Terms & Conditions
for HookPhish
This Terms of Service Agreement (“Agreement”) sets out the terms on which HookPhish (“Supplier”) supplies services (“Services,” as defined below) to the Customer. The Supplier has developed certain software applications and platforms that it makes available to subscribers via the internet on a pay-per-use basis for the purpose of Security Awareness Training, Simulated Phishing, Policy Management, Breach Notification, and Compliance Training. “Customer” refers to the business, firm, company, organisation, or other entity that purchases user subscriptions for any of the Services. The Customer and Supplier may be referred to individually as a “party” or jointly as the “parties.”
This Agreement governs all Services provided by the Supplier and supersedes any other terms and conditions previously used by the Supplier in connection with the provision of Services to the Customer.
The Supplier may update or make changes to this Agreement from time to time by giving notice to the Customer, and such changes shall take effect from the date notified by the Supplier.
1. Interpretation
1.1 The definitions and rules of interpretation in this clause apply in this Agreement.
- Authorised Users: Employees, agents, and independent contractors of the Customer authorised to access and use the Services and Documentation for whom the Customer has purchased the relevant User Subscriptions.
- Business Day: A day other than a Saturday, Sunday, or public holiday in England when banks in London are open for business.
- Confidential Information: Information that is proprietary or confidential, clearly labelled or identified as such, or would otherwise be considered confidential by a reasonable business person.
- Control: Ownership of more than 50% of the issued share capital of a company or the power to direct or cause the direction of the general management of the company.
- Customer Data: All data provided by the Customer or uploaded by the Customer or Authorised Users for accessing and using the Services.
- Documentation: The user manuals or documentation related to the Software Platform and the Services provided by the Supplier.
- Effective Date: The date on which the Customer begins using the Services, as set out on the Software Platform.
- Initial Subscription Term: The period set out in the Quotation or on the Software Platform, starting on the Effective Date.
- Intellectual Property Rights: Includes patents, trademarks, copyrights, and all other intellectual property rights, whether registered or unregistered, now or in the future.
- Normal Business Hours: 9:00 am to 5:00 pm on any Business Day.
- Quotation: A document outlining the User Subscriptions, Subscription Fees, and the Initial Subscription Term, provided by the Supplier.
- Renewal Period: A period equivalent in duration to the Initial Subscription Term unless otherwise notified by the Supplier.
- Services: The services provided on a subscription basis, including access to and use of the Software Platform and Documentation.
- Software Platform: The HookPhish Security Awareness Training SaaS platform, including all associated modules.
- Subscription Fees: The fees paid by the Customer to the Supplier for the User Subscriptions.
- Subscription Term: The Initial Subscription Term and any subsequent Renewal Periods.
- Support Services: Support provided by the Supplier as described in Schedule 1.
- User Subscriptions: The subscriptions purchased by the Customer, entitling Authorised Users to access and use the Services.
2. User Subscriptions
2.1 The Quotation sets out the details of the User Subscriptions. Upon acceptance of the Quotation (by written acceptance, purchase order, invoice payment, or usage), the Customer agrees to the terms of this Agreement.
2.2 Subject to payment of Subscription Fees, the Supplier grants the Customer a non-exclusive, non-transferable right during the Subscription Term for Authorised Users to access and use the Services solely for the Customer’s internal business operations.
2.3 The Customer undertakes not to exceed the number of User Subscriptions purchased.
3. Additional User Subscriptions
3.1 The Customer may purchase additional User Subscriptions during the Subscription Term by contacting the Supplier. Fees for these will be set out in a Quotation.
4. Services
4.1 The Supplier shall provide the Services and make available the Documentation during the Subscription Term, subject to the terms of this Agreement.
4.2 The Supplier will use reasonable efforts to ensure Services are available 24 hours a day, except for planned or emergency maintenance. The Supplier will endeavour to notify the Customer in advance of such maintenance.
4.3 Support Services will be provided during Normal Business Hours.
4.4 The Supplier will use reasonable endeavours to respond to service incidents or requests according to the support documentation.
