover devices, and require confirmation that confidential materials were returned or deleted.
• Remind leavers of their ongoing confidentiality obligations and any post-termination restrictions.
• Monitor for unusual downloads or data transfers in the weeks prior to notice.

If your business relies heavily on unique know‑how, it’s worth sense‑checking your setup with a lawyer so your contracts, policies and systems work together in practice - not just on paper.

What To Do If Your Trade Secret Is Misused

Speed matters. The longer a misuse continues, the harder it is to put the genie back in the bottle.

1) Act Quickly But Calmly

• Preserve evidence: take screenshots, export access logs, and note dates, times and people involved.
• Secure systems: reset credentials, revoke access for relevant users, and patch any security gaps.

2) Investigate And Assess The Risk

• Identify the scope: what was accessed, copied or disclosed, and by whom?
• Check contracts and policies for applicable remedies and obligations.
• If personal data is involved, consider your UK GDPR obligations, including potential breach notifications.

3) Send Legal Correspondence

• Issue a tailored letter before action demanding an immediate stop (injunctive undertakings), return/destruction of materials, and details of any onward disclosure.
• For third parties who unknowingly received your information, notify them of your rights and request assurances to contain the spread.

4) Consider Court Action

• Apply for urgent interim relief to prevent further misuse (including search orders or imaging orders in serious cases).
• Seek damages or an account of profits and, where appropriate, springboard relief to neutralise any unfair advantage.

It’s stressful, but a clear plan makes all the difference. Having NDAs, robust employment terms and well-implemented policies often puts you in a stronger position to resolve matters quickly and cost‑effectively.

Key Takeaways

• Trade secrets protect commercially valuable information that is kept secret - but you must take reasonable steps to maintain confidentiality to benefit from UK legal protection.
• Use the right mix of tools: keep sensitive know‑how confidential, protect brand assets with trade marks, and lock down copyrightable materials - don’t rely on one mechanism alone.
• Layer your protection: identify your secrets, restrict access, label materials, train your team, strengthen tech controls and adopt clear policies to demonstrate “reasonable steps”.
• Put contracts in place before you share: NDAs for early conversations, strong confidentiality and IP terms in your Employment Contract, well-drafted restrictions, and clean IP Assignment for contractor outputs.
• Make confidentiality part of your culture: consistent policies, practical onboarding/offboarding, and “need-to-know” access reduce most real-world risks.
• If things go wrong, move fast: preserve evidence, secure systems, seek undertakings, and consider urgent injunctive relief to stop misuse and contain the damage.

If you want tailored help protecting your trade secrets - from drafting a concise Non-Disclosure Agreement to rolling out practical policies - we’re here to help. You can reach us at 08081347754 or team@sprintlaw.co.uk for a free, no-obligations chat.