NDA or Not? EPD Projects Explained
Handing over plant-floor data can feel like playing poker with your cards face-up. Will an NDA keep competitors from peeking, or does it just slow the shuffle? This quick guide sorts real risk from paperwork theater so you can protect secrets without tripping your own timeline.
The Sensitive Bits Inside an EPD
Energy intensity, material recipes, scrap rates—these nuggets are commercially sensitive and often proprietary. ISO 14025 calls them “confidential business information” that may stay unpublished as long as verifiers can check accuracy (ISO 14025, 2024). The upshot: auditors see everything, the market sees summaries.
When an NDA Actually Adds Value
Extra contracts make sense if your LCA partner is a brand-new vendor or if you plan to share R&D-stage formulations not yet covered by internal policies. Smart EPD’s 2025 verifier guidance notes that third-party reviewers must keep such data private, yet it leaves the manufacturer responsible for legal safeguards beyond the standard verification agreement (Smart EPD, 2025).
Existing Supplier Agreements Could Do the Job
Many manufacturers already require suppliers to sign confidentiality clauses. Those clauses often flow through to any consultant working on an EPD, meaning a fresh NDA may duplicate work. Check the boilerplate before you add another signature page.
What Program Operators Demand—And What They Don’t
IBU’s verifier handbook echoes ISO language: provide unredacted evidence during review, redact figures in the published PDF (IBU, 2024). No operator we reviewed insists on a standalone NDA. They focus on traceability, not legal formalities.
Quick Checklist Before You Sign Anything
- Map who will access raw data (internal team, consultant, verifier).
- Confirm each party is already bound by confidentiality in an existing contract.
- Identify truly novel information, like pilot-line chemistry.
- Weigh the delay of legal review against the value of extra cover.
Pick Partners Who Treat Data Like Crown Jewels
A mature LCA shop keeps data on encrypted drives, uses role-based permissions, and deletes interim files after publication. We have seen consultants still swapping spreadsheets over open email, wich is risky and slow.
Lock the Doors You Actually Use
NDAs are useful when gaps exist, pointless when walls are already in place. Audit your current legal and IT safeguards first, then add paperwork only where it plugs a clear hole. The guidelines is clear: spend effort on accuracy and speed, not on redundant signatures.
Frequently Asked Questions
Does ISO 14025 force me to publish proprietary formulas in the EPD?
No. You must show verifiers the data, but you may aggregate or redact details in the public declaration (ISO 14025, 2024).
Will a program operator sign an NDA with my company?
Generally not. Operators rely on verifier confidentiality rules rather than bilateral NDAs; your NDA would be with the LCA consultant.
Can suppliers refuse to share data even under an NDA?
They can, though market pressure often persuades them. If refusal persists, use conservative assumptions and document limits, but expect higher impact scores.
How long should an EPD-project NDA last?
Five years is common, enough to cover the typical EPD validity period. Longer terms rarely change risk exposure but can scare collaborators.
About the Author
With a passion for sustainability and a love for complex data, Toby helps manufacturers efficiently collect data from across their organization and get their EPDs done right. He’s especially interested in how AI can support human expertise, helping R&D and factory teams work faster, smarter, and with less friction.
