Take our free Simplifying Cyber Risk course now at SIMPLIFYCYBERRISK.COM!

Terms and Conditions for Phishing Simulation and Security Awareness Training Services

Effective Date: Upon enrollment
Provider: RLS Consulting, LLC, 1480 Abilene Dr, Broomfield, CO 80020
Client: The business selecting to enroll in the Program.

Introduction

By registering for and participating in the phishing simulation and security awareness training program (“Program”) provided by RLS Consulting, LLC (“Provider”), you, the Client, agree to the following Terms and Conditions. This agreement governs your participation in the Program, which is managed using a third-party platform, and outlines the scope of services, data usage, responsibilities, and limitations.

Scope of Services

  • The Program delivers monthly phishing simulation emails and automated reports based on the structure determined by the Parent Organization or Cohort.
  • Training materials and tips may be provided at the discretion of the Provider, but these are not guaranteed components of the Program.
  • A designated reporting contact will receive monthly performance reports detailing user engagement with simulations.
  • Clients will complete a setup process through a wizard tool, with limited support from the Provider if necessary.
  • Email deliverability may require whitelisting of the Provider’s email server or integration with Microsoft for user management and permissions.

Responsibilities of the Client

  • Assign an IT Admin to handle the initial setup, manage user lists, and ensure ongoing deliverability of emails.
  • Maintain accurate and current contact information for the designated IT Admin and Reporting Contact.
  • Ensure all necessary permissions for integration or email delivery, including whitelisting or bypassing email security tools.
  • Maintain the confidentiality of any Program-related information provided.

Security and Privacy

  • The Provider will collect only minimal data necessary for the Program, including user names, email addresses, department, and company name.
  • User data will be used solely for delivering phishing simulations, training, and reporting.
  • The Provider’s privacy practices are outlined in its Privacy Policy, available at RLS Consulting Privacy Policy.
  • The Provider does not guarantee immunity from phishing attacks or other cybersecurity threats and is not liable for any breach or damage arising outside the scope of the Program.

Intellectual Property

  • All training materials, reports, and related content provided as part of the Program (“Program Content”) are the intellectual property of the Provider.
  • The Client is granted a non-exclusive, non-transferable, revocable license to use the Program Content solely for the purposes of internal training and awareness for their designated users.
  • The Client may not copy, distribute, modify, or share the Program Content outside of their organization without the Provider’s prior written consent.
  • Unauthorized use or distribution of the Program Content may result in termination of the Client’s participation in the Program and potential legal action.

Third-Party Platform Use

  • The Program operates on a third-party platform (“Platform”), currently provided by Phishr. The Platform’s privacy policy can be reviewed at Phishr Privacy Policy.
  • The Provider reserves the right to change the Platform used to manage the Program at its discretion.

Disclaimers and Liability

  • The Provider is not responsible for damages, breaches, or losses resulting from Client actions or external threats.
  • The Program is designed as an educational tool and does not guarantee comprehensive protection from phishing or other cybersecurity risks.

Cancellation and Refunds

  • No refunds will be issued for the Program. Subscription commitments are managed through the Parent Organization, and cancellation requests must be addressed with them.
  • The Client’s subscription is valid for a one-year term unless terminated by the Parent Organization.

Compliance with Laws

  • The Provider adheres to applicable U.S. data privacy laws and references the Platform’s compliance with GDPR and other international data protection standards.

Governing Law and Jurisdiction

  • This agreement is governed by the laws of the State of Colorado, United States. Any disputes shall be resolved in the courts located within the state of Colorado.

Acceptance

By checking the “I Agree” box during registration, you confirm that you have read, understood, and agree to these Terms and Conditions.