StratumCGI › Studio Policy › NDA and Confidential Projects

NDA and Confidential Projects

Q: Can StratumCGI work under an NDA that also covers personal data?

Where a project involves personal data such as site photos of identifiable people or contractor details, StratumCGI typically operates under a data processor agreement alongside the NDA, aligned with UK GDPR Article 28 requirements. The precise controller and processor roles depend on the client engagement.

Q: If most of your work is under NDA, how do you show a portfolio?

StratumCGI runs three parallel portfolio tracks: an anonymised track where NDA-protected projects appear with identifying detail removed and an SCGI reference code, a capability track of studio-generated work owned by StratumCGI, and a released track of named projects where the client has publicly announced the scheme and signed off on portfolio use. Process-led content describes how the studio works without exposing what it has delivered.

Q: Can StratumCGI give legal advice on NDA terms?

No. StratumCGI can describe its standard practice, typical terms, and operational controls. For advice on enforceability, remedies, or drafting, clients should consult a qualified solicitor.

Confidentiality is the standing position at StratumCGI rather than an exception. The majority of the studio's work in data centre, logistics, and energy infrastructure is commissioned prior to public announcement, during planning negotiation, or within commercially sensitive acquisition processes. Non-disclosure agreements protect client identity, site location, design intent, and the timing of release.

This page sets out how StratumCGI handles NDA-protected engagements, the terms the studio typically agrees, the operational practice that supports those terms, and the director-level accountability that underpins every confidentiality decision. It constitutes a statement of practice, not legal advice. For advice on the drafting or enforcement of a specific non-disclosure agreement, clients should consult a qualified solicitor.

How we handle NDAs

StratumCGI executes client-issued NDAs as standard practice. Where the client prefers, the studio can issue its own standard-form mutual NDA. Typical terms are set out below.

Form. Mutual or unilateral, according to the direction of disclosure. Mutual form is typical for active engagements in which StratumCGI discloses pricing, delivery pipeline, or methodology in response to a confidential instruction.
Governing law. The laws of England and Wales, unless the client specifies an alternative jurisdiction.
Term. Typically 3 to 5 years for design and marketing material. Typically longer, and in certain cases perpetual, for data centre site-strategy imagery, pre-announcement visuals, and critical national infrastructure context.
Return or destruction. Upon written request or upon conclusion of the engagement, StratumCGI returns or destroys all confidential materials and provides written confirmation of destruction.
Permitted disclosures. Standard carve-outs apply in respect of legal and regulatory requirements and in respect of sub-processors engaged on the project on a need-to-know basis under equivalent obligations of confidentiality.

What our NDAs typically cover

Client and end-user identity, including holding-company and investor names.
Site location, grid connection, planning authority, and adjacency to other confidential sites.
Design intent documentation, including massing studies, facade treatment, and operational layout.
Render proofs, pre-announcement visuals, watermarked WIPs, and unreleased master files.
Programme dates, commercial terms, and the scheduled release window for public communication.
Technical specifications shared in support of the visualisation, including plant loads, security layouts, and fibre routes where provided.

Our working practice

In addition to the contractual agreement, StratumCGI conducts confidential engagements under a defined operational practice governing isolation, access, watermarking, and release control.

Project isolation. Each confidential engagement is established within a dedicated working environment, with access restricted to personnel specifically assigned to the engagement.
Need-to-know access. Any engagement of freelance personnel or sub-processors is on a named, per-engagement basis and subject to equivalent obligations of confidentiality. No open studio resource pool is used for confidential material.
Watermarked proofs. Review renders are marked with a client reference and render date so that any circulated image may be traced to its origin.
Client-controlled release. No image, still, or animation is released through the StratumCGI portfolio, social channels, or marketing materials without prior written authorisation from the client specifying the scope, timing, and anonymisation level of such release.
Anonymised record. Where the client prefers permanent confidentiality, the engagement may still be represented in the studio record through the anonymised portfolio under an SCGI reference code in place of the scheme name.

Director-level accountability

The studio director holds single-point accountability for confidentiality at StratumCGI. That accountability extends to NDA review and execution, authorisation of any public use of client work, response to client disclosure requests, and all decisions relating to the scope of anonymisation. This maintains a short and unambiguous chain of responsibility. Release decisions are not delegated to marketing functions.

GDPR alignment

Where an engagement involves personal data, for example site-visit photography depicting identifiable individuals, contractor names appearing on drawings, or occupier information contained in leasing material, StratumCGI typically enters into a data processing agreement alongside the NDA. The processing terms comply with UK GDPR Article 28 and address purpose limitation, security measures, sub-processor notification, personal data breach notification, and return or deletion of personal data upon conclusion of the engagement. The respective roles of controller and processor are determined by reference to the specific engagement and are confirmed in writing prior to commencement.

Sector carve-outs we expect

Infrastructure engagements are rarely fully confidential in every direction. Certain disclosures are anticipated and are treated as permitted under the NDA by prior written agreement.

Local planning authority, statutory consultees, and pre-application officers.
Lender, valuer, and investor committees on a need-to-know basis under their own confidentiality obligations.
Critical national infrastructure liaison, where a data centre, energy, or logistics site sits within the UK CNI framework.
Insurers and professional advisers retained by the client.

How we build a portfolio under NDA

A studio routinely engaged under NDA cannot maintain a conventional portfolio. StratumCGI therefore operates three parallel tracks so that confidentiality and demonstrable capability may coexist.

