Terms of Service 

Last Update: April 28, 2021

1. ACCEPTANCE OF TERMS

This Terms of Service (TOS), sets forth an agreement (the "Agreement") between you (“You” “Your” “Subscriber”) and PhishingBox, LLC, a Kentucky Limited Liability Company (“PhishingBox”, “We” “Us”), for access to PhishingBox's Phishing Simulator, Training Portal, KillPhish, and InBox software, and Professional Services (collectively, the "Service").  Your acceptance of the terms of this Agreement is required prior to, and is a condition of, use of the Service.  Your acceptance is given by accessing or using the Service, receipt of payment or purchase order from You, You acknowledge that You have read, understood, and agree to be bound by this TOS.  

2.  DEFINITIONS. 
 
“Add-Ons” means additional product enhancements (including limit increases and other add-ons) that are made available for purchase.
 
"Affiliate" means any entity which directly or indirectly controls, is controlled by, or is under common control with a party to this Agreement. For purposes of this definition, control means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
 
"Agreement" or “Terms of Service” means these Terms and all materials referred or linked to in here. 
 
“Confidential Information” means all confidential information disclosed by a party ("Disclosing Party") to the other party ("Receiving Party"), whether orally or in writing, that is designated as confidential. Confidential Information includes all information concerning: the Disclosing Party's customers and potential customers, past, present or proposed products, marketing plans, engineering and other designs, technical data, business plans, business opportunities, finances, research, development, and the terms and conditions of this Agreement. Confidential Information doesn't include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party. Subject to the foregoing exclusions, Customer Data will be considered Confidential Information under this Agreement regardless of whether or not it is designated as confidential.
 
"Consulting Services" means the professional services, including Managed Services, provided to you by us, which may include training services, installation, integration or other consulting services.
 
"Customer Data" means all information that you submit or collect via the Service. Customer Data does not include PhishingBox Content.
 
"Customer Materials" means all materials that you provide or post, upload, input or submit for public display through the Service.
 
“DPA” means the Data Processing Agreement or Data Processing Addendum.
 
"Fee" means the amount you pay for the Service.
 
“Free Services” means the Service or other products or features made available by us to you on an unpaid trial or free basis.
"PhishingBox Content" means all information, data, text, messages, software, sound, music, video, photographs, graphics, images, and tags that we incorporate into the Service or Consulting Services.
 
“Managed Services” means any ongoing management of phishing campaigns and/or training campaigns are being run or managed by PhishingBox on Your behalf.  
 
“Professional Services” means, collectively, the consulting and other professional services which You have ordered. Professional Services include any deliverables described in Your proposal and delivered by PhishingBox to You under the order. The term “Professional Services” does not include Your primary PhishingBox license. 
 
“Proposal” means the executed document that outlines the Services and Professional Services You have ordered. The term Proposal covers synonymous terms, such as Quote, Order, and Estimate. 
 
"Order" or "Order Form" means the PhishingBox-approved form or online subscription process by which you agree to subscribe to the Service. 
 
“Personal Data” means any information relating to an identified or identifiable individual where such information is contained within Customer Data and is protected similarly as personal data or personally identifiable information under applicable Data Protection Laws (as defined in the DPA).
 
"PhishingBox", "we", "us" or “our” means PhishingBox, LLC.
 
"Sensitive Information" means credit or debit card numbers; financial account numbers or wire instructions; government issued identification numbers (such as Social Security numbers, passport numbers), biometric information, personal health information (or other information protected under any applicable health data protection laws), personal information of children protected under any child data protection laws, and any other information or combinations of information that falls within the definition of “special categories of data” under GDPR or any other applicable law relating to privacy and data protection.
 
"Service" means all of our web-based applications, tools and platforms that you have subscribed to under an Order Form or that we otherwise make available to you, and are developed, operated, and maintained by us, accessible via https://www.phishingbox.com, portal.phishingbox.com, school.phishingbox.com or another designated URL, and any ancillary products and services that we provide to you.
 
“Service Period” refers to the period of time, or term, for which You have procured PhishingBox Service, as specified in Your proposal.
 
“Solutions Provider” refers to any account that either performs services for clients using our service or resellers our services to others.  
 
"Subscription Term" means the initial term of your subscription to the Service, as specified on your Order Form(s), and each subsequent renewal term (if any). For Free Services, the Subscription Term will be the period during which you have an account to access the Free Services.
 
“Target” is an entity, such as an employee's email address, that is tested via the Service. A “Target” also means a single individual (other than a User) whose Target Information is stored by you in the Subscription Service.
 
"Target Information" means the name, email address, phone number, online user name(s), telephone number, and similar information uploaded by you to the Service.
 
