Terms of Service

Last updated: Pending finalization

Draft template — not yet legal advice. This document is a starting template provided for completeness. It must be reviewed, customized, and approved by qualified legal counsel before it is relied upon.

1. Agreement to terms

These Terms of Service ("Terms") govern your access to and use of the SecureAware platform and related services (the "Service"). By creating an account, accessing, or using the Service, the organization you represent ("Customer") agrees to these Terms. If you do not agree, do not use the Service.

2. The Service

SecureAware provides a multi-tenant security awareness training platform, including training modules, quizzes, phishing and SMS (smishing) simulations, progress and risk reporting, and related administrative tools. Features available to a Customer depend on the subscription plan in effect.

3. Accounts and roles

Access is role-based (super administrator, organization administrator, employee, and translator). Customer is responsible for maintaining the confidentiality of account credentials, for all activity under its accounts, and for ensuring its administrators configure appropriate access. Administrators must enable two-factor authentication where required.

4. Acceptable use and simulation authorization

Customer agrees not to misuse the Service. In particular, Customer must:

  • Only run phishing or smishing simulations against its own employees or contractors who have been informed in accordance with applicable law and Customer's internal policies, and for whom Customer is authorized to send such messages.
  • Not use the Service to send unsolicited communications to third parties, to impersonate unaffiliated brands or individuals for unlawful purposes, or to conduct any actual phishing, fraud, or social-engineering attack.
  • Not attempt to breach platform security, access another tenant's data, or circumvent plan limits.

Customer is solely responsible for the lawfulness of the simulation content it authors and the recipients it targets.

5. Subscriptions, trials, and billing

Paid plans, seat limits, and feature entitlements are described at the time of purchase. Trials, where offered, are provisioned at SecureAware's discretion and convert or expire as communicated. Fees are billed through our payment processor; except where required by law, fees are non-refundable. SecureAware may change pricing on renewal with notice.

6. Customer data

Customer retains all rights to the data it uploads or generates through the Service ("Customer Data"), including employee records and training results. Our processing of personal data within Customer Data is governed by our Privacy Policy and Data Processing Addendum.

7. Intellectual property

SecureAware and its licensors own all rights in the Service, including the platform software and the standard training and simulation content library. Customer is granted a limited, non-exclusive, non-transferable right to use the Service during the subscription term.

8. Disclaimers and limitation of liability

The Service is provided "as is." SecureAware does not warrant that the Service will prevent every security incident. To the maximum extent permitted by law, SecureAware's aggregate liability arising out of or relating to the Service is limited to the amounts paid by Customer in the twelve months preceding the claim, and neither party is liable for indirect or consequential damages.

9. Term and termination

Either party may terminate as described in the applicable order or for material breach. Upon termination, Customer's access ends and Customer Data is handled as described in the Data Processing Addendum.

10. Governing law and contact

These Terms are governed by the laws specified in the applicable order form or, absent one, the laws applicable to SecureAware's place of establishment. Questions about these Terms can be sent via our contact page.