Plain-language summary: You're an MSP subscribing to PhishNet to analyse phishing emails for your clients. You keep ownership of your data. We keep your data secure and use it only to deliver the service. You pay on a 28-day billing cycle with no overage charges — if you hit your limit, processing pauses until the next period.
"Agreement" means these Terms of Service together with any Order Form or subscription confirmation.
"MSP" or "Customer" means the Managed Service Provider subscribing to PhishNet.
"End Users" means the employees of the MSP's clients whose emails may be processed by the Service.
"Service" means the PhishNet platform, including the analysis pipeline, MSP admin portal, technician interface, and all related APIs.
"Content" means emails, attachments, and associated metadata submitted to PhishNet for analysis.
The Service is intended for use by Managed Service Providers operating in a professional capacity. By subscribing, you represent that:
PhishNet bills on 28-day cycles rather than calendar months. This ensures consistent billing periods regardless of month length. Annual subscriptions cover 13 periods for the price of 12 (one free period).
There are no overage charges. When your monthly email analysis limit is reached, PhishNet will pause processing of new emails until your next billing cycle begins or you upgrade your plan. Emails received during a pause are not lost — they are queued and processed once capacity is restored.
You may configure PhishNet to notify your team when approaching the limit (at 75%, 90%, and/or when 5 analyses remain).
You may upgrade your plan at any time — the difference in cost will be prorated to your current billing cycle. Downgrades take effect at the start of the next billing cycle.
You may cancel your subscription at any time. Your access remains active through the end of the current billing period. No refunds are issued for partial periods except where required by applicable law.
PhishNet may terminate your account for material breach of these Terms, with notice where practicable.
You agree to use the Service only for legitimate phishing analysis and email security purposes. You must not:
MSPs may provide custom instructions that are injected into the AI analysis context. These instructions are reviewed by PhishNet before activation. Instructions that attempt to:
…will be rejected without activation. Repeated attempts may result in account suspension.
You retain ownership of all Content submitted to PhishNet. By submitting Content, you grant PhishNet a limited licence to process it for the sole purpose of delivering the Service.
PhishNet acts as a data processor on your behalf. You remain the data controller responsible for ensuring you have appropriate basis to submit End User data for processing.
Our data processing practices are described in the Privacy Policy.
MSPs may opt in to PhishNet's anonymous threat intelligence network. Participation is voluntary. By opting in, you agree that:
You may opt out of the network at any time from your Settings.
PhishNet targets 99.5% monthly uptime for the analysis pipeline, excluding scheduled maintenance. We use third-party services (AI APIs, threat reputation feeds) whose availability is outside our direct control; downtime of these services may affect analysis quality without constituting a breach of this Agreement.
We will publish service status at status.phishnet.ca.
PhishNet retains all intellectual property rights in the platform, software, analysis models, and documentation. You receive a limited, non-exclusive, non-transferable licence to use the Service during your subscription.
The Service is provided "as is". PhishNet does not warrant that:
Analysis verdicts are advisory and should be reviewed by a qualified technician before remediation actions are taken.
To the maximum extent permitted by applicable law, PhishNet's total liability to you for any claim arising from this Agreement shall not exceed the fees paid by you in the 3 months preceding the claim. PhishNet shall not be liable for indirect, incidental, consequential, or punitive damages.
We may update these Terms from time to time. Material changes will be communicated by email at least 30 days before they take effect. Continued use of the Service after that date constitutes acceptance of the revised Terms.
These Terms are governed by the laws of the Province of British Columbia and the federal laws of Canada applicable therein, without regard to conflict of law principles.
Questions about these Terms: legal@phishnet.ca