"Third-Party Products" means non-embedded products and professional services that are provided by third parties which interoperate with or are used in connection with the Service. These products and services include non-PhishingBox applications available from, for example, our marketplaces, directories, and links made available through the Service.
 
"Third-Party Sites" means third-party websites linked to or from within the Service.
 
"Users" means your employees, representatives, consultants, contractors or agents who are authorized to use the Service for your benefit and have unique user identifications and passwords for the Service.
 
"You", "your" or “Customer” means the person or entity using the Service or receiving the Consulting Services and identified in the applicable account record, billing statement, online subscription process, or Order Form as the customer.
 
3.  USE OF SERVICES
 
3.1  Access.  During the Subscription Term, we will provide your Users access to use the Service as described in this Agreement and the applicable Order.  You may provide access and use of the Service to your Affiliate's Users; provided that, all such access, use  by your Affiliate's Users is subject to and in compliance with the Agreement and you will at all times remain liable for your Affiliates' compliance with the Agreement.
 
3.2  Additional Features. You may subscribe to additional features of the Service by placing an additional Order or activating the additional features from within your account (if this option is made available by us.). This Agreement will apply to all additional Order(s) and all additional features that you activate from within your account.
 
3.3 Modifications. We modify the Service from time to time, including by adding or deleting features and functions, in an effort to improve the user experience.
 
3.4 Alpha/Beta Services.  If we make alpha or beta access to some or all of the Service (the “Alpha/Beta Services”) available to you (i) the Alpha/Beta Services are provided “as is” and without warranty of any kind, (ii) we may suspend, limit, or terminate the Alpha/Beta Services for any reason at any time without notice, and (iii) we will not be liable to you for damages of any kind related to your use of the Alpha/Beta Services. 
 
3.5  Service Uptime Commitment.  For the purposes of this 'Service Uptime Commitment' section, the following definitions shall apply:
 
"Priority 1" means a critical full outage/severe issue that constitutes a catastrophic problem that causes complete inability to use the Service, excluding Free Services, across a significant portion of the production environment (e.g. crash or hang), resulting in production downtime and where there is no workaround or solution to the problem.
 
"Excluded" means the following: (i) unavailability caused by circumstances beyond our reasonable control, including, without limitation, act of God, acts of government, emergencies, natural disasters, flood, fire, civil unrest, acts of terror, strikes or other labor problems (other than those involving our employees), or any other force majeure event or factors; (ii) any problems resulting from Customer's combining or merging the Service with any hardware or software not supplied by us or not identified by us in writing as compatible with the Service; (iii) interruptions or delays in providing the service resulting from telecommunications or internet service provider failures outside of our datacenter as measured by our third party website availability monitoring provider; and (iv) any interruption or unavailability resulting from the misuse, improper use, alteration, or damage of the Service.
 
"Service Uptime" means (total hours in calendar month - unscheduled maintenance which causes unavailability - Priority 1 issue durations - scheduled maintenance - Excluded) / (Total hours in calendar month - scheduled maintenance - Excluded) X 100%.
 
3.6.1  We will use commercially reasonable efforts to meet a Service Uptime of 99.95% for our Service in a given calendar month. All availability calculations will be based on our system records. Notwithstanding anything to the contrary in this Agreement, as Customer's sole and exclusive remedy for failure to meet availability or support commitments, in the event there are two (2) or more consecutive calendar months during which the Service Uptime falls below 99.95% in a given calendar month, Customer will be entitled to receive a credit equal to the pro-rated amount of fees applicable to the downtime as measured within two (2) or more consecutive calendar months during which the Service Uptime fell below 99.95%, which credit shall be applied against an invoice or charge for the following renewal Subscription Term, provided Customer requests such credit within twenty (20) days of the end of the relevant calendar month. Notwithstanding anything to the contrary in the Agreement or this section, this 'Service Uptime Commitment' section does not apply to our Free Services.

3.6  Limits/Acceptable Use. 

You agree not to misuse the PhishingBox services (“Services”) or to help anyone else do so. Limits or restrictions on use of the system are outlined below.  These limits are organized into several categories based on the product or service used.
 
General – the following limits apply to all products services.
 
  • You will report any compromised account to PhishingBox; 
  • You will not share authentication credentials with others;
  • You will not manipulate the system to bypass account restrictions, such as the number of emails, users, or courses listed in your Order Form;
  • You will not send unsolicited communications, promotions or advertisement, or spam
  • You will not sell the service unless specifically authorized to do so; 
  • You will not violate the law in any way, including storing, publishing or sharing material that is fraudulent, defamatory, infringing, or misleading; or 
  • You will not violate the privacy or infringe the rights of others.
 
Product or feature specific limits.  These limits related to specific features or products within the Services. 
 