Anonymised track. The default. Every NDA-protected engagement is represented with client name, scheme name, planning authority, and identifiable architectural detail altered or removed. Each item carries an SCGI-NNN reference, permitting the work to be referred to in correspondence. The anonymised portfolio policy sets out precisely what is altered and what is preserved.
Capability track. Studio-generated work produced by StratumCGI to demonstrate competence in sectors and typologies the studio actively pursues. Such works remain the sole property of StratumCGI, carry no client confidentiality, and are identified as capability work rather than client delivery.
Released track. Engagements in respect of which the client has publicly announced the scheme and provided written authorisation for portfolio use. Such engagements are shown in full, with the client identified, the scheme named, and the delivered outputs credited. Release is effected in accordance with the client's timetable and not that of the studio.

In parallel with these three tracks, StratumCGI publishes process-led content, director commentary, and methodology material describing the manner in which the studio works, without disclosing what has been delivered. Confidentiality attaches to the scheme, not to the craft.

Working with us under NDA

Issue your NDA, or request the StratumCGI standard-form mutual NDA. Execution is completed prior to the disclosure of any confidential design material.
The engagement is established within an isolated working environment with named access.
Proof renders are circulated bearing client-reference watermarks on a review platform agreed with the client.
Final deliverables are released in accordance with the client's chosen schedule. Any use by the studio of the work, whether for portfolio, marketing, or case study, is withheld until prior written authorisation has been received.
Upon conclusion of the engagement, or at any time upon written request, StratumCGI returns or destroys the confidential materials and provides written confirmation.

Issue your NDA, or request ours

Frequently asked questions

Does StratumCGI sign client NDAs?

Yes. StratumCGI routinely signs client-issued mutual or unilateral non-disclosure agreements before any confidential design material is shared. Where a client prefers, StratumCGI can also issue its own standard mutual NDA governed by the laws of England and Wales.

How long does a StratumCGI NDA typically last?

Terms typically run 3 to 5 years for design and marketing material. For data centre site-strategy imagery, pre-announcement visuals, and critical national infrastructure context, terms are typically longer or perpetual, because the underlying information remains commercially sensitive after the project is public.

Who is accountable for confidentiality at StratumCGI?

The studio director holds single-point accountability. That covers NDA signature, media-review sign-off, release timing, and any portfolio or marketing use of client work.

If most of your work is under NDA, how do you show a portfolio?

StratumCGI runs three parallel portfolio tracks. NDA-protected projects appear on the anonymised track with identifying detail removed and an SCGI reference code. Studio-generated capability work, fully owned by StratumCGI, shows sector competence without client confidentiality attached. A smaller released track shows named projects where the client has publicly announced the scheme and signed off on portfolio use. Process-led content and methodology detail describe how the studio works without exposing what it has delivered.

Can a project be kept confidential permanently?

Yes. Where a client prefers permanent confidentiality, the studio holds the work back from public portfolio use indefinitely. The project can still be represented internally and in private proof sets under an SCGI reference code through the anonymised portfolio mechanism.

Can StratumCGI work under an NDA that also covers personal data?

Yes. Where a project involves personal data, StratumCGI typically operates under a data processor agreement alongside the NDA, aligned with UK GDPR Article 28. The precise controller and processor roles depend on the engagement and are confirmed in writing before the project starts.

What happens if a project eventually becomes public?

Release timing is the client's decision. Once a client has publicly announced a scheme and agreed in writing to portfolio use, StratumCGI may show agreed imagery under the scope the client has approved. Until that written sign-off, the work stays confidential.

Can StratumCGI give legal advice on NDA terms?

No. The studio can describe its standard practice, typical terms, and operational controls. For advice on enforceability, remedies, or drafting, clients should consult a qualified solicitor.

What is the typical duration of a StratumCGI NDA for data centre projects?

StratumCGI NDAs for data centre projects typically run 5 years or longer, and in many cases are treated as perpetual for site-strategy imagery and pre-announcement visuals. Logistics and warehouse NDAs typically run 3 to 5 years for design and marketing material, because the sensitivity of that material decreases after public announcement.

How does StratumCGI separate the NDA from the GDPR data processor agreement?

StratumCGI treats the NDA as the confidentiality contract and the data processor agreement as the personal data contract. The NDA covers client identity, design intent, and release timing. The data processor agreement covers UK GDPR Article 28 obligations where personal data enters the project, including purpose limitation, security measures, sub-processor notice, breach notification, and deletion at the end of the engagement. Both agreements typically sit in place in parallel when personal data is involved.

Which disclosures are usually permitted under a StratumCGI infrastructure NDA?

StratumCGI infrastructure NDAs typically permit disclosure to local planning authorities and statutory consultees, to lenders and investor committees under their own confidentiality obligations, to critical national infrastructure liaison channels where the scheme sits within the UK CNI framework, and to insurers and professional advisers retained by the client. Any other disclosure requires prior written consent.

How does StratumCGI prevent unauthorised circulation of confidential renders?

StratumCGI uses project-isolated working folders with access restricted to named assigned artists, watermarked proof renders stamped with a client reference and render date, named per-project obligations for any freelance or sub-processor involvement, and a media-review gate at director level before any public use. Return or destruction of confidential materials is confirmed in writing at the end of the engagement or on request.