Terms of service

Other agreements and order of precedence

If you have a separate master services agreement, enterprise agreement, or reseller/MSP arrangement with PhishEye that is signed by both parties, those terms control over conflicting provisions in this Agreement, but only to the extent of the conflict. Undefined capitalized terms may be defined in your Order or supplementary agreements. Our Privacy Policy describes how we handle personal data and is incorporated by reference where applicable.

Access and use of the Service

Access grant

Subject to this Agreement, your Order, timely payment of applicable fees, and compliance with our published documentation ("Documentation"), PhishEye grants you a non-exclusive, non-transferable right during the subscription or trial term to access and use the Service remotely over the Internet for your internal business purposes, solely for the benefit of you and your affiliates identified in the Order.

Accounts and security

You are responsible for maintaining the confidentiality of credentials, for configuring appropriate access controls, and for all activity under your accounts, whether or not authorized by you. You will promptly notify us of any unauthorized use or security incident related to the Service.

Restrictions

You will not, and will not permit others to:

• Reverse engineer, decompile, or attempt to extract source code or underlying algorithms from the Service, except to the limited extent statutory law expressly permits despite this restriction
• Modify, create derivative works from, or build a competing product or service using our Documentation, interfaces, or output, except as we expressly permit in writing
• Rent, resell, sublicense, or provide the Service on a timesharing or service-bureau basis to third parties, except as expressly allowed in your Order (for example, managed security services subject to a separate written program)
• Remove or obscure proprietary notices
• Probe, scan, or test the vulnerability of our systems, or circumvent technical limits or security controls, except coordinated disclosure we approve in writing
• Use the Service in violation of law, third-party rights, or acceptable use expectations—including using the Service to harass, distribute malware, or interfere with abuse-reporting channels in ways that violate provider rules

Third-party services

The Service may interoperate with networks, registrars, hosts, platforms, identity providers, and other third-party services ("Third-Party Services"). PhishEye does not control Third-Party Services and is not responsible for their availability, policies, or outcomes (for example, whether a registrar or host accepts a takedown or how quickly they act). You are responsible for obtaining any rights and complying with any terms required to use Third-Party Services you connect or rely on. Interactions and data exchanges between you and a third party are solely between you and that third party.

Nature of detection and enforcement

PhishEye provides software and workflows to help identify and respond to digital risk (such as phishing, scams, impersonation, and typosquatting). Findings, risk scores, and recommendations may use automated analysis, including machine-assisted methods. No detection or monitoring is guaranteed to be complete, timely, or error-free. Malicious actors may evade detection, geo-target content, or change infrastructure in ways that affect results. Takedowns, suspensions, and other enforcement actions depend on third parties and applicable law; unless an Order expressly states otherwise, PhishEye does not guarantee any particular outcome or timeline.

Fees, payment, and taxes

You will pay the fees specified in your Order or checkout flow ("Fees") using the payment method and schedule described there. Unless stated otherwise, Fees are billed in advance, non-refundable except as required by law or expressly stated in writing, and due within the period stated on the invoice (or, if none, thirty (30) days from invoice date). Late amounts may incur finance charges up to one and one-half percent (1.5%) per month or the maximum rate permitted by law, whichever is lower, plus reasonable costs of collection.

Fees are exclusive of applicable taxes. You are responsible for all sales, use, VAT, GST, withholding, and similar taxes other than taxes based on PhishEye's net income. If you claim a tax exemption, you will provide valid documentation we reasonably request.

Limited warranty

Each party represents that it has validly entered into this Agreement and has the power to do so.

Except as expressly stated in this Agreement or an Order, the Service is provided "as is" and "as available." To the fullest extent permitted by law, PhishEye disclaims all other warranties, whether express, implied, or statutory, including implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement, and any warranties arising from course of dealing or usage of trade.

Limitation of liability

To the maximum extent permitted by applicable law, neither party will be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for loss of profits, revenues, goodwill, or data, or cost of cover, even if advised of the possibility.