Phishing Simulator
  • You will not test any entity for you which you do not have authority to test;
  • You will not include any sensitive or non-public information within emails or landing pages;
  • You agree that we may stop any phishing campaigns or tests should there be complaints of use from other organizations. 
Security Inbox
  • No specific terms
KillPhish
  • No specific terms
Learning Management System (LMS) / PhishingBox School
  • No specific terms
Application Programming Interface (API):  
  • You will not disclose or provide the APIs or Access Credentials to any person or entity other than to your employees or independent contractors, provided (1) such employees or independent contractors enter into an agreement with you at least as protective of as this Agreement, and (2) you hereby agree to be responsible for, and liable to PhishingBox for, any breaches of such agreements by such employees or independent contractors;
  • You will not use the API for any illegal purposes, or in any manner which would violate these Terms, or breach any laws or regulations regarding privacy or data protection, or violate the rights of third parties or expose PhishingBox or its users to legal liability;
  • You will not obtain, display or use more content than is minimally required;
  • You will not use any API in any manner that, as determined by PhishingBox in its reasonable discretion, constitutes abusive usage;
  • You will not interfere with, or disrupt, the Services or servers or networks connected to the Services, or disobey any requirements, procedures, policies or regulations of networks connected to the Services, or transmit any viruses, worms, defects, Trojan horses, or any items of a destructive nature through Your use of the API;
  • You will not engage in any activity that interferes with, disrupts, harms, damages, or accesses in an unauthorized manner the servers, security, networks, data, applications or other properties or services of PhishingBox or any third party;
  • You will not circumvent technological measures intended to prevent direct database access, or manufacture tools or products to that effect;
  • You will not bypass API restrictions for any reason, including automating administrative functions of the system.
 
3.7  Prohibited and Unauthorized Use.

You will not use the Service in any way that violates for any purpose or in any manner that is unlawful or prohibited by this Agreement.
 
You will NOT use the Service if you are legally prohibited from receiving or using the Service under the laws of the country in which you are resident or from which you access or use the Service.
 
This Service is not intended for children, such as people under 18 years of age.   If You are not of legal age to use the system within Your jurisdiction, do not use the system or include information of any such persons within Your account.
 
3.8  Customer Support.  If you pay us a Fee for our Services, support is included at no additional cost. 
 
3.8.1  Phone Support. 
Phone support for is available daily from 9:00AM to 5:00PM ET (Eastern Time) Monday through Friday, excluding U.S. Federal Holidays.  
 
3.8.2  Email and In-app Support. 
Email and in-app responses are provided during phone support hours only. We attempt to respond to email and in-app support questions within one business day; in practice, our responses are generally even faster. We do not promise or guarantee any specific response time.  We may limit or deny your access to support if we determine, in our reasonable discretion, that you are acting, or have acted, in a way that results or has resulted in misuse of support or abuse of PhishingBox representatives.   
 
3.8.3 Support Limitations.
Issues resulting from your use of API's or your modifications to code in the Service may be outside the scope of support.  Should we determine support is outside of a standard support, we will notify you on your options, with may include paid support options by PhishingBox. 
 
3.9  Free Trial. If you register for a free trial, we will make the applicable Service available to you on a trial basis free of charge until the earlier of (a) the end of the free trial period (if not terminated earlier) or (b) the start date of your paid subscription. Unless you purchase a subscription to the applicable Service before the end of the free trial, all of your data in the Service may be permanently deleted at the end of the trial, and we will not recover it. If we include additional terms and conditions on the trial registration web page, those will apply as well.
 
3.10  Legacy Products. If you have a legacy product, some of the features and limits that apply to that product may be different than those that appear in these Terms and/or the Product and Services Catalog. If you have legacy products, we may choose to move you to our then-current products at any time. If you determine that you are using a legacy product and would like to upgrade to a current-version, you must execute a new Order.

4.  FEES
 
4.1  Subscription Fees. The Subscription Fee will remain fixed during the initial term of your subscription unless (i) you exceed your Targets allocation, (ii) You upgrade products or base packages, (iii) You subscribe to additional features or products, including additional Targets, or (iv) otherwise agreed to in your Order.  
 
4.2.  Billing Disputes.  You must notify PhishingBox of any disputed charges within thirty (30) days of the charge. PhishingBox will attempt to resolve all disputes within thirty (30) days of being notified of a dispute. To the extent PhishingBox determines, at its sole discretion, that a billing adjustment is warranted, Your account will be credited accordingly. If You fail to notify PhishingBox of a billing dispute as noted above, You waives all rights to bring any claim regarding the disputed charges.
 
4.3  Downgrades.  You may downgrade your account at the next applicable renewal period. 
 
4.4  Fee Adjustments at Renewal. Upon renewal, we may increase your fees up to our then-current list price set for the Service. If you do not agree to this increase, either party can choose to terminate your subscription at the end of your then-current term by giving the notice required in the ‘Notice of Non-Renewal’ section below.
 
