Terms of Service

1. Definitions

• "Service" — the PhishGuard email security add-in for Microsoft Outlook and Google Gmail, and all associated APIs, dashboards, and infrastructure.
• "Customer" — the organisation or individual that has signed up for a PhishGuard trial or subscription.
• "User" — any individual who uses the Service under a Customer's account.
• "False Negative" — a phishing or malicious email that the Service fails to detect or flag.
• "False Positive" — a legitimate email that the Service incorrectly flags as suspicious or malicious.
• "Subscription Fees" — the monthly per-user fees payable for access to the Service.

2. Acceptance of Terms

By signing up for a trial, activating a subscription, deploying the PhishGuard add-in, or otherwise accessing the Service, you agree to be bound by these Terms of Service on behalf of yourself and your organisation.

If you do not agree to these terms, you must not use the Service. These Terms of Service should be read alongside our Privacy Policy. Together they form the complete agreement between you and PhishGuard.

3. Description of the Service

PhishGuard is an email security tool that integrates with Microsoft Outlook (via a Microsoft 365 add-in) and Google Gmail (via a Google Workspace add-on). The Service analyses email metadata — including sender information, subject lines, URLs, and authentication records — to assess the risk that an email may be a phishing attempt or fraudulent communication.

When the Service identifies potential indicators of phishing, it alerts the User via a warning banner displayed within their email client. The Service is a detection aid only. It does not block, quarantine, delete, or otherwise prevent emails from being delivered to users' inboxes.

4. Best Effort Disclaimer — No Guarantee of Detection

PhishGuard is provided on a best-effort basis. We do not guarantee, represent, or warrant that the Service will detect all phishing emails, malicious links, fraudulent senders, or other email-based threats.

4.1 Inherent Limitations

Phishing and email-based fraud techniques evolve continuously. Sophisticated threat actors regularly deploy novel tactics that may not be detected by automated systems, including PhishGuard. No email security tool can achieve 100% detection accuracy.

4.2 False Negatives

The Customer and all Users expressly acknowledge that False Negatives will occur. A phishing email that PhishGuard does not flag is not evidence of a service failure. Users must continue to apply their own judgement when reading emails, regardless of whether PhishGuard raises an alert.

4.3 False Positives

The Service may also produce False Positives — flagging legitimate emails as suspicious. PhishGuard shall not be liable for any action taken or not taken by a User in response to a False Positive.

4.4 No Warranty

The Service is provided "as is" and "as available" without warranty of any kind, either express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement.

5. Limitation of Liability

To the maximum extent permitted by applicable law, PhishGuard's total cumulative liability to you for any and all claims arising out of or related to these terms or the Service shall not exceed the total Subscription Fees paid by you in the 12 months preceding the claim.

5.1 Exclusion of Consequential Loss

PhishGuard shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, loss of data, loss of goodwill, business interruption, or the cost of substitute services — even if advised of the possibility of such damages.

5.2 Security Is a Shared Responsibility

Effective email security requires a layered approach. PhishGuard is one layer. The Customer is responsible for maintaining additional security controls, training users, and implementing appropriate incident response procedures. If a phishing email gets through and causes a loss, we have built PhishGuard to minimise this risk — however, we cannot accept liability for losses caused by threats the Service did not detect.

6. Customer and User Responsibilities

By using the Service, the Customer agrees to:

• Deploy and configure the Service in accordance with our documentation.
• Ensure Users understand that PhishGuard is a detection aid and not a guarantee of protection.
• Maintain appropriate additional security controls (multi-factor authentication, security training, etc.).
• Notify PhishGuard promptly of any security incidents or suspected breaches.
• Use the Service only for lawful purposes and in accordance with these terms.
• Keep account credentials secure and not share admin keys with unauthorised parties.

7. Subscriptions, Billing & Cancellation

7.1 Free Trial

PhishGuard offers a 30-day free trial. No credit card is required to start a trial. At the end of the trial period, the Service will continue to function but you will be prompted to subscribe to maintain access.

7.2 Subscription Plans

The Service is offered on the following plans:

• Starter — $3.99 per month flat rate. Core phishing detection for up to 10 users.
• Professional — $7.99 per user per month. Core phishing detection for teams of 11–99 users.
• Enterprise — $19.99 per user per month. Advanced threat intelligence, admin portal, and CSV export. Recommended for 100+ users or organisations requiring advanced features.

Prices are subject to change. We will provide at least 30 days' notice of any price increase before it takes effect for existing subscribers.

7.3 Usage-Based Billing

PhishGuard uses usage-based per-user billing. At the end of your free trial, we count the number of distinct users who actively used the Service during the trial period. Your subscription is priced based on this actual usage count.

