Terms of Service

Last Updated: January 14, 2026

Welcome to paware.io. These Terms of Service ("Terms") govern your use of our security awareness training platform and services. By accessing or using our platform, you agree to be bound by these Terms.

1. Acceptance of Terms

By creating an account, accessing our platform, or using any of our services, you agree to:

• These Terms of Service
• Our Privacy Policy
• Any additional terms specific to certain features or services

If you are using our services on behalf of an organization, you represent that you have the authority to bind that organization to these Terms.

2. Description of Services

paware.io provides security awareness training services, including:

2.1 Phishing Simulations

• AI-powered phishing campaign creation and management
• Simulated phishing attacks for training purposes
• Campaign analytics and reporting
• Individual risk scoring and tracking

2.2 Training Platform

• Interactive security awareness training modules
• AI-adaptive learning paths
• Quizzes and assessments
• Multi-language support

2.3 Supply Chain Security

• Vendor security assessments
• Automated security scanning (DNS, SSL/TLS, breach history, etc.)
• Customizable questionnaires
• Risk analysis and reporting

2.4 Analytics and Reporting

• Real-time dashboards
• Performance metrics
• Executive-level reports
• Compliance documentation

3. Account Registration and Responsibilities

3.1 Account Creation

To use our services, you must:

• Provide accurate and complete information
• Be at least 18 years of age
• Have the authority to enter into these Terms
• Maintain the security of your account credentials

3.2 Account Security

You are responsible for:

• Maintaining the confidentiality of your password
• All activities that occur under your account
• Notifying us immediately of any unauthorized access
• Ensuring your team members comply with these Terms

3.3 Organization Accounts

If you create an organization account:

• You represent that you have authority to bind the organization
• The organization is responsible for all activities under the account
• Administrators can manage user access and permissions
• The organization controls data access for its employees

4. Acceptable Use Policy

4.1 Permitted Uses

You may use our platform solely for:

• Internal security awareness training
• Authorized phishing simulations for your organization
• Vendor security assessments with proper authorization
• Legitimate business purposes consistent with our intended use

4.2 Prohibited Activities

You agree NOT to:

• Unauthorized Access: Conduct phishing simulations against individuals or organizations without proper authorization
• Malicious Use: Use our platform for actual phishing attacks, fraud, or illegal activities
• System Abuse: Attempt to hack, reverse engineer, or compromise our platform
• Data Scraping: Scrape, crawl, or systematically collect data from our platform
• Resale: Resell or redistribute our services without written permission
• Interference: Interfere with other users' access or our platform operations
• Misrepresentation: Impersonate others or misrepresent your affiliation
• Legal Violations: Violate any applicable laws or regulations

4.3 Consequences of Violation

Violation of this Acceptable Use Policy may result in:

• Immediate suspension or termination of your account
• Legal action and cooperation with law enforcement
• Liability for damages caused by your actions

5. Phishing Simulation Guidelines

5.1 Authorization Requirements

Before conducting phishing simulations, you must:

• Obtain written authorization from appropriate organizational leadership
• Inform relevant stakeholders (IT, security, HR, legal) about the program
• Only target employees within your authorized scope
• Comply with applicable laws and regulations

5.2 Simulation Safeguards

When conducting simulations:

• Clearly identify training emails in email headers (for filtering purposes)
• Never collect real credentials or sensitive personal information
• Provide immediate feedback and training when users click
• Maintain a supportive, non-punitive approach
• Ensure landing pages clearly state "This was a training simulation"

6. Supply Chain Scanning

6.1 Scanning Authorization

When using our security scanning features:

• Only scan domains you are authorized to assess
• Obtain vendor consent where required by contract or law
• Do not use scanning results for malicious purposes
• Respect rate limits and scanning restrictions

6.2 Scanning Limitations

Our scanning services:

• Provide informational assessments, not penetration testing
• Use publicly available data and non-intrusive techniques
• May not detect all security vulnerabilities
• Should supplement, not replace, comprehensive security audits

7. Payment and Subscriptions

7.1 Fees and Billing

• Subscription fees are billed in advance on a monthly or annual basis
• Prices are stated on our website or in your subscription agreement
• You authorize us to charge your payment method for all fees
• All fees are non-refundable unless otherwise stated

7.2 Price Changes

• We may change prices with 30 days' notice
• Price changes apply to subsequent billing periods
• Continued use after price changes constitutes acceptance

7.3 Free Trials

• Free trials allow testing our platform without payment
• Trials automatically convert to paid subscriptions unless canceled
• You must provide payment information to start a trial
• We may limit trial availability or duration

7.4 Cancellation and Refunds

• You may cancel your subscription at any time through your account settings
• Cancellation takes effect at the end of your current billing period
• No refunds for partial months or unused services
• You retain access to paid features until the end of your billing period

8. Intellectual Property

8.1 Our Rights

We own all rights to:

• The paware.io platform, website, and software
• Our trademarks, logos, and branding
• Training content, templates, and materials
• Documentation and user guides
• Proprietary algorithms and AI models

8.2 Your Rights

You retain ownership of:

• Your company data and information
• Custom content you create within our platform
• Data and reports you generate

8.3 License Grant

We grant you a limited, non-exclusive, non-transferable license to:

• Access and use our platform for your internal business purposes
• Use our training materials with your employees
• Generate and use reports from our analytics

This license terminates when your subscription ends or these Terms are terminated.