4.5  Payment by credit card. If you are paying by credit card, you authorize us to charge your credit card or bank account for all fees payable during the Subscription Term. You further authorize us to use a third party to process payments, and consent to the disclosure of your payment information to such third party.
 
4.6  Payment against invoice.  All amounts invoiced are due and payable within thirty (30) days from the date of the invoice, unless otherwise specified in the Order Form.
 
4.7  Payment Information. You will keep your contact information, billing information and credit card information (where applicable) up to date.  All payment obligations are non-cancelable and all amounts paid are non-refundable, except as specifically provided for in this Agreement. All fees are due and payable in advance throughout the Subscription Term.  If you are a Solutions Partner that purchases on behalf of a client, you agree to be responsible for the Order Form and to guarantee payment of all fees.
 
4.8  Sales Tax. All fees are exclusive of taxes, which we will charge as applicable. You agree to pay any taxes applicable to your use of the Service and performance of Consulting Services. You shall have no liability for any taxes based upon our gross revenues or net income. If you are located in the European Union, all fees are exclusive of any VAT and you represent that you are registered for VAT purposes in your member state. At our request, you will provide us with the VAT registration number under which you are registered in your member state.  If you do not provide us with a VAT registration number prior to your transaction being processed, we will not issue refunds or credits for any VAT that was charged. If you are subject to GST, all fees are exclusive of GST.
 
4.9  Withholding Tax.  If you are required to deduct or withhold tax from payment of your invoice, you may deduct this amount from the applicable Subscription Fee due to the extent it is due and payable as assessed withholding tax required under laws that apply to you (the “Deduction Amount”).  
 
You will not be required to repay the Deduction Amount to us, provided that you present us with a valid tax receipt verifying payment of the Deduction Amount to the relevant tax authority within ninety (90) days from the date of the invoice. If you do not provide this tax receipt within the specified time period, then all fees, inclusive of the Deduction Amount, will be immediately due and payable, and failure to pay these fees may result in your account being suspended or terminated for non-payment.

5.  TERM AND TERMINATION
 
5.1  Term and Renewal. Your initial subscription period will be specified in your Order, and, unless otherwise specified in your Order, your subscription will automatically renew for the same period as the last term. 
 
5.2  Notice of Non-Renewal.  Unless otherwise specified in your Order, to prevent renewal of your subscription, you or we must give written notice of non-renewal. The deadline for sending this notice 90 days prior to the renewal date.   
 
5.3  Early Cancellation.  You may choose to cancel your subscription early at your convenience provided that, we will not provide any refunds of prepaid fees or unused Subscription Fees, and you will promptly pay all unpaid fees due through the end of the Subscription Term. See the 'Notice of Non-Renewal' section for information on how to cancel your subscription.
 
5.4  Termination for Cause. Either party may terminate this Agreement for cause, as to any or all Services: (i) upon thirty (30) days’ notice to the other party of a material breach if such breach remains uncured at the expiration of such period, or (ii) immediately, if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, cessation of business, liquidation or assignment for the benefit of creditors. 
 
We may also terminate this Agreement for cause on thirty (30) days’ notice if we determine that you are acting, or have acted, in a way that has or may negatively reflect on or affect us, our prospects, or our customers. 
 
This Agreement may not otherwise be terminated prior to the end of the Subscription Term.

5.5  Suspension
 
5.5.1  Suspension for Prohibited Acts
We may suspend any User’s access to any or all Services without notice for use of the Service in a way that violates applicable local, state, federal, or foreign laws or regulations or the terms of this Agreement. 
 
5.5.2  Suspension for Non-Payment
We will provide you with notice of non-payment of any amount due. Unless the full amount has been paid, we may suspend your access to any or all of the Services ten (10) days after such notice. We will not suspend the Service while you are disputing the applicable charges reasonably and in good faith and are cooperating diligently to resolve the dispute. If a Service is suspended for non-payment, we may charge a re-activation fee to reinstate the Service.
 
5.5.3  Suspension for Present Harm
If Your use of, the Service: 
(i) is being subjected to denial-of-service attacks or other disruptive activity, 
(ii) is being used to engage in denial-of-service attacks or other disruptive activity, 
(iii) is creating a security vulnerability for the Service or others, 
(iv) is consuming excessive bandwidth, or 
(v) is causing harm to us or others, then we may, with electronic or telephonic notice to you, suspend all or any access to the Service. 
 
We will try to limit the suspension to the affected portion of the Service and promptly resolve the issues causing the suspension of the Service. Nothing in this clause limits our right to terminate for cause as outlined above, if we determine that you are acting, or have acted, in a way that has or may negatively reflect on or affect us, our prospects, or our customers.
 
