Our approach to NDA: Touchlane’s experience

Intro

Many founders and executives start a conversation with Touchlane by asking the same thing: “How will you protect my idea?” The fear makes sense. Early concepts, financial insights, and strategic decisions often influence the future of a company, and no one wants that information drifting into the open world.

Touchlane treats this concern as the starting point of every partnership. Trust grows when both sides speak openly, and that level of openness appears only when clients feel secure. Your concept, your data, your vision – all of it enters our company as valuable business property, not as files in a folder. We handle it with clear rules and discipline from the very first exchange.

This article shows how Touchlane approaches NDAs and information security. You will see how our process supports your operations and keeps your idea where it belongs, which is under your control.

1.

Our standard NDA process

We believe it is essential to sign a Non-Disclosure Agreement before any exchange of confidential information. Even an introductory call may touch on sensitive details, so we are prepared to sign an NDA before our first conversation, whether our communication continues afterwards or not.

For us, protecting confidential information is a priority we take seriously. We recognize its importance to any business, which is why we always use mutual NDAs, never one-way agreements, to protect the interests of all involved. It is a commitment that protects both your business and ours. 

Before any decision to work together is made, an NDA is in effect. Once both sides choose to proceed, we sign a software development agreement. This agreement incorporates and replaces the NDA. It provides continuous protection throughout our partnership and beyond, as we keep all information confidential even after cooperation ends. 

To protect your long-term interests, the confidentiality obligations continue for five years after completion of our cooperation.

Here is how our NDA works and what it means for you.

Confidential information

We define ‘confidential information’ in broad terms. It covers everything the parties share, both spoken or written, and includes electronic forms. For you, this means there is no need to think about specific formats or formalities. You can communicate freely, with confidence that everything is protected.  

To give this promise weight, the NDA outlines a fixed financial penalty for disclosure.

Our commitments to your data

When you share sensitive information with us, the NDA binds us to specific actions. We will:

• Use your data to cooperation matters only and for no other purposes
• Hold your information in strict confidence
• Refrain from copying or sharing your data without written permission
• Return or delete your information upon your request or at the agreement’s conclusion.

Transparency

The law sometimes demands disclosure. If this ever happens, our NDA requires us to notify you beforehand to give you an opportunity to challenge the legal order. We must also alert you immediately if we ever discover a security breach involving your data.

Clarity on ownership and consequences

The agreement makes a simple point: sharing information grants no intellectual property rights. We respect your inventions. You can trust that what you share remains yours. We claim no rights to it, except for limited use strictly within and for the purposes of our collaboration.

2.

How we protect information day-to-day

1. The principle of minimum access

We structure projects with solid information boundaries. All specialists access only the data relevant to their specific role. For example, a backend engineer works with server-side code, not design mockups. At the same time, a designer focuses on user experience, not proprietary business logic.

No one is browsing through other people’s repositories or documents ‘just in case’.

2. The Chinese wall protocol

Occasionally, two or more companies from the same sector, like fintech, approach us with similar projects. All of these clients demand assurance that there is no conflict of interests, that their confidential and other sensitive information is well protected and in no way shared by any chance with the competitor.

In this case, we employ the Chinese wall strategy to eliminate any possibility of information leaks between the projects. 

How does this work? 

• One group of developers and designers stays on Project A, while a different team tackles Project B
• Each project receives its own communication space, such as separate Slack channels, task boards, and calls
• Team members follow explicit rules: no discussions about client strategies or decisions outside their project room.

As a result, the working teams move forward without any cross-pollination, and each client keeps its market position intact.

3. Client data resides with the client

Unless specifically requested or agreed upon with the customer,  your code and data remain in your custody, always. We operate within your established development environment and work directly from your GitHub or GitLab repositories. This gives you direct control over access rights and a transparent log of all contributions.

When our team completes your project, the developers transfer all deliverables and exit your systems. Touchlane does not keep copies of source code or sensitive data – we leave all materials inside your environment.

With this approach, we minimize security exposure and conform to stringent data governance guidelines.

3.

Additional layers of security

Professional indemnity insurance

Touchlane secures all engagements with professional indemnity insurance. Its coverage provides clients with financial protection when working with us. The policy is held with an international insurer that upholds the highest regulatory standards of both European and American markets.

We are happy to say that we never filed a claim under this policy. Touchlane maintains this coverage because we treat confidentiality and security with great seriousness, and we want our clients to feel this same commitment in every project.

Information security as a continuous practice

Our contracts outline information security, and we care deeply about bringing those commitments to life. Touchlane has built a system of organizational rules and technical controls that actively meet modern cybersecurity demands and fulfill standards like GDPR.

Critically, this system works with full strength wherever our team is based, our protocols remain consistent; location never weakens our security posture.

That flexibility extends to how we work with you, as we are ready to fulfil the strictest of customer requirements. When a client in fintech or digital banking requires a dedicated secure gateway or a company-managed VPN, we move into that environment from day one.

But our discipline does not stand still. We integrate new methods and reinforce our culture continuously. Each year, every team member completes mandatory security training and formally confirms our policy. This builds consistent accountability.

To sum it up, at Touchlane, we treat information protection as ongoing work. Our operations team believes that when modern business environments change, our practices must advance with them. Updates happen regularly, and each one mirrors two things, namely the latest industry standards and the needs of the companies that choose to work with us.

Conclusion

Every NDA we sign works hand-in-hand with the way we operate: controlled access to project data and a mindset that treats client information as a core business asset.

We treat your confidential data as a direct reflection of our reputation. Your trust fuels long-term partnerships, so we guard it as carefully as we guard our own internal knowledge. Once you start a project with Touchlane, you can shift your attention to growth. At the same time, you can be sure that your private data remains safe without further prompts.

So, if your next product requires a partner who shares your commitment to data safety, get in touch with us. Share your concerns with our team, and we will help you create a secure path forward.