There are lots of contradictory opinions on signing (or not signing) an NDA. The position on this mostly depends on the point of view: is it an employee's point of view or an employer's one.
In what case (or if at all) should a software startup ask employees to sign an NDA? What should this agreement include and what points are not worth includeding in the agreement?
From an employer's point of view, careless or malicious disclosure can put the entire company at risk and can make owners legally liable. I agree with Jesper that an NDA should not be draconian but asking all new employees to sign an NDA is both reasonable and prudent.
Some things that a software company may want to protect from disclosure:
What to include or not include in the agreement really depends on the nature of the business, jurisdiction, what you need to protect and what is enforceable. This is where lawyers make the big bucks.
A tech company should probably require all employees to sign an NDA (or the employment contract should include a confidentiality clauses).
The NDA must be reasonable, short and easy to understand.
Now, when to ask a potential employee to sign an NDA is a little tricky, until you look at it logically.
Every contact is built on some degree of trust, if a person signs an NDA, gets you confidential information and immediately gives all the information to your competitor the damage is done, you can sue and maybe even win but the process is long and expensive and you will never be able to make the information secret again.
So, from the employee point-of-view the right time to ask someone to sign is when you decide you can trust that person - probably after you make the decision to hire him/her.
(if the information can really damage the company you shouldn't disclose it to potential employees anyway, if there's no damage you don't need an NDA)
From the honest employee point of view every NDA you ever sign is a liability, if you sign an NDA, decide not to work for that company and later get a job at a competing company you have a problem - you can be sued and the process of proving what you did or didn't reveal will be long and expensive no matter who wins the lawsuit.
So, from the employee's perspective the time to sign an NDA is when you are almost sure you are going to work for that company.
And if we look at both of those you can see the best time to sign an NDA is as part of the employment contract.
If you ask potential employees to sign an NDA on the second job interview you will only get people who are desperate or who don't take the NDA seriously to come to that interview - so there is no point in doing it.
And if you can't complete a job interview process without disclosing your secrets you have a bigger problem - what do you do when a customer asks the same questions? ask the customer to sign an NDA before the sale?
This depends a lot on where you are in the world, as national laws differ greatly. In short:
In what case (or if at all) a software startup should ask employees to sign NDA?IMHO as soon as the startup begins a serious conversation with the potential employee, a conversation where the startup will reveal important information about the technology used, future development roadmap, details of the business model or cash flow etc.
For me, that would be the second job interview, after the initial screening. And the NDA would be voided if the potential employee signs a job contract, because the job contract has confidentiality clauses in it.
Presenting an NDA early is not offensive. Presenting a complex NDA full of one-sided, draconian clauses that place lots of unreasonable burdens on the employee is what is offensive. So as a startup founder, you should just work to ensure that the NDA is reasonable, easy to understand, and common for your jurisdiction.
What this agreement should include and what points are not worth to be included in the agreement?Totally depends on the specifics of each case -- where you are (i.e. which protection is already built into national law, for both startup and employee), the business you're in, the information you're sharing etc.
A mere NDA is not even nearly sufficient: You need some form of proprietary information and inventions agreement that addresses ownership of work product as well as confidentiality. Please see Securing IP Requires More than an NDA.
Disclaimer: This post does not constitute legal advice and does not establish an attorney-client relationship.