5.5.4  Suspension and Termination of Free Services
We may suspend, limit, or terminate the Free Services for any reason at any time without notice. We may terminate your subscription to the Free Services due to your inactivity.
 
5.6 Effect of Termination or Expiration.   Upon termination or expiration of this Agreement, you will stop all use of the Service. If you terminate this Agreement for cause, we will promptly refund any prepaid but unused fees covering use of the Service after termination. If we terminate this Agreement for cause, you will promptly pay all unpaid fees due through the end of the Subscription Term. Fees are otherwise non-refundable.

6.  CUSTOMER DATA
 
6.1  Customer’s Proprietary Rights. You own and retain all rights to the Customer Materials and Customer Data. This Agreement does not grant us any ownership rights to Customer Materials or Customer Data. You grant permission to us and our licensors to use and sublicense use of the Customer Materials and Customer Data only as necessary to provide the Service and Consulting Services to you and as otherwise permitted by this Agreement. If you are using the Service or receiving Consulting Services on behalf of another party, then you represent and warrant that you have all sufficient and necessary rights and permissions to do so.
 
6.2  Limits on PhishingBox. We will not use, or allow anyone else to use, Customer Data to contact any individual or company except as you direct or otherwise permit. We will use Customer Data only in order to provide the Service and Consulting Services to you and only as permitted by applicable law and this Agreement.
 
6.3 Data Privacy.  Our data privacy practices are outlined in our Privacy Policy, available at https://www.phishingbox.com/privacy-policy.

6.4 Data Protection.  PhishingBox will maintain an appropriate information security program to prevent unauthorized access to Your non-public information.  We maintain a Trust Center to outline our key security controls, compliance practices, and other key information.  This information is available at https://www.phishingbox.com/trust-center.   
 
6.4.1 Breach Notification.  
PhishingBox will take immediate action to remedy any known security breaches to the PhishingBox system.  In addition, PhishingBox will notify You within 72 hours of any known or suspected disclosure of Confidential Information. 
 
6.5  Customer Data Transfers. We and our Affiliates may transfer Customer Data (including Personal Data) to the United States in connection with the Service. To the extent we process Personal Data from the European Economic Area, the United Kingdom and/or Switzerland or Personal Data that is subject to the protection of European Data Protection Laws, you have the option to enter into a specific Data Processing Agreement with Us or one of our Solution Providers.  
    
6.6 Retention, Deletion and Retrieval of Customer Data.  For active accounts, we will retain all data within the system unless such data is deleted by customer.  For data that is deleted by customer, such data may remain on backup or archivable media for some time.  For inactive accounts, data may be removed after a period of inactivity.  For specific deletion practices related to privacy, see our Privacy Policy at https://www.phishingbox.com/privacy-policy

7.  INTELLECTUAL PROPERTY
 
7.1  This is an agreement for access to and use of the Service, and you are not granted a license to any software by this Agreement. The Service and Consulting Services are protected by intellectual property laws, they belong to and are the property of us or our licensors (if any), and we retain all ownership rights to them. You agree not to copy, rent, lease, sell, distribute, or create derivative works based on the PhishingBox Content, the Service, or the Consulting Services in whole or in part, by any means, except as expressly authorized in writing by us. 
 
7.1.1 Our trademarks include, but aren’t limited to, those listed at https://www.phishingbox.com/trademarks (which we may update at any time without notice to you) and you may not use any of these without our prior written permission.  You may only use these trademarks or logos for promotional purposes to identify Yourself as a customer or user of the PhishingBox products and services, provided You do not attempt to claim any ownership of the marks by incorporating any of them within Your names or offerings and you abide by the guidelines outlined in https://www.phishingbox.com/company/branding.
 
7.2  We encourage all customers to comment on the Service or Consulting Services, provide suggestions for improving it, and vote on suggestions they like. You agree that all such comments and suggestions will be non-confidential and that we own all rights to use and incorporate them into the Service or Consulting Services, without payment or attribution to you.
 
7.3  You grant us the right to use, copy, modify, adapt, or publish the Customer Materials, including for advertising and publicity on the Service and elsewhere. You represent and warrant that you have the right to grant us those rights. We are under no obligation to pay you for those rights; by accessing and/or using the Service you receive consideration for granting us those rights.
 