Except for your payment obligations, either party's aggregate liability arising out of or related to the Service or this Agreement will not exceed the greater of (a) the Fees paid or payable by you to PhishEye in the twelve (12) months before the event giving rise to the claim, or (b) one hundred pounds sterling (GBP £100) if no Fees were paid during that period. These caps do not apply to liability that cannot be limited under applicable law (for example, gross negligence, willful misconduct, or death/personal injury where such exclusions are prohibited).

Because monetary damages may be an insufficient remedy for misuse of our intellectual property or confidential information, PhishEye may seek injunctive or equitable relief for violations or threatened violations of those sections, in addition to other remedies.

Indemnification

By PhishEye

PhishEye will defend you against a third-party claim that the Service, as made available to you under this Agreement and used as permitted, infringes copyright, a trade secret, or a patent valid in the United Kingdom, and will pay amounts finally awarded by a court or agreed in settlement for such claim, subject to this section. PhishEye has no obligation for claims arising from your combination of the Service with items not provided by PhishEye, your modification of the Service without authorization, your use after notice to stop, or use not in accordance with this Agreement or Documentation. If the Service is enjoined or PhishEye reasonably believes it may be, PhishEye may, at its option, procure continued use, modify the Service to be non-infringing, or terminate your subscription and refund prepaid Fees for the unused portion of the then-current term. This subsection states PhishEye's sole liability and your exclusive remedy for the covered intellectual property claims.

By you

You will defend PhishEye and our affiliates, directors, officers, employees, and agents against any third-party claim arising from or related to (a) Customer Content (defined below), (b) your use of the Service in breach of this Agreement, or (c) your violation of law or third-party rights, and you will pay reasonable attorneys' fees and court costs as well as amounts finally awarded or agreed in settlement, subject to the indemnity process below.

Process

The indemnified party will promptly notify the indemnifying party of a claim, cooperate reasonably, and allow the indemnifying party to control the defense and settlement, provided that no settlement imposing obligations or admissions on the indemnified party may be made without its prior written consent (not unreasonably withheld).

Free trial and evaluation

If PhishEye grants you trial or evaluation access without charge, the Service is provided as is without the limited warranty above, solely for internal evaluation, and may be subject to usage limits or automatic expiration. You assume all risk associated with trial use. Sections addressing limitation of liability still apply to the extent permitted by law.

Proprietary rights and customer content

PhishEye and its licensors own all right, title, and interest in and to the Service, software, Documentation, and our branding, including improvements and derivative works. No ownership rights are transferred to you other than the limited rights expressly granted in this Agreement.

You retain ownership of data, text, files, domain lists, alerts, and other materials you submit to the Service ("Customer Content"). You are solely responsible for the legality, quality, and accuracy of Customer Content and for obtaining rights needed to submit it. You grant PhishEye a worldwide, royalty-free license to host, process, transmit, and display Customer Content only as reasonably necessary to provide, secure, and improve the Service, comply with law, and respond to lawful governmental requests.

We may generate de-identified or aggregated statistics from use of the Service that do not identify you or any natural person, and we may use those statistics for analytics, benchmarking, and product development.

Feedback, suggestions, or ideas you voluntarily provide may be used by PhishEye without restriction or obligation to you.

Confidentiality

"Confidential Information" means non-public information disclosed by a party that is designated confidential or that reasonably should be understood to be confidential, including the Service, non-public Documentation, security information, pricing under an Order, and business plans. The receiving party will use the disclosing party's Confidential Information only for purposes of this Agreement, protect it with at least reasonable care, and not disclose it except to employees and contractors who need to know and are bound by confidentiality obligations no less protective than these terms.

Confidentiality obligations do not apply to information that is public through no fault of the receiver, already known, independently developed, or rightfully received from a third party, or that must be disclosed by law (where the receiver gives reasonable advance notice, if legally permitted). A breach may cause irreparable harm; the disclosing party may seek injunctive relief in addition to other remedies.

Term and termination

This Agreement begins when you first accept it or use the Service and continues for the subscription term in your Order, automatically renewing for successive periods of the same length unless either party gives notice of non-renewal before the renewal date stated in the Order (or, if none, thirty (30) days prior to renewal).

Either party may terminate this Agreement for material breach if the breach is not cured within thirty (30) days after written notice (ten (10) days for nonpayment). We may suspend access immediately if we reasonably believe suspension is necessary to prevent harm, comply with law, or address a security incident, or if you are in serious breach.

