In standalone nondisclosure agreements (NDAs), one year seems to be a fairly typical time for the parties to exchange confidential information — although shorter or longer periods are not at all uncommon.
If the sale doesn’t go through, the vendor likely won’t want to find itself automatically on the hook for information that the (non-)customer subsequently discloses.
The vendor will want instead to either put a new NDA in place if necessary — or more likely, to do a one-paragraph letter agreement renewing or extending the previous NDA.
On the other hand, if the sale does go through, then the final agreement, for example an enterprise software license agreement, will usually contain a confidentiality section of its own to supersede the NDA.
Disclosures occurring after the disclosure period are normally unprotected, unless • the parties agree to extend the disclosure period, or • the law separately imposes an ongoing confidentiality obligation (for example, in cases of protected health information or nonpublic personal financial information).
Disclosures made during the disclosure period normally remain protected even after the end of the disclosure period (subject to any applicable confidentiality sunset provision).