7.4  You are solely responsible for Customer Data and Customer Materials. You represent and warrant that you own all intellectual property rights (such as copyright and trademark rights) in the Customer Data and Customer Materials. You grant us and our Affiliates a worldwide, irrevocable, royalty-free, nonexclusive, sublicensable license to use, reproduce, create derivative works of, distribute, publicly perform, publicly display, transfer, transmit, distribute, and publish Customer Materials and subsequent versions of Customer Materials for the purposes of (i) displaying templates to our customers on the Service, (ii) distributing and/or facilitating distribution of messages that contain Customer Materials either electronically or via other media, (iii) marketing the Service or any other product or service, and/or (iv) storing Customer Materials in a database accessible by others, for a charge or for no charge. This license shall apply to the distribution and the storage of Customer Materials in any form, medium, or technology now known or later developed, including print publication.
 
7.5  You acknowledge that we are not responsible or liable to you or to any third party for the content or accuracy of Customer Data and Customer Materials. We do not control the communications, information or files uploaded by Users on the Service. You may be exposed to content that you find offensive, indecent, or objectionable, or that is inaccurate, and you bear all risks associated with using that content. You understand that we have no obligation to monitor any areas of the Service through which Users can post Customer Materials. However, at any time we may screen, edit, move, delete, and/or refuse to accept any Customer Materials (from you or other customers) that in our judgment violate these terms or are otherwise objectionable, whether for legal or other reasons. This may include removing any content from the Service at any time, and we will not be liable to you or any other person for that removal.

8.  CONFIDENTIALITY
 
8.1 The Receiving Party will: (i) protect the confidentiality of the Confidential Information of the Disclosing Party using the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind, but in no event less than reasonable care, (ii) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, (iii) not disclose Confidential Information of the Disclosing Party to any third party (except those third party service providers used by us to provide some or all elements of the Service or Consulting Services and except for your PhishingBox Solutions Partner bound by confidentiality obligations), and (iv) limit access to Confidential Information of the Disclosing Party to those of its and its affiliates' employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein.
 
8.2  The Receiving Party may disclose Confidential Information of the Disclosing Party if required to do so under any federal, state, or local law, statute, rule or regulation, subpoena or legal process; provided, however, that (i) the Receiving Party will provide the Disclosing Party with prompt notice of any request that it disclose Confidential Information, sufficient to allow the Disclosing Party to object to the request and/or seek an appropriate protective order or, if such notice is prohibited by law, the Receiving Party will disclose the minimum amount of Confidential Information required to be disclosed under the applicable legal mandate; and (ii) in no event will the Receiving Party disclose Confidential Information to a party other than a government agency except under a valid order from a court having jurisdiction requiring the specific disclosure.

9.  PUBLICITY
 
You grant us the right to add your name and company logo to our customer list and website. You can opt-out of this by notifying us at support@phishingbox.com.

10.  INDEMNIFICATION
 
You will indemnify, defend and hold us and our Affiliates harmless, at your expense, against any third-party claim, suit, action, or proceeding (each, an "Action") brought against us (and our officers, directors, employees, agents, service providers, licensors, and affiliates) by a third party not affiliated with us or our Affiliates to the extent that such Action is based upon or arises out of:  
 
(a) unauthorized or illegal use of the Service by you, Users, or your Affiliates, 
(b) you, Users, or your Affiliates' noncompliance with or breach of this Agreement, 
(c) your, Users’, or your Affiliates’ submission of Customer Data or Customer Materials, or any use we or our customers make of it that is consistent with this Agreement,
(d) you, Users, or your Affiliates' use of Third-Party Products, or 
(e) the unauthorized use of the Service by any other person using your User information. 
 
We will: notify you in writing within thirty (30) days of our becoming aware of any such claim; give you sole control of the defense or settlement of such a claim; and provide you (at your expense) with any and all information and assistance reasonably requested by you to handle the defense or settlement of the claim. You will not accept any settlement that (i) imposes an obligation on us; (ii) requires us to make an admission; or (iii) imposes liability not covered by these indemnifications or places restrictions on us without our prior written consent.

11.  DISCLAIMERS; LIMITATION OF LIABILITY
 
11.1  Disclaimer of Warranties. WITHOUT LIMITING OUR OBLIGATIONS IN THE 'PROTECTION OF CUSTOMER DATA' SECTION OF THIS AGREEMENT, WE AND OUR AFFILIATES AND AGENTS MAKE NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY, RELIABILITY, AVAILABILITY, TIMELINESS, SECURITY, NON-INFRINGING CHARACTER OR ACCURACY OF THE SERVICE, DATA MADE AVAILABLE FROM THE SERVICE, PHISHINGBOX CONTENT, OR THE CONSULTING SERVICES FOR ANY PURPOSE. APPLICATION PROGRAMMING INTERFACES (APIs) MAY NOT BE AVAILABLE AT ALL TIMES. TO THE EXTENT PERMITTED BY LAW, THE SERVICE, PHISHINGBOX CONTENT AND CONSULTING SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND. WE DISCLAIM ALL WARRANTIES AND CONDITIONS OF ANY KIND, WHETHER EXPRESS, IMPLIED OR STATUTORY, WITH REGARD TO THE SERVICE AND THE CONSULTING SERVICES, INCLUDING ALL IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.
 
