How To Protect Your Information When Selling Your Website

In order to sell a high-value website, there will come a point where a buyer will ask you to share information that you may not be comfortable sharing. But while you may be uncomfortable sharing sensitive information, in many cases there is no alternative if you want to get a deal done. So how can you protect your information from dishonest buyers? What recourse do you have if a buyer steals your information and sets up a competing business?

This post will focus on five key layers and methods you should implement in order to protect your most sensitive information.

Protection Comes In Layers

Before I get into the individual details and methods you can use to protect your information, I want to address a key concept of protection.

The best way to protect your information is to do so in layers. Of all the recommendations I’ll work through in this article, there isn’t a single recommendation that guarantees a dishonest person won’t try to steal your private information. Dishonest people don’t care about rules or contracts – that’s the essence of what makes them dishonest.

So outside of outright refusing to share sensitive information, there will always be an element of risk when you share company data. But you can greatly reduce this risk by building layers of protection, deterrents, and options for recourse, if needed.

As you build layers of protection and deterrents, you’ll naturally repel most dishonest buyers. Dishonest buyers look for ‘low hanging fruit’ and careless business owners. If a dishonest buyer knows and sees that you have plenty of options for recourse, they’ll be more likely to avoid your business altogether.

With that in mind, here are 5 solid methods and deterrents you can implement to give you the best chance of working with an honest buyer.

Nondisclosure Agreements: Your First Line Of Defense

NDA’s (or confidentiality agreements) have become commonplace in the world of buying and selling websites.  Unfortunately, they have become so commonplace that many buyers don’t bother to read what is in the agreement.

If that’s the case, however, how can we expect buyers to follow the agreement?

While an NDA is certain an agreement which should be mutually agreed upon by both you and the buyer, it’s more practical application is in its ability to give you automatic recourse if a buyer abuses your confidential information.

A good NDA will contain a few crucial elements:

1. How is the information shared? Most buyers will have advisors help them in their evaluation. The NDA should allow reasonable sharing of information with advisors and other key decision makers, but it should also specify who qualifies.
2. Competing Interests? The NDA should require that the buyer disclose any competing interests (or plans to compete in your niche) before they receive confidential information.
3. Document destruction clauses. Most buyers will not buy your business – so what happens to your information after a buyer says ‘no’? Your NDA should require destruction of hard copies and soft copies alike.

Of course, having these elements in place won’t protect you from a truly dishonest buyer who is simply mining for information. But what it will do is lay the groundwork and understanding for the vast majority of buyers who are honest. And for those buyers who are simply seeking information, it provides ample setup for enforcement if you catch someone stealing your information.

Require Exclusive Access For Due Diligence

While the NDA is the first agreement you can use to protect your information, it shouldn’t be the only confidentiality agreement signed by the person who buys your website.

As buyers progress through the process of evaluating your website, you’ll likely find that a handful of buyers emerge as serious contenders. Once you narrow in on a single buyer and negotiate a deal in principle, there is a huge benefit in giving that buyer exclusive access in combination with a further confidentiality agreement to the most sensitive information about your business.

By layering an additional confidentiality agreement on top of the already signed NDA, you signify the increasing seriousness and sensitivity of the information being shared. Your buyer will be more likely to actually pay attention to the specific confidentiality agreements, and you’ll be able to limit the number of people who actually have access to confidential information.

Use Conditional Purchase Agreements

Not all information shared during the selling process is static: some of the information deals with relationships. For example, it isn’t uncommon for a buyer to request access to current customers so they can verify that your clients aren’t ready to leave for a competitor. Similarly, buyers frequently will require that they verify your vendor’s terms and ensure that they can receive similar terms.

But in these situations, you may not want the buyer to reach out to customers or vendors before you are certain the deal is going to be completed. In these cases it can be useful to have a conditional purchase agreement.

A conditional purchase agreement is a legally binding agreement that requires the buyer to complete the transaction if certain goals are met. For example, a conditional purchase agreement could require that the deal be completed once they confirm that your vendors will give them the exact same rates.

You should be careful with conditional purchase agreements, however, as you want to make sure you only use them with measurable, verifiable goals. You don’t want the condition of the agreement to be based on a subjective opinion.

Save The Most Sensitive Data Until The End

A very simple and effective way to protect your highly sensitive information is to save it until every other aspect of your business has been inspected.

For example, if you run a SaaS business, your buyer will likely want to inspect the code to make sure it is written well and easy to maintain. Of course, you don’t want to just hand over the code to your project without some certainty that the deal will close.

In a situation like this, it is very reasonable to agree to offer a code inspection once the other inspections have been completed and verified. If the deal is destined to fail, it is better for it to fail early and on the account of less sensitive information.

Randomize & Limit Access To Key Resources

Using our example from the last section, let’s assume that a buyer completed all inspections and is only left with a code inspection. Sharing your entire codebase with a buyer would still be a risky proposition and probably shouldn’t be done. Using a conditional purchase agreement wouldn’t work either since deciding if the codebase is clean and easy to maintain is somewhat of a subjective opinion.

In situations like this, the common remedy is to randomize and limit access. For example, you can may agree to offer portions of code from a handful of randomly picked files. This can be verified in a screen shared conference call.

The same would hold true for a buyer who wants to speak with your customers to verify their satisfaction with your service. Rather than hand over your entire customer list, you can agree to give access to a small handful of randomly selected customers.

In Conclusion…

Selling a highly valuable asset like a high-value website will always contain some levels of risk. You can mitigate this risk by smartly blending deterrents, agreements, options for recourse, and a smart approach to satisfying a buyer’s needs. There are very few information requests that cannot be sufficiently protected if you approach the problem smartly.

Getting a deal completed requires openness with your information so that your buyer can be assured they are making a wise investment. But this openness doesn’t have to be reckless. Use the tools at your disposal to protect your information, and develop a smart approach and you’ll greatly reduce the risk of having your business compromised.