Upon expiration or termination, your right to access the Service ends. We will make available a reasonable export window for Customer Content if stated in the Order or Documentation; otherwise contact support. Sections that by nature should survive—including fees accrued, confidentiality, proprietary rights, warranties and disclaimers, limitation of liability, indemnity, and dispute resolution—will survive.

Support and availability

PhishEye will use commercially reasonable efforts to make the Service available in line with any uptime or support commitments in your Order. Otherwise, the Service may be unavailable for maintenance (scheduled or emergency), security events, force majeure events, or Third-Party Service failures. We may modify features to comply with law, address abuse, or improve the Service; we will not materially reduce core functionality of a paid subscription without reasonable notice where practicable.

Compliance with law

Each party will comply with laws applicable to its performance, including UK and other applicable privacy and data protection law, sanctions, and export control laws. You will not use or export the Service in violation of UK, U.S., or other applicable restrictions. You represent that your submission and our processing of Customer Content as instructed by you will not violate third-party rights or applicable law.

Changes to this Agreement

We may update this Agreement for all customers by posting a revised version on our website and, for material changes, providing additional notice (such as email or in-product notification) at least thirty (30) days before the effective date where required. Your continued use after the effective date constitutes acceptance. If you do not agree, you must stop using the Service and, for paid subscriptions, follow cancellation terms in your Order.

No third-party beneficiaries

Except as expressly stated, nothing in this Agreement confers any rights on third parties.

Nature of the contract

This Agreement is for services, not a sale of goods. The United Nations Convention on Contracts for the International Sale of Goods does not apply. If you are a consumer, mandatory consumer protection laws in your country may apply notwithstanding this Agreement; these terms are principally intended for business customers.

Force majeure

Neither party is liable for delay or failure to perform due to events beyond its reasonable control, including natural disasters, war, terrorism, riots, government actions, epidemics, labor disputes, utility failures, or cyberattacks against infrastructure not controlled by the affected party, provided it uses reasonable efforts to mitigate and resume performance.

Assignment

You may not assign or transfer this Agreement without our prior written consent, except to an affiliate or in connection with a merger, acquisition, or sale of substantially all of your assets, provided the assignee is not a direct competitor of PhishEye and you give prompt written notice. We may assign this Agreement in connection with a merger, acquisition, corporate reorganization, or sale of assets. Any permitted assignment binds successors and assigns.

Dispute resolution

Subject to the section below, the courts of England and Wales have exclusive jurisdiction to settle any dispute arising out of or in connection with this Agreement or the Service (including non-contractual disputes or claims). Either party may seek interim or protective relief (including injunctive relief) in any court of competent jurisdiction where necessary to protect its rights pending resolution.

Mandatory consumer or employment protections in your jurisdiction may affect where disputes can be heard. Have counsel review jurisdiction and dispute clauses before publication.

Governing law

This Agreement and any dispute or claim arising out of or in connection with it (including non-contractual disputes or claims) are governed by the laws of England and Wales, without regard to conflict-of-law rules that would require application of another jurisdiction's law.

General

This Agreement, together with the Order and Privacy Policy, is the entire agreement regarding its subject matter and supersedes prior discussions. Waivers must be in writing. If any provision is invalid, the remainder stays in effect. Notices to you may be sent to the email associated with your account or posted in the Service. Notices to PhishEye should be sent via our contact page or to contact@phisheye.com, or by post to the registered office of PhishEye Ltd at 17 Hanover Square, London W1S 1BN, United Kingdom. Neither party is the agent or partner of the other. The prevailing party in any action to enforce this Agreement (where permitted) may recover reasonable attorneys' fees and costs. You will not issue a public press release regarding this relationship without our prior written consent unless required by law.

U.S. government end users

If you are a U.S. Government end user, the Service and Documentation are "commercial items" as defined at 48 C.F.R. §2.101 and consist of "commercial computer software" and "commercial computer software documentation" as used in 48 C.F.R. §12.212 or §§227.7202-1 through 227.7202-4, as applicable. You receive only those rights customarily granted to the public under this Agreement.