11.2  No Indirect Damages. TO THE EXTENT PERMITTED BY LAW, IN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES BE LIABLE FOR ANY INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, OR LOSS OF PROFITS, REVENUE, DATA OR BUSINESS OPPORTUNITIES ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY; PROVIDED THAT, THIS LIMITATION WILL NOT APPLY TO YOU IF YOU ONLY USE THE FREE SERVICES.
 
11.3  Limitation of Liability. EXCEPT FOR YOUR LIABILITY FOR PAYMENT OF FEES, YOUR LIABILITY ARISING FROM YOUR OBLIGATIONS UNDER THE ‘INDEMNIFICATION’ SECTION, AND YOUR LIABILITY FOR VIOLATION OF OUR INTELLECTUAL PROPERTY RIGHTS, IF, NOTWITHSTANDING THE OTHER TERMS OF THIS AGREEMENT, EITHER PARTY OR ITS AFFILIATES IS DETERMINED TO HAVE ANY LIABILITY TO THE OTHER PARTY, ITS AFFILIATES OR ANY THIRD PARTY, THE PARTIES AGREE THAT THE AGGREGATE LIABILITY OF A PARTY AND ITS AFFILIATES WILL BE LIMITED TO A SUM EQUAL TO THE TOTAL AMOUNTS PAID OR PAYABLE FOR THE SERVICE IN THE TWELVE MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO A CLAIM; PROVIDED HOWEVER, THIS LIMITATION WILL NOT APPLY TO YOU IF YOU ONLY USE THE FREE SERVICES, AND IN THIS CASE, IF WE ARE DETERMINED TO HAVE ANY LIABILITY TO YOU OR ANY THIRD PARTY ARISING FROM YOUR USE OF THE FREE SERVICES, THEN OUR AGGREGATE LIABILITY WILL BE LIMITED TO ONE HUNDRED U.S. DOLLARS. 
 
11.4  Third Party Products. WE AND OUR AFFILIATES DISCLAIM ALL LIABILITY WITH RESPECT TO THIRD-PARTY PRODUCTS THAT YOU USE. OUR LICENSORS WILL HAVE NO LIABILITY OF ANY KIND UNDER THIS AGREEMENT.
 
11.5  Agreement to Liability Limit. YOU UNDERSTAND AND AGREE THAT ABSENT YOUR AGREEMENT TO THIS LIMITATION OF LIABILITY, WE WOULD NOT PROVIDE THE SERVICE TO YOU.

12.  MISCELLANEOUS
 
12.1  Amendment; No Waiver.  We may modify any part or all of the Agreement by posting a revised version at https://www.phishingbox.com/terms.  The revised version will become effective and binding the next business day after it is posted. We will provide you notice of this revision by email or in-app notification.  
 
If you do not agree with a modification to the Agreement, you must notify us in writing within thirty (30) days after we send notice of the revision. If you give us this notice, then your subscription will continue to be governed by the terms and conditions of the Agreement prior to modification until your next renewal date, after which the current terms posted at www.phishingbox.com/terms will apply.  However, if we can no longer reasonably provide the subscription to you under the terms prior to modification (for example, if the modifications are required by law or result from general product changes), then the Agreement and/or affected Services will terminate upon our notice to you and we will promptly refund any prepaid but unused fees covering use of the Service after termination. 
 
No delay in exercising any right or remedy or failure to object will be a waiver of such right or remedy or any other right or remedy. A waiver on one occasion will not be a waiver of any right or remedy on any future occasion.
 
12.2  Force Majeure.  Neither party will be responsible for failure or delay of performance if caused by: an act of war, hostility, or sabotage; act of God; electrical, internet, or telecommunication outage that is not caused by the obligated party; government restrictions; or other event outside the reasonable control of the obligated party. Each party will use reasonable efforts to mitigate the effect of a force majeure event.
 
12.3  Actions Permitted. Except for actions for nonpayment or breach of a party’s proprietary rights, no action, regardless of form, arising out of or relating to this Agreement may be brought by either party more than one (1) year after the cause of action has accrued.
 
12.4  Relationship of the Parties. You and we agree that no joint venture, partnership, employment, or agency relationship exists between us.
 
12.5 Third Party Sites and Products. Third-Party Sites and Products are not under our control. Third-Party Sites and Products are provided to you only as a convenience, and the availability of any Third-Party Site or Product does not mean we endorse, support or warrant the Third-Party Site or Product.
 
12.6  Compliance with Laws. We will comply with all U.S. state and federal laws (where applicable) in our provision of the Service, the Consulting Services and our processing of Customer Data. We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation, legal process or governmental request.
 
