Terms of Service

Welcome to Phishy, a phishing simulation and security awareness training service operated under the domain phishy.io(“we,” “us,” or “our”). By using our services, you agree to comply with these Terms of Service. Please read them carefully before accessing or using our platform.

1. Acceptance of Terms

By accessing or using Phishy’s services, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree, you must discontinue use of our services immediately.

2. Description of Services

Phishy provides cybersecurity awareness training, including phishing, vishing, and smishing simulations. These simulations are conducted to assess and improve employee awareness of cyber threats. The services include:

• Phishing email simulations.
• Vishing (voice phishing) call simulations.
• Smishing (SMS phishing) message simulations.
• Reports and analysis of user interactions with simulated threats.
• Educational content and training based on simulation results.

3. Data Collection and Usage

Phishy collects and processes only the data necessary for providing our simulation services. This includes:

• Business email addresses and phone numbers (only as provided by clients for simulation purposes).
• User interactions with phishing, vishing, and smishing simulations (e.g., clicked links, responded calls, replied messages).
• Aggregated statistics on campaign results.

Data Retention:

• Personal data (e.g., email addresses and phone numbers) is retained only for the duration of the simulation.
• After the simulation is completed, personal data is permanently deleted, leaving only anonymized statistical data for reporting and analysis.

We do not store or process sensitive personal data beyond what is required for training and simulation purposes.

4. Customer Responsibilities

By using our services, customers agree to:

• Obtain necessary consent from employees before enrolling them in phishing simulations.
• Provide accurate and authorized email addresses and phone numbers for simulation purposes.
• Ensure that their use of Phishy’s services complies with applicable laws and regulations.

5. Prohibited Activities

Users of Phishy’s services must not:

• Use the service for malicious or unethical purposes.
• Attempt to reverse-engineer or interfere with the functionality of our services.
• Share or distribute simulation emails, messages, or any proprietary materials provided by Phishy.

6. Intellectual Property

All content, software, and materials provided as part of Phishy’s services, including phishing templates, training content, and reports, are the intellectual property of Phishy. Unauthorized use, reproduction, or distribution is strictly prohibited.

7. Disclaimers and Limitation of Liability

• Phishy provides simulations for educational purposes only. We do not guarantee absolute protection against phishing threats.
• We are not responsible for any consequences resulting from customer actions taken in response to simulated phishing attempts.
• We are not liable for indirect, incidental, or consequential damages arising from the use of our services.

8. Modifications to the Terms

We may update these Terms of Service periodically to reflect changes in our services or legal requirements. Users will be notified of any significant changes.

9. Termination

We reserve the right to terminate or suspend access to our services if a customer violates these Terms of Service or engages in unlawful activity.

10. Contact Information

For any questions regarding these Terms of Service, please contact us at [email protected].

Last Updated: Feb 11, 2025