4.5 The Supplier may modify, update, or add to the Services as needed, at its discretion.
5. Customer Data
5.1 The Customer owns all rights to Customer Data and is fully responsible for its legality, accuracy, and quality.
5.2 The Supplier shall back up Customer Data at regular intervals. The Customer may download Customer Data during the Subscription Term. After the Agreement terminates, the Supplier may delete Customer Data without liability to the Customer.
5.3 The Supplier shall comply with the Data Processing Agreement in Schedule 2 when processing Customer Data.
5.4 The Supplier is not liable for any loss or alteration of Customer Data caused by third parties.
6. Customer Obligations
6.1 The Customer shall ensure: (a) Cooperation with the Supplier, providing necessary information and access; (b) Compliance with applicable laws and regulations; (c) Timely completion of all Customer responsibilities under this Agreement; (d) That Authorised Users follow this Agreement; (e) Necessary permissions to use the Services; and (f) Proper internet and network connections.
6.2 The Customer will ensure Authorised Users maintain secure passwords and revoke access for any terminated employees or contractors.
6.3 The Customer shall not: (a) Breach applicable laws; (b) Use the Services for unlawful or harmful purposes; (c) Store or transmit viruses; (d) Use the Services to commit fraud; (e) Reverse-engineer or attempt to decompile the Software Platform; or (f) Compete with or exploit the Services for third parties.
7. Subscription Fees and Payment
7.1 The Supplier will invoice the Customer for Subscription Fees annually in advance. The Customer must pay invoices within 30 days by bank transfer or credit card.
7.2 Subscription Fees are exclusive of VAT.
7.3 Failure to pay within 30 days may result in suspension of Services and the imposition of interest on overdue amounts.
7.4 All payments must be made without deductions, except as required by law.
8. Intellectual Property Rights
8.1 The Supplier and its licensors own all intellectual property rights in the Services. This Agreement does not grant the Customer any ownership rights to these intellectual property rights.
8.2 The Supplier acknowledges that the Customer owns all intellectual property rights in Customer Data. The Customer grants the Supplier a license to use Customer Data solely for providing the Services.
9. Confidentiality
9.1 Each party shall maintain the confidentiality of the other party’s Confidential Information, using it only as necessary for performing its obligations under this Agreement.
9.2 Confidential Information does not include publicly known information or information disclosed by a third party lawfully.
9.3 These confidentiality obligations survive termination of the Agreement.
10. Indemnity
10.1 The Customer agrees to indemnify the Supplier against claims arising from the Supplier’s use of Customer Data or intellectual property or breaches by the Customer of this Agreement.
10.2 The Supplier agrees to indemnify the Customer for third-party claims that the Customer’s use of the Services infringes on intellectual property rights.
11. Limitation of Liability
11.1 The Supplier’s total liability under this Agreement is limited to the Subscription Fees paid in the previous 12 months.
11.2 The Supplier is not liable for indirect, special, or consequential damages, including lost profits or data.
11.3 This limitation does not apply to death, personal injury, fraud, or other liabilities that cannot be excluded by law.
12. Term and Termination
12.1 The Subscription Term begins on the Effective Date.
12.2 The Agreement renews automatically unless terminated by either party with 30 days’ notice.
12.3 Either party may terminate for breach, insolvency, or failure to pay.
12.4 Upon termination, the Customer’s access to the Services will cease, and any unpaid fees will become due.
13. Force Majeure
The Supplier is not liable for delays or failures caused by events beyond its reasonable control, including strikes, natural disasters, or network disruptions.
14. Entire Agreement
This Agreement constitutes the entire agreement between the parties and supersedes all previous agreements related to its subject matter.
15. Governing Law and Jurisdiction
This Agreement is governed by the laws of England. Any disputes will be resolved in the courts of England and Wales.
Schedule 1 – Support Services
Details of the escalation flowchart and support procedures.
Schedule 2 – Data Processing Agreement
Outlines how Customer Personal Data will be processed in compliance with data protection laws.