You will comply with all laws in your use of the Service and Consulting Services, including any applicable export laws.  
 
You will comply with the sanctions programs administered by the Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury in your use and receipt of the Service and Consulting Services. 
 
You will not directly or indirectly export, re-export, or transfer the Service or Consulting Services to prohibited countries or individuals or permit use of the Service or Consulting Services by prohibited countries or individuals.
 
12.7 Severability. If any part of this Agreement or an Order Form is determined to be invalid or unenforceable by applicable law, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the remainder of this Agreement will continue in effect.
 
12.8 Arbitration.  All disputes, claims and/or controversies, including but not limited to billing disputes, matters of construction, interpretation and/or enforcement, arising out of or in any way connected to this agreement shall be submitted for final and binding resolution to a single arbitrator selected in accordance with the rules of the American Arbitration Association. The arbitration shall take place in Lexington, Kentucky. The award rendered by the arbitrator may be entered as a judgment in any court of competent jurisdiction. The cost of the arbitration and the attorneys' fees of the prevailing party shall be assessed against the party against whom the award is rendered.
 
12.9  Notices.  Each Party giving or making any notice, request, demand, or other communication required or permitted by this agreement shall give that notice in writing and use one of the following types of delivery: personal delivery, mail (registered or certified, postage prepaid, return-receipt requested), nationally recognized overnight courier (fees prepaid), or electronic mail.
 
For Client: The address maintained with the PhishingBox system for any administrator level user. 
 
For PhishingBox: 
 
PhishingBox LLC
400 East Vine Street, Suite 301
Lexington, KY 40507
support@phishingbox.com
 
12.10 Language. All communications and notices to be made or given pursuant to this Agreement shall be in the English language.  We might make versions of this Agreement available in languages other than English.  If we do, the English version of this Agreement will govern our relationship and the translated version is provided for convenience only and will not be interpreted to modify the English version of this Agreement.
 
12.11  Entire Agreement. This Agreement (including each Order), along with our Privacy Policy at https://www.phishingbox.com/privacy-policy is the entire agreement between us for the Service and Consulting Services and supersedes all other proposals and agreements, whether electronic, oral or written, between us. Our obligations are not contingent on the delivery of any future functionality or features of the Service or dependent on any oral or written public comments made by us regarding future functionality or features of the Service. 
 
12.12 Purchase Orders.   We object to and reject any additional or different terms proposed by you, including those contained in your purchase order, acceptance or website.
 
12.13  Assignment. You will not assign or transfer this Agreement without our prior written consent, except that you may assign this Agreement to a successor by reason of merger, reorganization, sale of all or substantially all of your assets, change of control or operation of law, provided such successor is not a competitor of ours. We may assign this Agreement to any PhishingBox affiliate or in the event of merger, reorganization, sale of all or substantially all of our assets, change of control or operation of law.
 
12.14 No Third Party Beneficiaries. Nothing in this Agreement, express or implied, is intended to or will confer upon any third-party person or entity any right, benefit or remedy of any nature whatsoever under or by reason of this Agreement.
 
12.15  Contract for Services. This Agreement is a contract for the provision of services and not a contract for the sale of goods. The provisions of the Uniform Commercial Code (UCC), the Uniform Computer Information Transaction Act (UCITA), or any substantially similar legislation as may be enacted, will not apply to this Agreement. If you are located outside of the territory of the United States, the parties agree that the United Nations Convention on Contracts for the International Sale of Goods will not govern this Agreement or the rights and obligations of the parties under this Agreement.
 
12.16 Governing Law.  This Agreement is governed by the laws of the United States and the Commonwealth of Kentucky, without reference to conflict of laws principles. 
 
12.17  Authority. Each party represents and warrants to the other that it has full power and authority to enter into this Agreement and that it is binding upon such party and enforceable in accordance with its terms. You further warrant and represent that you have the authority to procure your Affiliates compliance with the terms of this Agreement.
 
12.18  Survival. The following sections will survive the expiration or termination of this Agreement: 'Definitions’, ‘Fees’, 'Prohibited and Unauthorized Use', ‘Early Cancellation', ‘Termination for Cause’, ‘Suspension for Prohibited Acts’, ‘Suspension for Non-Payment’, ‘Suspension for Present Harm’, ‘Suspension and Termination of Free Services’, ‘Effect of Termination or Expiration’, ‘Intellectual Property’, ‘Customer’s Proprietary Rights’, 'Confidentiality’, ‘Publicity’, ‘Indemnification’, ‘Disclaimers; Limitations of Liability’, ‘Miscellaneous’.  
 
12.19  Precedence. In the event of a conflict between the terms of the Agreement and an Order, the terms of the Order shall control, but only as to that Order.