Terms of Service

Last updated: May 2026

Summary: PhishGuard is a security awareness tool for authorized use only. You must own or have explicit written authorization to test the email domains of your target employees. No real attacks. No credential harvesting. Full compliance with Canadian law is required.

1. Acceptance of Terms

By registering an account or using PhishGuard ("the Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree, do not use the Service.

2. Authorized Use Only

The Service is designed exclusively for authorized security awareness testing. By launching any campaign, you represent and warrant that:

You own the email domain(s) being tested, or have explicit written authorization from the domain owner.
You have obtained informed consent from your organization's leadership as documented by the in-app consent declaration.
You will not use the Service to attack, deceive, or harm individuals outside your own organization.
You will not use the Service to collect real credentials, financial information, or sensitive personal data.

Any use of the Service for unauthorized phishing, fraud, or malicious purposes is strictly prohibited and may result in immediate account termination and referral to law enforcement.

3. Consent Declaration

Before launching any campaign, you must complete the in-app Consent Declaration, affirming that you are authorized to conduct phishing simulations on the targeted employees and domains. This declaration is stored with your account and constitutes your legally binding acknowledgment of authorized use.

4. Data Collected & Not Collected

PhishGuard collects:

Whether an employee clicked a simulated phishing link (yes/no)
The timestamp of the click event
Employee email addresses and department names (as provided by you)

PhishGuard never collects:

Passwords or credentials entered on simulated login pages
Financial information
Any personal information beyond what you explicitly upload

5. Subscription & Billing

Paid plans are billed monthly or annually via Stripe. By subscribing, you authorize PhishGuard to charge your payment method on a recurring basis. Cancellations take effect at the end of the current billing period. No refunds are issued for partial months unless required by applicable law.

6. Service Availability

We strive for high availability but do not guarantee uninterrupted access. The Service is provided "as is" without warranty of any kind. We reserve the right to modify, suspend, or discontinue any feature with reasonable notice.

7. Intellectual Property

All PhishGuard software, templates, and materials are the property of PhishGuard and are protected by copyright and applicable intellectual property law. Your data (employee lists, campaign results) remains yours.

8. Limitation of Liability

To the maximum extent permitted by applicable law, PhishGuard shall not be liable for indirect, incidental, special, or consequential damages arising from your use of the Service. Our total liability is limited to the amount you paid for the Service in the three months preceding the claim.

9. Governing Law

These Terms are governed by and construed in accordance with the laws of the Province of Ontario, Canada, without regard to its conflict of law provisions. Any disputes shall be resolved in the courts of Ontario.

10. Changes to Terms

We may update these Terms from time to time. Material changes will be communicated by email and by posting a notice in the dashboard. Continued use of the Service after the effective date constitutes your acceptance of the revised Terms.

11. Contact

For questions about these Terms, contact us at [email protected].