Terms & Conditions

Introduction

This Terms of Service Agreement (“Agreement”) governs the provision of services (“Services”) by HookPhish (“Supplier”) to the Customer, which may be any business, firm, company, organization, or other entity that subscribes to the Services. HookPhish provides cloud-based applications via subscription for the purposes of Security Awareness Training, Simulated Phishing, Policy Management, Breach Notification, and Compliance Training.

By subscribing to or using the Services, the Customer agrees to be bound by this Agreement. This Agreement supersedes all prior terms, agreements, or understandings relating to the Services. HookPhish may update these terms with notice; updates become effective as specified in the notice.

1. Definitions

• Authorised Users: Individuals authorized by the Customer to access and use the Services.
• Business Day: A weekday other than a public holiday in England.
• Confidential Information: All information clearly marked or understood to be confidential.
• Control: Ownership of over 50% of voting shares or management control.
• Customer Data: All data uploaded or submitted by the Customer or its users.
• Documentation: Manuals or materials provided with the Services.
• Effective Date: The date the Customer begins using the Services.
• Initial Subscription Term: As stated in the Quotation or Software Platform.
• Intellectual Property Rights: All legal rights protecting inventions, designs, and brand elements.
• Quotation: A document detailing fees, subscription terms, and scope.
• Renewal Period: Any extension of the Initial Subscription Term.
• Services: The SaaS-based offerings provided by HookPhish.
• Software Platform: The HookPhish platform and its modules.
• Subscription Fees: The fees payable by the Customer for the Services.
• Subscription Term: Includes the Initial Term and any Renewal Period.
• Support Services: Support provided during business hours.
• User Subscriptions: Licenses purchased by the Customer for user access.

2. User Subscriptions

2.1 By accepting a Quotation or using the Services, the Customer agrees to this Agreement.

2.2 Subject to payment, HookPhish grants the Customer a limited, non-transferable right to use the Services for internal business purposes.

2.3 The Customer shall not exceed the number of licensed User Subscriptions.

3. Additional User Subscriptions

3.1 The Customer may request additional User Subscriptions at any time. Fees will be set out in an updated Quotation.

4. Services

4.1 The Supplier shall provide access to the Services and Documentation throughout the Subscription Term.

4.2 Services will be available 24/7 except during planned or emergency maintenance, with advance notice when feasible.

4.3 Support Services are provided during Normal Business Hours.

4.4 The Supplier will respond to support incidents as outlined in Schedule 1.

4.5 Services may be modified or enhanced at the Supplier’s discretion.

5. Customer Data

5.1 The Customer retains all rights to Customer Data and is responsible for its accuracy and legality.

5.2 The Supplier will back up Customer Data regularly. Upon termination, Customer Data may be deleted without liability.

5.3 Data handling will comply with the Data Processing Agreement (Schedule 2).

5.4 The Supplier is not liable for data loss caused by third parties.

6. Customer Responsibilities

6.1 The Customer shall:

• Cooperate with the Supplier and provide necessary access.
• Comply with laws and regulations.
• Ensure users adhere to the Agreement.
• Secure and manage user credentials.
• Maintain necessary systems and connections.

6.2 The Customer shall not:

• Violate any laws.
• Use Services for unlawful or harmful purposes.
• Transmit malicious code or infringe rights.
• Reverse engineer or compete with the Services.

7. Fees & Payment

7.1 Subscription Fees are invoiced annually in advance and payable within 30 days.

7.2 All fees are exclusive of VAT.

7.3 Non-payment may lead to service suspension and late interest charges.

7.4 Payments shall be made in full without deductions, unless legally required.

8. Intellectual Property

8.1 All intellectual property in the Services remains with the Supplier or its licensors.

8.2 The Customer retains rights to its data and grants HookPhish a license to process it solely for service delivery.

9. Confidentiality

9.1 Both parties shall protect each other’s Confidential Information.

9.2 These obligations do not apply to public or independently obtained information.

9.3 Confidentiality obligations survive termination.

10. Indemnities

10.1 The Customer shall indemnify HookPhish against claims related to Customer Data or misuse.

10.2 HookPhish shall indemnify the Customer against third-party IP claims relating to the Services.

11. Limitation of Liability

11.1 HookPhish’s liability is capped at the total fees paid in the previous 12 months.

11.2 No liability exists for indirect or consequential damages.

11.3 Nothing excludes liability for death, personal injury, or fraud.

12. Term & Termination

12.1 This Agreement commences on the Effective Date.

12.2 It renews automatically unless cancelled with 30 days’ notice.

12.3 Either party may terminate for breach, insolvency, or payment failure.

12.4 Upon termination, access ends and unpaid amounts become due.

13. Force Majeure

The Supplier is not liable for delays or failures caused by unforeseen events beyond its control (e.g., natural disasters, outages, strikes).

14. Entire Agreement

This document constitutes the entire agreement and overrides any prior communications or agreements.

15. Governing Law

This Agreement is governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of its courts.

Schedule 1 – Support Services

A description of escalation procedures and response times will be made available upon request.

Schedule 2 – Data Processing Agreement

Details how personal data is processed in compliance with applicable data protection laws (e.g., GDPR).