Each month thereafter, we automatically reconcile your subscription quantity against your active user count (users who opened at least one email while PhishGuard was active in the previous 30 days). If your active user count changes, we will update your subscription quantity accordingly — either via PayPal's subscription API automatically, or by notifying you by email to confirm the change.

You are responsible for ensuring your subscription reflects your actual usage. PhishGuard is not responsible for under-billing that results from users who were active but not captured in scan event data due to technical issues.

7.4 Payment

Subscriptions are billed monthly via PayPal. By subscribing you authorise us to charge the applicable Subscription Fees each month until you cancel. Your personalised billing page (emailed at the end of your trial) shows your exact user count and monthly cost.

7.5 Account Freeze

If your subscription lapses, your account will enter a 7-day grace period during which the Service continues to function. After 7 days without payment, your account will be frozen and the Service will be disabled for all users in your organisation. Your account will be unfrozen automatically upon receipt of a valid payment.

7.6 Cancellation

You may cancel your subscription at any time through PayPal or by contacting hello@phishguardd.com. Cancellation takes effect at the end of the current billing period. We do not offer refunds for partial periods.

7.7 Failed Payments

If a payment fails, we will notify you and retry. If payment is not received within 14 days of the due date, your account will enter the freeze process described in Section 7.5.

8. Acceptable Use

You agree not to use the Service to:

• Reverse engineer, decompile, or attempt to extract the source code of the Service.
• Resell, sublicence, or make the Service available to third parties without our written consent.
• Interfere with or disrupt the integrity or performance of the Service or its infrastructure.
• Attempt to gain unauthorised access to the Service or its related systems.
• Use the Service in any way that violates applicable laws or regulations.
• Use automated scripts or bots to access the Service in a manner that exceeds normal usage.

We reserve the right to suspend or terminate access to the Service immediately and without notice if we reasonably believe you are in breach of this section.

9. Data & Privacy

9.1 What We Process

To provide the Service, PhishGuard processes the following data from emails scanned by the add-in: sender email address and domain, subject line (hashed), URLs found in the email body, email authentication results (SPF, DKIM, DMARC), risk score and verdict, and threat flags. PhishGuard does not store, transmit, or process the full body content of emails — body analysis is performed locally within your email client.

9.2 Data Storage

Scan results and licence data are stored on servers hosted at guardedhost.com. Data is retained for 12 months from the date of each scan, then automatically deleted.

9.3 Third-Party Services

On Enterprise plans, URLs extracted from emails may be submitted to VirusTotal and Google Safe Browsing for threat intelligence. By using the Enterprise plan, you consent to this processing.

9.4 GDPR

Where the Customer is based in the United Kingdom or European Economic Area, PhishGuard acts as a data processor in relation to scan data. Our full Privacy Policy is available at phishguardd.com/privacy.html.

10. Intellectual Property

All intellectual property rights in the Service — including the software, algorithms, user interface, documentation, and all related materials — are owned by Star LLC. Nothing in these terms transfers any intellectual property rights to you.

You are granted a limited, non-exclusive, non-transferable, revocable licence to use the Service during the term of your subscription, solely for your internal business purposes and in accordance with these terms.

11. Termination

Either party may terminate these terms at any time. You may terminate by cancelling your subscription. We may terminate your access immediately if you breach these terms, fail to pay Subscription Fees, or for any other reason at our reasonable discretion with 30 days' notice.

On termination, your licence to use the Service ends immediately. Sections 4, 5, 9, 10, 12, and 13 survive termination.

12. Indemnification

You agree to indemnify, defend, and hold harmless PhishGuard and its officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or related to your use of the Service, your violation of these terms, or your violation of any applicable law or third-party rights.

13. Governing Law & Disputes

These terms are governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions.

Before initiating any formal legal proceedings, both parties agree to attempt to resolve any dispute informally by contacting legal@phishguardd.com and engaging in good-faith negotiations for at least 30 days.

If you are located outside the United States, local mandatory consumer protection or data protection laws may apply to your use of the Service in addition to these terms.

14. Changes to These Terms

We may update these Terms of Service from time to time. When we make material changes, we will notify you by email at least 14 days before the changes take effect and update the "Last updated" date at the top of this page. Your continued use of the Service after the effective date of updated terms constitutes your acceptance of those terms.

15. Contact

If you have any questions about these Terms of Service, please contact us at:

These Terms of Service were prepared for informational purposes. They do not constitute legal advice. PhishGuard strongly recommends having these terms reviewed by a qualified legal professional.