End User License Agreement (EULA)

  • Introduction
  • License Grant & Scope Of Use
  • Ownership And Intellectual
    Property

  • Data Privacy And Security

  • Acceptable Use Policy (AUP)

  • Service Level Agreement (SLA)

  • Training, Customization &
    Professional Services
  • Term & Termination
  • Warranties And Disclaimers
  • Limitation of Liability
  • Indemnity
  • Export Control And Sanctions

  • Governing Law And Jurisdiction
  • Entire Agreement

Effective Date: 6th April 2025
Company: simUphish LTD (Registered in England and Wales, Company Number: 16167880)
Product: simUphish Platform (including simulated Phishing Engine, Human Risk Analytics, Training Suite, Incident Response Modules, and associated components)

1. INTRODUCTION

This End User License Agreement (“Agreement”) is a legal agreement between you (either an individual or a legal entity, referred to herein as “Customer”, “You” or “Your”) and simUphish LTD (“simUphish”, “We”, “Us”, or “Our”). This Agreement governs Your access to and use of the simUphish platform including its SaaS components, downloadable agents, plugins, APIs, mobile applications, scripts, dashboards, training content, analytics models, support services, and all related documentation (collectively, the “Software”).
By accessing or using the Software, You agree to be bound by the terms of this Agreement. If You do not agree, do not access or use the Software.

2. LICENSE GRANT AND SCOPE OF USE

2.1 License Grant: simUphish LTD grants You a non-exclusive, non-transferable, non-sublicensable, revocable, limited license to access and use the Software strictly in accordance with this Agreement and the selected subscription tier.

2.2 Permitted Use:
– Conduct internal employee awareness simulations, including phishing, smishing, vishing, and deepfake attacks.
– Deliver training modules via simUphish’s LMS system.
– Monitor behavioral analytics and risk scoring.
– Access executive dashboards, reporting tools, incident response workflows, and integrations.

2.3 Restrictions:
You shall not:
– Reverse engineer, decompile, decode, or otherwise attempt to derive or access source code.
– Use Software to target third-party users not part of your licensed organization.
– Copy, modify, distribute, rent, lease, or sublicense any part of the Software.
– Circumvent, disable, or tamper with any security features.

3. OWNERSHIP AND INTELLECTUAL PROPERTY


All intellectual property rights in the Software, templates, UI/UX, algorithms, dashboards, AI models, behavioral science frameworks, visual identity, and content remain the exclusive property of simUphish LTD. This Agreement does not convey any ownership rights to You.
Third-party components, open-source libraries, and public data sources used in simUphish are credited in documentation and are governed by their respective licenses.

4. DATA PRIVACY AND SECURITY


4.1 Data Handling: Customer Data remains Customer’s property. simUphish acts as a data processor under the UK GDPR and DPA 2018 and agrees to only process data for purposes necessary for delivering the service.

4.2 Data Processing Addendum (DPA): A detailed DPA is included as part of the Master Subscription Agreement.

4.3 Storage and Retention: Data is stored in secure cloud infrastructure in compliance with ISO 27001, SOC 2, and GDPR standards. Retention policies are customizable and governed by your license agreement.

4.4 Confidentiality: All Customer Data and usage analytics are treated as confidential.

5. ACCEPTABLE USE POLICY (AUP)


You agree not to use simUphish for:
– Unauthorized mass emailing or real-world phishing.
– Collecting or harvesting data from non-consenting individuals.
– Sending malicious payloads, ransomware, or actual attack scripts.
– Interfering with or damaging the Software or its infrastructure.

Violation may result in immediate suspension or termination of access.

6. SERVICE LEVEL AGREEMENT (SLA)


simUphish guarantees 99.9% monthly uptime (excluding scheduled maintenance). SLAs include:
– Critical Support: 8-hour response time
– Ticket resolution TAT: <48 hours average
– Onboarding and customer success support

7. TRAINING, CUSTOMIZATION, AND PROFESSIONAL SERVICES


The platform supports:
– Customized phishing templates
– Industry-specific training modules (Healthcare, Finance, Govt., etc.)
– Behavior change nudges and reinforcement
– Integration with Microsoft 365, Google Workspace, Okta, Active Directory

Add-on services may include:
– Red Team simulations
– Third-party risk assessments
– API development and secure plugin deployment

8. TERM AND TERMINATION


This Agreement shall remain in force for the duration of your subscription.
simUphish may terminate this Agreement:
– With 30 days’ notice for convenience
– Immediately if You breach any clause of this Agreement Upon termination, You must cease using all components of the Software. Data may be exported by You within 30 days after termination, after which it may be deleted.

9. WARRANTIES AND DISCLAIMERS


simUphish warrants:
– It has the right to license the Software
– It complies with applicable UK laws

Disclaimer:
– Software is provided “AS IS”
– simUphish disclaims all other warranties, express or implied, including merchantability, non-infringement, and fitness for a particular purpose

10. LIMITATION OF LIABILITY


To the extent permitted by law, simUphish LTD’s liability is limited to the fees paid in the 12 months prior to the claim. simUphish is not liable for indirect, special, incidental, punitive, or consequential damages.

11. INDEMNITY

You agree to indemnify and hold harmless simUphish LTD against any claims, damages, liabilities, and expenses arising from your breach of this Agreement, unauthorized use, or violation of applicable laws.

12. EXPORT CONTROL AND SANCTIONS


You are solely responsible for compliance with export laws and regulations.

13. GOVERNING LAW AND JURISDICTION


This Agreement shall be governed by the laws of England and Wales. Any disputes shall be resolved by the courts of London.

14. ENTIRE AGREEMENT

This EULA, along with the Subscription Agreement, DPA, and SLA, constitutes the full agreement between You and simUphish LTD. No oral or written statements outside this document shall be binding.

For questions regarding this Agreement, contact:
Legal Department – simUphish LTD
Email: [email protected]
Website: www.simuphish.com