9. Data and Privacy

9.1 Your Data

• You retain ownership of all data you input into our platform
• We process your data in accordance with our Privacy Policy
• You grant us permission to process data to provide our services

9.2 Data Security

We implement reasonable security measures to protect your data, including:

• Encryption in transit and at rest
• Access controls and authentication
• Regular security monitoring and updates
• Compliance with industry standards

9.3 Data Breach Notification

In the event of a data breach affecting your information, we will:

• Notify you within 72 hours of discovering the breach
• Provide details about the nature and extent of the breach
• Describe steps we are taking to address the breach
• Cooperate with any regulatory or legal requirements

10. Service Level and Availability

10.1 Service Availability

We strive to maintain high availability but do not guarantee uninterrupted service. Our platform may be unavailable due to:

• Scheduled maintenance (with advance notice)
• Emergency maintenance or security updates
• Factors beyond our control (internet outages, DDoS attacks, etc.)

10.2 Service Level Agreement (SLA)

Enterprise customers may be eligible for an SLA with specific uptime guarantees. Contact our sales team for details.

11. Warranties and Disclaimers

11.1 Service Warranty

We warrant that our services will perform substantially as described in our documentation when used as intended.

11.2 Disclaimers

EXCEPT AS EXPRESSLY PROVIDED, OUR SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING:

• Warranties of merchantability or fitness for a particular purpose
• Warranties that our services will be error-free or uninterrupted
• Warranties that our security assessments will detect all vulnerabilities
• Warranties regarding the accuracy or completeness of scanning results

11.3 Third-Party Services

Our platform may integrate with third-party services. We are not responsible for:

• Third-party service availability or performance
• Third-party data handling or security practices
• Changes to third-party APIs or functionality

12. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

12.1 Exclusion of Damages

We shall not be liable for:

• Indirect, incidental, special, consequential, or punitive damages
• Loss of profits, revenue, data, or business opportunities
• Cost of substitute services
• Damages arising from your use or inability to use our services

12.2 Liability Cap

Our total liability for all claims related to these Terms or our services shall not exceed the greater of:

• The fees you paid in the 12 months preceding the claim, or
• €500 (five hundred euros)

12.3 Exceptions

These limitations do not apply to:

• Our gross negligence or willful misconduct
• Death or personal injury caused by our negligence
• Fraud or fraudulent misrepresentation
• Any liability that cannot be excluded by law

13. Indemnification

You agree to indemnify and hold us harmless from any claims, damages, losses, or expenses (including legal fees) arising from:

• Your violation of these Terms
• Your unauthorized use of our services
• Your violation of any laws or third-party rights
• Unauthorized phishing simulations or security assessments you conduct
• Your content or data uploaded to our platform

14. Termination

14.1 Termination by You

You may terminate your account at any time by:

• Canceling your subscription through account settings
• Contacting our support team

14.2 Termination by Us

We may suspend or terminate your account if:

• You violate these Terms or our Acceptable Use Policy
• Your payment fails or your account is past due
• You engage in fraudulent or illegal activities
• Required by law or government order
• We discontinue the service (with reasonable notice)

14.3 Effect of Termination

Upon termination:

• Your access to the platform will be immediately revoked
• You remain liable for any outstanding fees
• You must cease using our services and materials
• We may delete your data after 30 days (subject to backup retention)
• You may request a data export before termination

15. Changes to Terms

We may update these Terms from time to time. We will notify you of material changes by:

• Posting the updated Terms on our website
• Sending an email to your registered address
• Displaying an in-app notification

Changes become effective 30 days after notification. Your continued use after changes constitutes acceptance. If you do not agree to changes, you must cancel your account before they take effect.

16. Governing Law and Disputes

16.1 Governing Law

These Terms are governed by the laws of Israel, without regard to conflict of law principles.

16.2 Dispute Resolution

For any disputes arising from these Terms:

• Informal Resolution: Contact us first to attempt informal resolution
• Mediation: If informal resolution fails, we agree to mediation before litigation
• Jurisdiction: Exclusive jurisdiction in the courts of Tel Aviv, Israel

16.3 EU Users

EU users may also have recourse to the dispute resolution mechanisms provided under EU law.

17. General Provisions

17.1 Entire Agreement

These Terms, together with our Privacy Policy and any subscription agreement, constitute the entire agreement between you and paware.io.

17.2 Severability

If any provision is found invalid or unenforceable, the remaining provisions remain in full effect.

17.3 Waiver

Our failure to enforce any right or provision does not constitute a waiver of that right or provision.

17.4 Assignment

You may not assign or transfer these Terms without our written consent. We may assign these Terms without restriction.

17.5 Force Majeure

We are not liable for failure to perform due to circumstances beyond our reasonable control, including natural disasters, war, terrorism, pandemics, internet outages, or government actions.

17.6 Survival

Provisions that by their nature should survive termination (including liability limitations, indemnification, and dispute resolution) will survive.

18. Contact Information

These Terms of Service are effective as of the date stated above and apply to all users of the paware.io platform.